Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/1-vRSdKtXWz9Y8mE7p_Cq4jrVhwo.roa
File: 1-vRSdKtXWz9Y8mE7p_Cq4jrVhwo.roa (raw, json)
Hash identifier: nfJ5goiu4O+tWwlJChwreXXDqhJJCYf3x2gmK+c+gp8=
Subject key identifier: FA:F4:52:74:AB:57:5B:3F:58:F2:61:3B:A7:F0:AA:E2:3A:D5:87:0A
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 018CC42545597489697BABCCFEF8DB2FE6EF
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/1-vRSdKtXWz9Y8mE7p_Cq4jrVhwo.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 194.50.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:45:59:74:89:69:7b:ab:cc:fe:f8:db:2f:e6:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faf45274ab575b3f58f2613ba7f0aae23ad5870a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3b:d8:53:b5:c5:e5:a7:8e:35:dd:3c:4f:eb:
42:8b:fb:3f:4f:d6:2e:33:63:43:39:1d:8e:83:10:
3d:31:46:26:d6:07:bc:8b:d1:2c:a6:8d:31:fc:16:
d7:be:9c:11:6d:31:3a:69:47:69:35:04:04:f8:dc:
b3:ad:62:17:a8:51:7a:80:4a:5d:00:7a:f5:ad:fa:
7e:1f:1f:2e:24:5b:9d:88:3f:7e:92:42:29:25:5e:
89:fd:71:b6:b5:53:5f:39:d0:33:ba:51:d7:e2:6f:
16:cd:66:35:90:5d:60:05:0f:8e:b5:14:55:48:56:
83:2f:c1:52:36:de:4e:ce:4d:4e:e0:40:5c:30:24:
7c:a3:2f:cb:de:07:10:09:b4:eb:ea:4a:e1:a3:4c:
1f:77:e8:9a:2a:d2:cd:62:71:e8:28:57:36:66:e3:
90:fe:60:08:34:66:26:db:5d:52:6c:04:48:db:47:
44:6f:0e:c8:53:2d:b5:04:eb:32:ab:05:38:a8:32:
21:c2:50:1b:6f:ee:c2:e0:83:d1:02:26:59:9b:0d:
d7:32:cf:3c:ab:3f:b5:15:05:45:b2:10:d4:dd:e3:
fd:68:20:39:93:1b:3a:84:44:44:f6:dd:81:e1:70:
30:ca:a1:44:a5:77:d3:9c:c0:5e:3e:53:0c:b1:c8:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F4:52:74:AB:57:5B:3F:58:F2:61:3B:A7:F0:AA:E2:3A:D5:87:0A
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/1-vRSdKtXWz9Y8mE7p_Cq4jrVhwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.198.0/24
Signature Algorithm: sha256WithRSAEncryption
72:68:15:47:ec:ae:3d:b1:c1:4e:47:ac:f3:71:7d:b7:4f:30:
4d:9d:e1:3f:f2:b6:da:15:16:84:b8:ae:37:77:fa:1c:10:01:
41:05:00:58:50:70:bf:cf:f1:90:2e:ed:ea:16:1d:b9:5e:f6:
37:bc:b9:c0:ed:5e:ad:06:f2:50:31:b8:67:98:35:58:76:6e:
a4:a1:f6:63:ff:22:ad:4c:e3:0c:13:65:7b:0a:f2:76:57:f5:
d5:d4:cb:40:9c:ee:2b:78:0d:97:0e:69:81:15:b6:96:99:c9:
0f:3b:49:67:12:bc:66:4f:8b:7e:c8:c9:1e:2a:ef:94:93:9c:
97:b1:d9:db:14:1f:21:47:00:ec:6b:bb:7c:f1:e6:73:fe:ba:
0d:3a:8d:d8:c8:a6:17:f9:17:81:2c:cf:4d:eb:2c:e9:9f:74:
84:c5:09:2e:ca:33:68:78:6d:bf:99:45:ac:7c:a9:a4:62:38:
d4:ee:57:65:56:75:b6:b6:1c:da:1c:01:df:a6:9b:ab:3c:aa:
70:4b:ae:65:88:1c:3c:2c:05:60:a6:fc:df:18:a8:00:26:91:
73:64:91:cb:2b:32:e1:4e:a1:6e:cf:45:e9:97:a7:9c:6a:45:
67:ae:d1:aa:f6:04:ee:fe:5e:c9:0d:91:7a:7d:4b:58:d5:aa:
61:6e:e8:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJUVZdIlpe6vM/vjbL+bvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY0NTI3NGFiNTc1YjNmNThmMjYxM2JhN2YwYWFlMjNhZDU4NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDvYU7XF5aeONd08T+tCi/s/T9Yu
M2NDOR2OgxA9MUYm1ge8i9Espo0x/BbXvpwRbTE6aUdpNQQE+NyzrWIXqFF6gEpd
AHr1rfp+Hx8uJFudiD9+kkIpJV6J/XG2tVNfOdAzulHX4m8WzWY1kF1gBQ+OtRRV
SFaDL8FSNt5Ozk1O4EBcMCR8oy/L3gcQCbTr6krho0wfd+iaKtLNYnHoKFc2ZuOQ
/mAINGYm211SbARI20dEbw7IUy21BOsyqwU4qDIhwlAbb+7C4IPRAiZZmw3XMs88
qz+1FQVFshDU3eP9aCA5kxs6hERE9t2B4XAwyqFEpXfTnMBePlMMscjUqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPr0UnSrV1s/WPJhO6fwquI61YcKMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvMS12UlNkS3RYV3o5WThtRTdwX0NxNGpyVmh3by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTEvZDkyOTE5LTk2MmItNDQ4ZC05OGRiLTU5OTBlYTU4ZTAz
MC8xL1E4RmxsWlpxLXd1czhkZVRmeVJkYWdVaUlhTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIyxjAN
BgkqhkiG9w0BAQsFAAOCAQEAcmgVR+yuPbHBTkes83F9t08wTZ3hP/K22hUWhLiu
N3f6HBABQQUAWFBwv8/xkC7t6hYduV72N7y5wO1erQbyUDG4Z5g1WHZupKH2Y/8i
rUzjDBNlewrydlf11dTLQJzuK3gNlw5pgRW2lpnJDztJZxK8Zk+LfsjJHirvlJOc
l7HZ2xQfIUcA7Gu7fPHmc/66DTqN2MimF/kXgSzPTess6Z90hMUJLsozaHhtv5lF
rHyppGI41O5XZVZ1trYc2hwB36abqzyqcEuuZYgcPCwFYKb83xioACaRc2SRyysy
4U6hbs9F6ZennGpFZ67RqvYE7v5eyQ2Ren1LWNWqYW7oBA==
-----END CERTIFICATE-----
Generated at Mon May 6 21:33:54 2024 by rpki-client on console-ams.rpki-client.org