Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Dk0pfIg8YqWyY_3RrBWdnN1GV3M.roa
File: Dk0pfIg8YqWyY_3RrBWdnN1GV3M.roa (raw, json)
Hash identifier: kegvfqEIiNBVkJJoxo4vcTPEvO1b2cN435KWv6jgAZ4=
Subject key identifier: 0E:4D:29:7C:88:3C:62:A5:B2:63:FD:D1:AC:15:9D:9C:DD:46:57:73
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 018CC4254612BC26F3E0C9EC9720526C2474
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Dk0pfIg8YqWyY_3RrBWdnN1GV3M.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60010
IP address blocks: 194.50.199.0/24 maxlen: 24
194.50.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:46:12:bc:26:f3:e0:c9:ec:97:20:52:6c:24:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e4d297c883c62a5b263fdd1ac159d9cdd465773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:08:f0:69:8e:94:d1:82:9b:ab:0f:55:89:
8e:c2:12:fe:41:6b:0c:16:03:ab:0d:7d:bc:c4:ba:
07:63:f5:ec:26:27:2f:86:1e:20:80:a9:92:11:21:
9c:31:ab:0f:07:11:c1:7f:bf:95:62:df:d9:e4:50:
8a:06:b6:a1:3a:5b:d3:49:c4:ed:d7:b6:a5:bc:7f:
ff:9a:57:95:50:c2:23:3f:33:b7:4e:65:31:05:6a:
3c:1b:4d:05:6c:ca:3c:e7:fd:0c:1c:ca:59:ce:d2:
27:38:e9:c3:6c:3e:46:1b:ce:b1:02:c8:1d:f0:02:
82:6a:19:65:03:da:eb:09:54:cb:bc:cd:b9:25:81:
eb:23:e1:cd:d7:8c:82:01:83:6b:51:43:67:99:b1:
68:2f:2f:02:ac:ff:6b:2a:e0:6c:0d:cd:41:b0:56:
dc:62:ca:5a:07:9a:0c:8b:fd:84:7f:6d:ec:8e:82:
ca:e9:1a:c2:ed:db:67:04:9c:5a:c4:5e:d5:6c:c9:
db:58:96:1f:a0:fe:f5:c5:c3:35:de:75:64:44:e2:
44:b3:34:4e:dd:6f:76:24:7f:cb:ee:cd:dc:2a:14:
8b:eb:84:d8:fb:eb:9a:be:2a:fa:3a:e6:6a:b4:cf:
fa:e5:3a:61:87:b8:7e:70:a3:96:3a:3a:dd:31:85:
27:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4D:29:7C:88:3C:62:A5:B2:63:FD:D1:AC:15:9D:9C:DD:46:57:73
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Dk0pfIg8YqWyY_3RrBWdnN1GV3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.196.0/24
194.50.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:35:36:7e:a8:66:6a:88:97:0b:d0:42:ea:f8:bd:f1:81:d8:
6e:89:d2:5f:96:1a:93:3d:67:d0:62:84:0e:ab:ab:77:fc:5d:
e2:f7:45:09:e7:4a:5e:9d:bf:63:2b:97:2d:e6:86:f9:6c:ea:
f2:aa:b3:73:fc:08:c3:5e:18:ea:2a:85:fb:e0:ab:3a:e0:a6:
4a:35:bb:fd:cb:a0:d8:d6:d6:3f:85:06:06:2e:d6:92:b4:fa:
92:cc:97:79:c2:65:7d:39:33:fd:3e:a3:61:ce:54:f1:da:02:
dd:7b:e7:fe:be:fc:39:50:85:70:4e:e3:8f:7c:e0:32:02:39:
ac:b2:0e:07:a4:37:8d:57:93:11:0a:02:3a:11:e9:d2:33:d9:
93:6d:fc:e3:56:f7:1b:1f:e0:1b:44:48:fc:42:5b:bb:4b:eb:
11:b3:f5:7b:ee:10:8b:54:21:29:28:b2:bc:61:55:51:ab:61:
9b:63:1c:9c:54:00:13:91:3c:59:57:bd:60:c2:91:55:f6:eb:
37:dc:3c:95:d4:64:2b:f8:7f:5c:f7:96:91:52:a3:43:7c:e9:
af:26:db:74:9a:6e:4d:90:02:9d:7f:a0:06:11:03:40:d6:29:
14:89:f4:0f:2e:3d:01:b8:04:0d:7f:e0:11:43:83:70:e6:13:
7a:8c:76:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJUYSvCbz4MnslyBSbCR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTRkMjk3Yzg4M2M2MmE1YjI2M2ZkZDFhYzE1OWQ5Y2RkNDY1NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx0I8GmOlNGCm6sPVYmOwhL+QWsM
FgOrDX28xLoHY/XsJicvhh4ggKmSESGcMasPBxHBf7+VYt/Z5FCKBrahOlvTScTt
17alvH//mleVUMIjPzO3TmUxBWo8G00FbMo85/0MHMpZztInOOnDbD5GG86xAsgd
8AKCahllA9rrCVTLvM25JYHrI+HN14yCAYNrUUNnmbFoLy8CrP9rKuBsDc1BsFbc
YspaB5oMi/2Ef23sjoLK6RrC7dtnBJxaxF7VbMnbWJYfoP71xcM13nVkROJEszRO
3W92JH/L7s3cKhSL64TY++uavir6OuZqtM/65Tphh7h+cKOWOjrdMYUnvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA5NKXyIPGKlsmP90awVnZzdRldzMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvRGswcGZJZzhZcVd5WV8zUnJCV2RuTjFHVjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjLEAwQA
wjLHMA0GCSqGSIb3DQEBCwUAA4IBAQB8NTZ+qGZqiJcL0ELq+L3xgdhuidJflhqT
PWfQYoQOq6t3/F3i90UJ50penb9jK5ct5ob5bOryqrNz/AjDXhjqKoX74Ks64KZK
Nbv9y6DY1tY/hQYGLtaStPqSzJd5wmV9OTP9PqNhzlTx2gLde+f+vvw5UIVwTuOP
fOAyAjmssg4HpDeNV5MRCgI6EenSM9mTbfzjVvcbH+AbREj8Qlu7S+sRs/V77hCL
VCEpKLK8YVVRq2GbYxycVAATkTxZV71gwpFV9us33DyV1GQr+H9c95aRUqNDfOmv
Jtt0mm5NkAKdf6AGEQNA1ikUifQPLj0BuAQNf+ARQ4Nw5hN6jHbG
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:48:34 2024 by rpki-client on console-fra.rpki-client.org