Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Ab-hwLaFaR6x6Ki_0J7S5OvATP8.roa
File: Ab-hwLaFaR6x6Ki_0J7S5OvATP8.roa (raw, json)
Hash identifier: 52s14RZmC4RAzhOXGD5lBt3z6Zhtac+TkSTGYNZjRns=
Subject key identifier: 01:BF:A1:C0:B6:85:69:1E:B1:E8:A8:BF:D0:9E:D2:E4:EB:C0:4C:FF
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018CC7951E7B89D98409D11953922FBD207F
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Ab-hwLaFaR6x6Ki_0J7S5OvATP8.roa
Signing time: Tue 02 Jan 2024 00:31:27 +0000
ROA not before: Tue 02 Jan 2024 00:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49392
IP address blocks: 194.165.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1e:7b:89:d9:84:09:d1:19:53:92:2f:bd:20:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 00:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01bfa1c0b685691eb1e8a8bfd09ed2e4ebc04cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:af:9a:5c:ab:97:72:e1:de:81:12:ce:9c:
48:0b:3e:75:4b:3b:50:14:f3:fe:05:bb:44:bf:55:
dd:5f:f2:b0:3c:8e:a5:66:1d:20:d3:16:23:4d:61:
dd:26:79:b6:e9:c3:70:22:12:77:2b:fb:e1:71:50:
d1:65:d8:af:4c:d5:56:5b:c3:11:65:d2:79:61:25:
bd:ab:1f:a5:3a:c2:c3:36:76:52:ed:70:47:ef:66:
48:72:e4:80:5d:44:ed:2b:cc:11:f2:8d:df:7b:ef:
dd:a8:74:29:61:aa:f1:f6:e7:9d:43:93:15:b2:ea:
36:c6:30:f9:00:f6:d7:2c:31:52:d2:1e:c9:2f:1d:
1d:de:02:9f:68:9a:94:7a:9c:91:16:35:98:83:35:
7d:2f:27:8a:f6:db:d9:36:6a:6f:22:f4:eb:3f:a8:
a5:9c:b5:54:a7:5b:1e:68:38:53:e3:53:9f:2b:25:
1d:56:f4:16:11:f2:5c:bd:52:85:fd:fc:90:eb:69:
24:2a:65:ca:d1:6c:fb:1e:03:2c:5d:70:4b:4a:2a:
cf:fe:33:9a:74:52:14:41:ee:92:ca:f2:3e:ac:70:
8d:84:49:2f:50:e7:ac:7e:c0:e6:2b:99:b4:cd:db:
1c:45:54:74:85:e5:f7:f4:0e:12:88:f8:c7:33:2d:
6e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BF:A1:C0:B6:85:69:1E:B1:E8:A8:BF:D0:9E:D2:E4:EB:C0:4C:FF
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Ab-hwLaFaR6x6Ki_0J7S5OvATP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:7f:07:a9:eb:be:74:1f:17:b4:ec:f5:4c:1b:f7:9a:c7:1c:
cb:af:6a:d8:3d:08:92:43:09:e5:70:80:bd:fc:8e:ba:c0:50:
b5:dd:fd:b4:02:45:60:ad:2c:bd:b7:7b:8a:43:3e:c8:e9:a8:
d7:9e:cf:d3:52:08:d7:55:c1:5c:fa:cf:73:73:6d:01:f5:a3:
e4:d1:a0:db:83:61:98:8f:47:e3:6f:fc:50:49:1d:ba:79:69:
a7:16:34:ea:7f:b4:95:95:2e:f2:02:2e:6a:23:df:ed:d0:58:
fa:f2:7b:d4:76:4b:97:c0:e4:2a:da:50:46:77:fd:d2:35:34:
a8:25:98:71:c9:ef:2b:59:fa:ee:87:cb:9e:03:de:fb:25:1f:
b6:f2:82:81:1d:d1:b7:a4:9c:82:ce:e9:e3:dd:3e:2b:f7:55:
8c:b1:92:cb:f0:d4:f9:f0:07:c7:b4:2f:3d:c8:4f:06:52:11:
ed:80:16:39:58:82:e9:46:c3:f6:83:da:cf:d3:be:79:f4:72:
4c:a2:9d:14:7c:cd:62:65:f7:8f:a6:e9:35:e7:e6:6e:eb:df:
4b:ce:69:f9:97:71:51:95:bb:05:da:12:8b:ad:ed:17:4e:5e:
52:ca:96:24:35:4b:d7:3b:1d:6f:a8:b7:b3:00:74:7f:d7:90:
3f:48:f7:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlR57idmECdEZU5IvvSB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTAyMDAzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJmYTFjMGI2ODU2OTFlYjFlOGE4YmZkMDllZDJlNGViYzA0Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjySvmlyrl3Lh3oESzpxICz51SztQ
FPP+BbtEv1XdX/KwPI6lZh0g0xYjTWHdJnm26cNwIhJ3K/vhcVDRZdivTNVWW8MR
ZdJ5YSW9qx+lOsLDNnZS7XBH72ZIcuSAXUTtK8wR8o3fe+/dqHQpYarx9uedQ5MV
suo2xjD5APbXLDFS0h7JLx0d3gKfaJqUepyRFjWYgzV9LyeK9tvZNmpvIvTrP6il
nLVUp1seaDhT41OfKyUdVvQWEfJcvVKF/fyQ62kkKmXK0Wz7HgMsXXBLSirP/jOa
dFIUQe6SyvI+rHCNhEkvUOesfsDmK5m0zdscRVR0heX39A4SiPjHMy1uQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAG/ocC2hWkeseiov9Ce0uTrwEz/MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvQWItaHdMYUZhUjZ4NktpXzBKN1M1T3ZBVFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqUDMA0G
CSqGSIb3DQEBCwUAA4IBAQC2fwep6750Hxe07PVMG/eaxxzLr2rYPQiSQwnlcIC9
/I66wFC13f20AkVgrSy9t3uKQz7I6ajXns/TUgjXVcFc+s9zc20B9aPk0aDbg2GY
j0fjb/xQSR26eWmnFjTqf7SVlS7yAi5qI9/t0Fj68nvUdkuXwOQq2lBGd/3SNTSo
JZhxye8rWfruh8ueA977JR+28oKBHdG3pJyCzunj3T4r91WMsZLL8NT58AfHtC89
yE8GUhHtgBY5WILpRsP2g9rP07559HJMop0UfM1iZfePpuk15+Zu699Lzmn5l3FR
lbsF2hKLre0XTl5SypYkNUvXOx1vqLezAHR/15A/SPdS
-----END CERTIFICATE-----
Generated at Wed May 1 23:21:00 2024 by rpki-client on console-ams.rpki-client.org