Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/nDXcV8J0qVis-IXBTc61jwYyaoI.roa
File: nDXcV8J0qVis-IXBTc61jwYyaoI.roa (raw, json)
Hash identifier: /l0ngvNsBK4kUJP27mrv3FHGo/LicHl2XwRHlO0oF78=
Subject key identifier: 9C:35:DC:57:C2:74:A9:58:AC:F8:85:C1:4D:CE:B5:8F:06:32:6A:82
Certificate issuer: /CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Certificate serial: 018CC7276ECA10B6CA1E7EC9BC0A42606D5A
Authority key identifier: 86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/nDXcV8J0qVis-IXBTc61jwYyaoI.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51368
IP address blocks: 193.104.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:6e:ca:10:b6:ca:1e:7e:c9:bc:0a:42:60:6d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c35dc57c274a958acf885c14dceb58f06326a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b8:d1:32:f1:b0:df:6e:ca:b3:30:ff:95:b3:
9b:50:9d:50:b1:67:a1:16:5b:c8:a1:c5:35:b4:48:
08:97:58:58:e7:b4:a4:55:b4:1f:7d:56:69:ac:3c:
79:32:3b:73:8c:ae:7a:11:31:6f:b7:6e:d4:3d:bf:
1f:84:b5:93:b2:b0:f0:03:9e:84:0c:4b:4d:5c:ba:
5e:0a:a7:55:a2:af:0e:4a:c5:9f:9b:eb:a0:53:aa:
82:28:bd:37:5b:25:b2:75:94:d6:aa:3a:f1:96:bc:
62:e1:98:a6:c9:75:70:34:bc:8b:d1:0f:b3:1a:c4:
2a:5f:7a:67:a3:f6:ed:ed:70:8b:35:4a:b4:7c:17:
99:fe:c8:39:d7:e1:c6:7e:10:76:4e:be:cf:e2:f3:
db:0e:32:bc:1f:2d:08:b2:8d:7d:e4:d7:23:17:f9:
f2:5e:2d:76:ba:61:ce:bc:17:af:bf:be:c9:4e:59:
4b:41:ea:31:b0:2d:a1:ce:c7:9d:f5:90:dd:c5:cc:
5d:97:54:7f:ca:e2:f2:00:fc:92:61:50:c1:7d:4b:
73:6f:c2:fe:93:c8:c8:4c:67:83:1d:f3:dd:5c:67:
5b:7a:3c:b4:3e:ba:99:a4:fa:af:7e:d9:1d:d0:6c:
9a:70:5b:0a:bc:20:88:14:6f:9a:d9:60:36:dd:82:
1f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:35:DC:57:C2:74:A9:58:AC:F8:85:C1:4D:CE:B5:8F:06:32:6A:82
X509v3 Authority Key Identifier:
keyid:86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/nDXcV8J0qVis-IXBTc61jwYyaoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.112.0/24
Signature Algorithm: sha256WithRSAEncryption
27:71:c7:c1:6c:8e:74:f6:9b:6a:89:3e:7b:ac:4b:ab:7e:7e:
fe:01:91:53:a5:d6:c5:51:75:30:da:a7:74:19:9f:d2:42:57:
70:e0:2f:6f:e8:60:3f:2a:02:25:91:0f:01:d5:ee:6c:a5:80:
b5:99:5b:a9:e9:a1:b8:67:49:c8:27:36:59:b7:2e:18:f8:e4:
0a:9b:e7:2c:d4:91:ae:c0:ea:cc:c2:28:d9:bb:a5:d4:f0:8c:
9c:e9:6d:7e:e3:2f:35:e3:b2:5e:e5:1f:7f:33:30:a7:77:78:
3d:74:20:30:be:a5:1c:ce:e0:6d:21:8b:90:01:9d:f3:7c:a9:
61:1f:f2:dc:d2:84:72:ba:e9:f3:84:fc:b2:a5:48:c3:69:6d:
8a:26:c4:ce:7d:d4:a3:d8:88:67:1b:d5:d5:23:f5:11:76:dd:
d3:36:30:49:6f:4d:62:a3:22:9e:55:f0:dd:5f:a7:fb:d7:ab:
96:0a:65:dd:47:16:0a:46:a2:49:1b:bd:7c:ca:3a:70:0d:27:
c8:c1:28:8f:69:0e:9d:f1:c0:d1:41:01:31:fd:05:22:2f:70:
9d:97:01:30:b5:16:d3:8f:35:f3:b4:3f:c7:e5:08:ae:a7:be:
d1:f2:55:fe:a8:17:2c:b1:4c:06:23:cf:ce:da:c2:1a:38:6a:
ba:17:54:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ27KELbKHn7JvApCYG1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2N2RkMDVhZDcyZGMyMmZiZWEzMDI5ZmNlZTkwZTZmYjA2
Mzg5MDQwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM1ZGM1N2MyNzRhOTU4YWNmODg1YzE0ZGNlYjU4ZjA2MzI2YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrjRMvGw327KszD/lbObUJ1QsWeh
FlvIocU1tEgIl1hY57SkVbQffVZprDx5MjtzjK56ETFvt27UPb8fhLWTsrDwA56E
DEtNXLpeCqdVoq8OSsWfm+ugU6qCKL03WyWydZTWqjrxlrxi4ZimyXVwNLyL0Q+z
GsQqX3pno/bt7XCLNUq0fBeZ/sg51+HGfhB2Tr7P4vPbDjK8Hy0Iso195NcjF/ny
Xi12umHOvBevv77JTllLQeoxsC2hzsed9ZDdxcxdl1R/yuLyAPySYVDBfUtzb8L+
k8jITGeDHfPdXGdbejy0PrqZpPqvftkd0GyacFsKvCCIFG+a2WA23YIfvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJw13FfCdKlYrPiFwU3OtY8GMmqCMB8GA1UdIwQY
MBaAFIZ90FrXLcIvvqMCn87pDm+wY4kEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYt
MjM5ZTVhYmZjYzZhLzEvbkRYY1Y4SjBxVmlzLUlYQlRjNjFqd1l5YW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYtMjM5ZTVhYmZjYzZh
LzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWhwMA0G
CSqGSIb3DQEBCwUAA4IBAQAnccfBbI509ptqiT57rEurfn7+AZFTpdbFUXUw2qd0
GZ/SQldw4C9v6GA/KgIlkQ8B1e5spYC1mVup6aG4Z0nIJzZZty4Y+OQKm+cs1JGu
wOrMwijZu6XU8Iyc6W1+4y8147Je5R9/MzCnd3g9dCAwvqUczuBtIYuQAZ3zfKlh
H/Lc0oRyuunzhPyypUjDaW2KJsTOfdSj2IhnG9XVI/URdt3TNjBJb01ioyKeVfDd
X6f716uWCmXdRxYKRqJJG718yjpwDSfIwSiPaQ6d8cDRQQEx/QUiL3CdlwEwtRbT
jzXztD/H5Qiup77R8lX+qBcssUwGI8/O2sIaOGq6F1Q7
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:08 2024 by rpki-client on console-fra.rpki-client.org