Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/VCrOu3qxJsvnrL9jI759XQGd49o.roa
File: VCrOu3qxJsvnrL9jI759XQGd49o.roa (raw, json)
Hash identifier: h6gteG11f+LVWbk4jQI52xl6NGeU5G+Hj7IRZK1K1xw=
Subject key identifier: 54:2A:CE:BB:7A:B1:26:CB:E7:AC:BF:63:23:BE:7D:5D:01:9D:E3:DA
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 018CC8DF53A5FE28D03134BB5657596D3CD0
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/VCrOu3qxJsvnrL9jI759XQGd49o.roa
Signing time: Tue 02 Jan 2024 06:32:08 +0000
ROA not before: Tue 02 Jan 2024 06:32:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52143
IP address blocks: 188.94.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:53:a5:fe:28:d0:31:34:bb:56:57:59:6d:3c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Jan 2 06:32:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=542acebb7ab126cbe7acbf6323be7d5d019de3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:79:aa:b4:1e:d5:8e:b6:0c:20:ef:9a:d8:63:
0d:0a:7c:5d:2a:0e:3c:2c:1c:7d:c6:43:be:cf:be:
26:a7:2b:31:74:dd:bf:61:be:ad:3c:13:28:73:22:
59:18:48:38:1b:7c:6b:c8:b2:fe:f6:83:36:c7:5e:
4e:9a:1b:97:19:78:bc:b5:af:a5:6b:95:07:61:d4:
de:c0:30:e9:21:d7:1d:ca:a1:44:e2:5d:0b:72:96:
6c:39:a4:f4:13:93:cf:62:ca:09:25:9f:35:67:f4:
29:a6:7f:f4:73:77:27:74:19:34:df:1c:a7:f0:df:
38:ef:af:52:6a:80:c4:90:f0:70:9a:63:bf:a2:3b:
46:7e:70:fc:35:0c:40:3c:74:b7:01:69:c7:97:ca:
2f:a1:c9:95:17:0a:4a:cc:80:ce:40:1f:c9:fb:c8:
2c:87:47:06:88:df:f5:49:6a:e8:ef:4e:d6:5b:21:
a0:80:d9:db:59:c0:2f:8e:90:13:6c:66:c8:90:1e:
16:9c:69:6c:1e:d1:3b:f8:1a:4a:e1:21:61:57:56:
56:fc:7c:6d:58:71:e8:43:45:f6:9c:97:ca:72:bb:
9f:fa:e6:b0:7a:d2:cc:4f:34:6c:89:db:5d:50:b4:
4c:9a:4e:7c:25:f9:12:c4:64:e7:af:0d:fe:d8:46:
5a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2A:CE:BB:7A:B1:26:CB:E7:AC:BF:63:23:BE:7D:5D:01:9D:E3:DA
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/VCrOu3qxJsvnrL9jI759XQGd49o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.0.0/22
Signature Algorithm: sha256WithRSAEncryption
95:c8:ec:89:0d:87:f9:c1:6a:32:d4:ee:33:e9:cc:a6:d5:88:
e9:bf:63:f2:03:e6:09:57:9a:f8:4e:08:bf:4d:f6:f4:d0:3b:
25:33:83:1e:66:b2:a9:7a:9a:9d:e5:73:da:c2:55:3b:51:ec:
f3:9d:cf:54:67:c2:da:7e:af:65:0b:60:72:28:af:3b:4e:aa:
d7:69:50:9e:49:79:bd:0c:8b:8d:1d:f4:db:90:29:de:cd:93:
a7:9e:0d:90:56:02:45:7f:10:ad:29:8e:62:dc:d2:1d:c1:16:
83:82:8f:d2:c1:dc:7b:06:ba:14:f6:e2:fb:50:0e:a0:8d:05:
9a:66:40:9a:21:3e:42:ff:e0:f4:0e:5a:cc:c6:56:f6:e4:74:
75:0d:8b:95:1a:05:9a:4c:87:83:d9:cc:cc:4f:13:ae:71:10:
9a:6b:bf:64:46:cf:85:43:12:8a:7e:e8:95:dc:b2:37:61:27:
98:b8:8a:d4:c9:52:64:a8:e5:c7:3b:43:51:a4:a2:dc:2f:85:
a2:4f:04:02:c4:74:55:96:ae:79:45:92:43:ec:65:e5:2e:68:
98:88:67:b6:8f:5e:1b:b0:96:e4:36:5d:0d:ba:ff:65:a8:f4:
74:e4:7d:80:ff:53:32:a9:cc:60:40:b8:5e:78:16:25:12:01:
88:96:a3:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI31Ol/ijQMTS7VldZbTzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjQwMTAyMDYzMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJhY2ViYjdhYjEyNmNiZTdhY2JmNjMyM2JlN2Q1ZDAxOWRlM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHmqtB7VjrYMIO+a2GMNCnxdKg48
LBx9xkO+z74mpysxdN2/Yb6tPBMocyJZGEg4G3xryLL+9oM2x15OmhuXGXi8ta+l
a5UHYdTewDDpIdcdyqFE4l0LcpZsOaT0E5PPYsoJJZ81Z/Qppn/0c3cndBk03xyn
8N84769SaoDEkPBwmmO/ojtGfnD8NQxAPHS3AWnHl8ovocmVFwpKzIDOQB/J+8gs
h0cGiN/1SWro707WWyGggNnbWcAvjpATbGbIkB4WnGlsHtE7+BpK4SFhV1ZW/Hxt
WHHoQ0X2nJfKcruf+uawetLMTzRsidtdULRMmk58JfkSxGTnrw3+2EZaLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQqzrt6sSbL56y/YyO+fV0BnePaMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvVkNyT3UzcXhKc3Zuckw5akk3NTlYUUdkNDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvF4AMA0G
CSqGSIb3DQEBCwUAA4IBAQCVyOyJDYf5wWoy1O4z6cym1Yjpv2PyA+YJV5r4Tgi/
Tfb00DslM4MeZrKpepqd5XPawlU7Uezznc9UZ8Lafq9lC2ByKK87TqrXaVCeSXm9
DIuNHfTbkCnezZOnng2QVgJFfxCtKY5i3NIdwRaDgo/Swdx7BroU9uL7UA6gjQWa
ZkCaIT5C/+D0DlrMxlb25HR1DYuVGgWaTIeD2czMTxOucRCaa79kRs+FQxKKfuiV
3LI3YSeYuIrUyVJkqOXHO0NRpKLcL4WiTwQCxHRVlq55RZJD7GXlLmiYiGe2j14b
sJbkNl0Nuv9lqPR05H2A/1MyqcxgQLheeBYlEgGIlqPj
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:56:38 2024 by rpki-client on console-ams.rpki-client.org