Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/088a21-6214-49fa-a8f7-912e78c2f2eb/1/jhw7BmvJ9pdPWLtAi1mTZAViLrE.roa
File: jhw7BmvJ9pdPWLtAi1mTZAViLrE.roa (raw, json)
Hash identifier: z6+a8tFTEAQ4+Ydh1AtV64RM/5NN2HVyeSGMoqbSjFI=
Subject key identifier: 8E:1C:3B:06:6B:C9:F6:97:4F:58:BB:40:8B:59:93:64:05:62:2E:B1
Certificate issuer: /CN=0f784ebe35e41b610be154473bc219d0ad25278f
Certificate serial: 018F577B1AB47F3E179E8143EAF8BC71FE10
Authority key identifier: 0F:78:4E:BE:35:E4:1B:61:0B:E1:54:47:3B:C2:19:D0:AD:25:27:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3hOvjXkG2EL4VRHO8IZ0K0lJ48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/088a21-6214-49fa-a8f7-912e78c2f2eb/1/jhw7BmvJ9pdPWLtAi1mTZAViLrE.roa
Signing time: Wed 08 May 2024 09:13:56 +0000
ROA not before: Wed 08 May 2024 09:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215252
IP address blocks: 194.62.44.0/24 maxlen: 24
2001:67c:13a8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/088a21-6214-49fa-a8f7-912e78c2f2eb/1/D3hOvjXkG2EL4VRHO8IZ0K0lJ48.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/088a21-6214-49fa-a8f7-912e78c2f2eb/1/D3hOvjXkG2EL4VRHO8IZ0K0lJ48.mft
rsync://rpki.ripe.net/repository/DEFAULT/D3hOvjXkG2EL4VRHO8IZ0K0lJ48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:7b:1a:b4:7f:3e:17:9e:81:43:ea:f8:bc:71:fe:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f784ebe35e41b610be154473bc219d0ad25278f
Validity
Not Before: May 8 09:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e1c3b066bc9f6974f58bb408b59936405622eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d3:a0:52:49:04:99:41:55:eb:ed:30:04:b3:
8c:da:2e:6e:e1:58:8c:ad:13:83:85:01:72:2d:15:
4f:5a:4b:86:7a:97:bd:c8:30:27:77:c2:24:42:29:
47:0c:a2:67:5d:22:7a:83:31:c9:70:e5:41:64:62:
49:41:14:84:02:d8:7b:7b:01:59:b4:85:91:e6:37:
3d:d1:4a:c6:e0:43:04:a9:a9:5d:f2:09:36:17:45:
35:58:f1:75:e0:f3:58:c5:48:b8:31:61:3c:b6:b2:
3a:cc:9c:05:9e:0a:95:c3:40:30:b3:e8:ef:8f:49:
8c:db:d4:8d:cf:48:85:95:1d:f2:90:4f:9b:6e:77:
a2:26:33:57:af:50:27:8d:26:40:d8:9b:35:49:39:
86:ff:8e:7d:5f:fe:dc:12:70:5a:8d:91:5c:7b:b9:
b6:01:ea:fa:f1:60:af:93:08:f5:2c:dd:18:ec:db:
dc:8d:ce:ea:80:60:33:ba:16:06:db:a0:e4:a5:78:
86:fe:e4:8b:99:30:63:b4:10:d0:ac:52:86:1f:12:
e2:66:7f:0b:28:a6:97:13:02:a0:f7:99:a2:b5:26:
d9:eb:33:13:cf:0c:7c:9c:6e:c8:5a:8c:72:3c:5f:
82:dd:ba:99:a7:77:46:9b:cc:db:95:28:51:0d:bc:
c7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1C:3B:06:6B:C9:F6:97:4F:58:BB:40:8B:59:93:64:05:62:2E:B1
X509v3 Authority Key Identifier:
keyid:0F:78:4E:BE:35:E4:1B:61:0B:E1:54:47:3B:C2:19:D0:AD:25:27:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3hOvjXkG2EL4VRHO8IZ0K0lJ48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/088a21-6214-49fa-a8f7-912e78c2f2eb/1/jhw7BmvJ9pdPWLtAi1mTZAViLrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/088a21-6214-49fa-a8f7-912e78c2f2eb/1/D3hOvjXkG2EL4VRHO8IZ0K0lJ48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.44.0/24
IPv6:
2001:67c:13a8::/48
Signature Algorithm: sha256WithRSAEncryption
45:7e:49:77:6c:c8:aa:09:33:92:45:3c:de:8a:0f:51:0b:be:
6f:b7:23:a9:f2:16:02:e0:43:08:f0:a2:2c:79:80:1f:47:60:
14:0e:8d:fa:75:c6:5b:dc:7e:bf:6b:7a:7a:c0:41:5b:ad:2c:
5d:86:97:e7:1e:44:9c:e4:dc:9b:1d:3b:fb:b7:ca:77:4a:0f:
56:da:84:85:fe:13:28:8f:b6:04:97:bb:af:67:60:56:a9:be:
f3:8b:47:3a:5b:45:a9:b0:2e:47:6e:c4:d1:61:03:26:30:fe:
a1:fd:40:34:14:61:0a:f8:18:b8:81:db:dc:de:b6:6e:a7:d1:
1f:b8:a8:15:f0:68:6b:55:cc:3b:da:e6:a2:f7:0b:ab:1a:3b:
5e:4c:70:31:62:af:34:d3:3e:a5:a7:94:06:e5:d5:14:9a:4e:
bd:ad:7b:df:34:4f:44:51:af:c0:fc:14:e6:1c:a6:20:4f:1b:
6d:50:0e:b7:70:3e:e4:b1:3f:1b:9d:e5:d9:cb:f9:d3:41:3a:
98:a7:3e:34:ae:09:2d:b7:6d:e2:2e:5e:d5:7c:00:5c:67:93:
69:78:1a:e8:3d:dd:b0:37:b2:01:0d:3c:0f:20:ed:2b:61:c1:
48:ed:4f:d6:38:87:0f:c5:63:7f:f1:85:4a:ad:cf:af:ec:80:
29:78:c0:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Xexq0fz4XnoFD6vi8cf4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzg0ZWJlMzVlNDFiNjEwYmUxNTQ0NzNiYzIxOWQwYWQy
NTI3OGYwHhcNMjQwNTA4MDkxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTFjM2IwNjZiYzlmNjk3NGY1OGJiNDA4YjU5OTM2NDA1NjIyZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tOgUkkEmUFV6+0wBLOM2i5u4ViM
rRODhQFyLRVPWkuGepe9yDAnd8IkQilHDKJnXSJ6gzHJcOVBZGJJQRSEAth7ewFZ
tIWR5jc90UrG4EMEqald8gk2F0U1WPF14PNYxUi4MWE8trI6zJwFngqVw0Aws+jv
j0mM29SNz0iFlR3ykE+bbneiJjNXr1AnjSZA2Js1STmG/459X/7cEnBajZFce7m2
Aer68WCvkwj1LN0Y7Nvcjc7qgGAzuhYG26DkpXiG/uSLmTBjtBDQrFKGHxLiZn8L
KKaXEwKg95mitSbZ6zMTzwx8nG7IWoxyPF+C3bqZp3dGm8zblShRDbzHnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI4cOwZryfaXT1i7QItZk2QFYi6xMB8GA1UdIwQY
MBaAFA94Tr415BthC+FURzvCGdCtJSePMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNoT3ZqWGtHMkVMNFZSSE84SVowSzBsSjQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8wODhhMjEtNjIxNC00OWZhLWE4Zjct
OTEyZTc4YzJmMmViLzEvamh3N0Jtdko5cGRQV0x0QWkxbVRaQVZpTHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8wODhhMjEtNjIxNC00OWZhLWE4ZjctOTEyZTc4YzJmMmVi
LzEvRDNoT3ZqWGtHMkVMNFZSSE84SVowSzBsSjQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwj4sMA8E
AgACMAkDBwAgAQZ8E6gwDQYJKoZIhvcNAQELBQADggEBAEV+SXdsyKoJM5JFPN6K
D1ELvm+3I6nyFgLgQwjwoix5gB9HYBQOjfp1xlvcfr9renrAQVutLF2Gl+ceRJzk
3JsdO/u3yndKD1bahIX+EyiPtgSXu69nYFapvvOLRzpbRamwLkduxNFhAyYw/qH9
QDQUYQr4GLiB29zetm6n0R+4qBXwaGtVzDva5qL3C6saO15McDFirzTTPqWnlAbl
1RSaTr2te980T0RRr8D8FOYcpiBPG21QDrdwPuSxPxud5dnL+dNBOpinPjSuCS23
beIuXtV8AFxnk2l4Gug93bA3sgENPA8g7SthwUjtT9Y4hw/FY3/xhUqtz6/sgCl4
wF8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:39:55 2024 by rpki-client on console-fra.rpki-client.org