Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/CHK5FNCInKlUSnxo8HWdcMyIcrM.roa
File: CHK5FNCInKlUSnxo8HWdcMyIcrM.roa (raw, json)
Hash identifier: Y9pipGuSuycIfeSpcvHeOGqArbx5mGttSVYW+qHlUcM=
Subject key identifier: 08:72:B9:14:D0:88:9C:A9:54:4A:7C:68:F0:75:9D:70:CC:88:72:B3
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018EBD5FBF1A5719FBC2F96F0DB51645E228
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/CHK5FNCInKlUSnxo8HWdcMyIcrM.roa
Signing time: Mon 08 Apr 2024 11:02:32 +0000
ROA not before: Mon 08 Apr 2024 11:02:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 94.232.248.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:5f:bf:1a:57:19:fb:c2:f9:6f:0d:b5:16:45:e2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 8 11:02:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0872b914d0889ca9544a7c68f0759d70cc8872b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0e:08:cb:ef:e0:3d:74:54:54:be:57:48:f1:
e4:62:13:ce:be:50:79:2f:ba:80:8c:aa:e1:53:ae:
cf:b7:b0:c8:57:e5:c3:bd:c3:dc:29:f5:1a:ef:82:
f7:7a:10:a9:ae:31:c2:19:4a:22:d8:a4:61:2c:97:
e5:9d:1b:11:69:d8:40:43:2c:e6:a2:fc:5e:c9:52:
47:41:4d:5f:6c:b1:8e:03:63:be:13:9a:83:28:17:
b0:dd:21:14:67:fe:49:1c:69:30:ff:be:6a:ec:0e:
4e:0c:8f:8d:8c:6e:52:4a:06:b5:7d:6a:59:80:eb:
22:08:16:4e:21:08:9b:0b:b7:1d:06:d0:79:e5:93:
6b:9b:a6:68:f2:68:95:e7:c2:18:55:ac:39:2f:dd:
08:d5:49:76:41:22:7a:4c:c7:7c:7c:8b:04:2d:f5:
f9:86:83:8d:4c:c1:df:a7:af:64:69:64:e6:5f:92:
ad:1f:b4:ee:66:dc:13:4d:97:43:6a:2a:be:f0:bd:
dd:70:1b:5e:41:27:1e:7a:c7:36:cd:ec:03:02:43:
76:2e:91:b6:67:ae:3b:7e:2d:2e:c9:86:3c:72:8f:
1f:1f:51:b7:45:a3:0a:30:6e:e4:8b:a4:2c:a4:a7:
cf:bb:87:41:6c:81:f9:d9:11:bc:92:57:77:b1:1e:
97:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:72:B9:14:D0:88:9C:A9:54:4A:7C:68:F0:75:9D:70:CC:88:72:B3
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/CHK5FNCInKlUSnxo8HWdcMyIcrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.248.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:6980::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
28:6a:34:42:6f:6d:4e:a1:da:3e:11:37:37:07:3c:fa:8c:b8:
96:8e:56:98:9b:b8:a3:18:bb:0f:5f:eb:ee:1c:02:67:72:c8:
b2:04:0f:51:b8:7c:a6:30:77:98:7e:d7:a1:fb:7c:f4:d3:d4:
d7:09:f7:c7:f3:1c:8a:d2:17:6d:a9:dd:0f:97:90:e1:76:6a:
26:61:02:26:82:63:7b:05:45:b4:46:35:81:2c:c0:f5:bb:aa:
7c:88:ce:53:98:21:ac:9b:79:f1:69:85:c8:fc:bc:07:fe:e0:
57:ed:67:e4:cf:3c:93:93:a2:93:b9:8a:88:0c:f4:1f:e9:22:
4d:60:ce:ab:1c:93:84:77:54:f7:b9:86:69:dd:8a:8c:60:5f:
61:d4:c1:de:45:f5:66:3c:38:54:f8:18:38:76:ab:29:e8:30:
83:19:70:ae:9f:4d:c0:66:3e:d7:cb:6a:34:66:da:d8:56:01:
2e:34:4d:e3:50:29:e0:c9:f9:13:3b:2c:c0:3e:ec:25:24:97:
da:f1:77:10:02:16:e4:12:cd:70:3e:60:a5:f6:8f:4e:0f:15:
a0:17:12:3b:9e:85:fb:76:f8:81:05:fb:68:83:c1:2c:98:3b:
4d:54:cd:a9:c7:48:0d:48:28:03:a9:7a:9f:1c:cc:49:a9:9a:
78:bf:9e:a7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY69X78aVxn7wvlvDbUWReIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwNDA4MTEwMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODcyYjkxNGQwODg5Y2E5NTQ0YTdjNjhmMDc1OWQ3MGNjODg3MmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA4Iy+/gPXRUVL5XSPHkYhPOvlB5
L7qAjKrhU67Pt7DIV+XDvcPcKfUa74L3ehCprjHCGUoi2KRhLJflnRsRadhAQyzm
ovxeyVJHQU1fbLGOA2O+E5qDKBew3SEUZ/5JHGkw/75q7A5ODI+NjG5SSga1fWpZ
gOsiCBZOIQibC7cdBtB55ZNrm6Zo8miV58IYVaw5L90I1Ul2QSJ6TMd8fIsELfX5
hoONTMHfp69kaWTmX5KtH7TuZtwTTZdDaiq+8L3dcBteQSceesc2zewDAkN2LpG2
Z647fi0uyYY8co8fH1G3RaMKMG7ki6QspKfPu4dBbIH52RG8kld3sR6XFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAhyuRTQiJypVEp8aPB1nXDMiHKzMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvQ0hLNUZOQ0luS2xVU254bzhIV2RjTXlJY3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAXuj4MCIE
AgACMBwDBQMqBt3AAwUDKguAQAMFAyoMaYADBQAqDPZCMA0GCSqGSIb3DQEBCwUA
A4IBAQAoajRCb21Oodo+ETc3Bzz6jLiWjlaYm7ijGLsPX+vuHAJncsiyBA9RuHym
MHeYfteh+3z009TXCffH8xyK0hdtqd0Pl5DhdmomYQImgmN7BUW0RjWBLMD1u6p8
iM5TmCGsm3nxaYXI/LwH/uBX7WfkzzyTk6KTuYqIDPQf6SJNYM6rHJOEd1T3uYZp
3YqMYF9h1MHeRfVmPDhU+Bg4dqsp6DCDGXCun03AZj7Xy2o0ZtrYVgEuNE3jUCng
yfkTOyzAPuwlJJfa8XcQAhbkEs1wPmCl9o9ODxWgFxI7noX7dviBBftog8EsmDtN
VM2px0gNSCgDqXqfHMxJqZp4v56n
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:22:49 2024 by rpki-client on console-ams.rpki-client.org