Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/tV4yKV1KjsiwEU4zPqOuE-ebLHI.roa
File: tV4yKV1KjsiwEU4zPqOuE-ebLHI.roa (raw, json)
Hash identifier: 5tPNgMabqFm37Dd3PTiHvabBlXD69/WkPnjMwyChUHk=
Subject key identifier: B5:5E:32:29:5D:4A:8E:C8:B0:11:4E:33:3E:A3:AE:13:E7:9B:2C:72
Certificate issuer: /CN=2cb035707202d4013a4479be5112d7fa227b7275
Certificate serial: 018CC649C1DB452E2BEFA21163CE1FFC1766
Authority key identifier: 2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/tV4yKV1KjsiwEU4zPqOuE-ebLHI.roa
Signing time: Mon 01 Jan 2024 18:29:31 +0000
ROA not before: Mon 01 Jan 2024 18:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209566
IP address blocks: 194.62.129.0/24 maxlen: 24
2a0d:8c40:209::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c1:db:45:2e:2b:ef:a2:11:63:ce:1f:fc:17:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb035707202d4013a4479be5112d7fa227b7275
Validity
Not Before: Jan 1 18:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b55e32295d4a8ec8b0114e333ea3ae13e79b2c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dd:27:88:e0:01:24:34:2b:d3:15:cd:ad:12:
28:fd:d0:e9:73:37:13:9f:5c:8f:98:32:9c:c2:0d:
b2:e4:03:2f:1e:94:61:f3:27:a4:dc:65:f1:db:9e:
c1:67:ac:c3:a2:a0:86:76:1e:92:6f:02:c9:ae:d7:
6f:3e:5c:7d:62:04:a4:b7:97:17:a5:24:c4:3b:71:
6b:32:f8:04:96:36:39:ec:a7:32:f3:ed:d5:f5:b7:
24:22:d4:1d:d9:32:76:0d:35:a9:54:ed:fe:d6:60:
83:ac:ec:1c:8a:d0:36:43:48:d2:a2:91:30:a1:f1:
98:40:c5:c7:cc:07:21:81:94:60:3f:10:90:29:d3:
71:e5:01:11:65:d6:22:dc:b6:f8:bd:bf:14:b5:4f:
29:4e:f4:07:94:85:f7:83:1c:15:1e:bd:82:56:59:
eb:c7:a5:bb:f8:34:76:2d:e4:bb:28:76:c0:b9:da:
66:43:54:37:34:07:78:34:aa:fb:d1:7b:7c:94:d0:
e2:16:af:00:38:53:0c:2e:2b:6d:1c:63:6a:af:f0:
01:eb:b9:38:2c:11:1b:ed:90:03:a4:fe:a3:7f:3d:
a8:a0:85:e4:d8:5c:31:9f:d5:8f:7f:93:3f:e0:42:
31:2a:76:0f:7e:17:43:67:d9:fb:41:02:16:ac:ca:
d0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5E:32:29:5D:4A:8E:C8:B0:11:4E:33:3E:A3:AE:13:E7:9B:2C:72
X509v3 Authority Key Identifier:
keyid:2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/tV4yKV1KjsiwEU4zPqOuE-ebLHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.129.0/24
IPv6:
2a0d:8c40:209::/48
Signature Algorithm: sha256WithRSAEncryption
48:7c:e9:a2:dc:d0:7c:11:d1:20:cf:c0:85:96:dd:da:bc:39:
2d:62:e5:76:02:ab:71:66:39:03:5d:34:66:45:9f:2a:98:81:
03:ed:52:94:e6:f8:c4:95:c1:15:bf:f4:29:ce:6a:11:ce:79:
e3:ad:6f:93:6c:d0:a9:44:e9:93:43:4c:e5:29:9a:5b:60:45:
26:5c:20:94:f1:0a:5f:42:83:ff:eb:60:20:b1:29:46:b0:23:
cc:19:9d:0c:62:e9:0c:3c:a7:52:5f:87:8d:c3:ff:cf:0a:38:
a2:c1:bb:89:4c:77:bb:0a:0e:8a:bc:15:74:e5:27:40:2e:a5:
7e:74:b6:40:78:dc:ef:b9:4d:f0:f4:55:cf:8c:d4:9f:b9:9d:
e4:0f:57:6a:a5:89:0f:c0:c4:e7:81:6c:01:2f:6d:0a:29:ba:
93:ee:4c:44:64:7a:51:8f:81:1c:47:97:41:46:eb:69:04:16:
e4:94:97:fc:34:87:e0:1a:fa:24:ee:03:5b:65:a4:a8:b7:b9:
28:78:ab:60:d2:a1:9f:4b:74:a4:2c:92:f5:11:54:2f:21:da:
f7:ec:5a:6b:f0:13:04:5c:e3:a9:35:89:58:46:2a:30:63:85:
8d:5a:fe:ef:fb:ad:f3:d2:4d:f9:0f:9b:6a:ab:ca:2d:94:70:
5a:85:55:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGScHbRS4r76IRY84f/BdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjAzNTcwNzIwMmQ0MDEzYTQ0NzliZTUxMTJkN2ZhMjI3
YjcyNzUwHhcNMjQwMTAxMTgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTVlMzIyOTVkNGE4ZWM4YjAxMTRlMzMzZWEzYWUxM2U3OWIyYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd0niOABJDQr0xXNrRIo/dDpczcT
n1yPmDKcwg2y5AMvHpRh8yek3GXx257BZ6zDoqCGdh6SbwLJrtdvPlx9YgSkt5cX
pSTEO3FrMvgEljY57Kcy8+3V9bckItQd2TJ2DTWpVO3+1mCDrOwcitA2Q0jSopEw
ofGYQMXHzAchgZRgPxCQKdNx5QERZdYi3Lb4vb8UtU8pTvQHlIX3gxwVHr2CVlnr
x6W7+DR2LeS7KHbAudpmQ1Q3NAd4NKr70Xt8lNDiFq8AOFMMLittHGNqr/AB67k4
LBEb7ZADpP6jfz2ooIXk2Fwxn9WPf5M/4EIxKnYPfhdDZ9n7QQIWrMrQzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLVeMildSo7IsBFOMz6jrhPnmyxyMB8GA1UdIwQY
MBaAFCywNXByAtQBOkR5vlES1/oie3J1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEt
MDYzMDhhNDQ4NTZkLzEvdFY0eUtWMUtqc2l3RVU0elBxT3VFLWViTEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEtMDYzMDhhNDQ4NTZk
LzEvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwj6BMA8E
AgACMAkDBwAqDYxAAgkwDQYJKoZIhvcNAQELBQADggEBAEh86aLc0HwR0SDPwIWW
3dq8OS1i5XYCq3FmOQNdNGZFnyqYgQPtUpTm+MSVwRW/9CnOahHOeeOtb5Ns0KlE
6ZNDTOUpmltgRSZcIJTxCl9Cg//rYCCxKUawI8wZnQxi6Qw8p1Jfh43D/88KOKLB
u4lMd7sKDoq8FXTlJ0AupX50tkB43O+5TfD0Vc+M1J+5neQPV2qliQ/AxOeBbAEv
bQopupPuTERkelGPgRxHl0FG62kEFuSUl/w0h+Aa+iTuA1tlpKi3uSh4q2DSoZ9L
dKQskvURVC8h2vfsWmvwEwRc46k1iVhGKjBjhY1a/u/7rfPSTfkPm2qryi2UcFqF
VWQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:19 2024 by rpki-client on console-fra.rpki-client.org