Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/506f2a-7246-4190-96ff-738c0bf8ea98/1/HtTkzCCVSPuYoECQ2y8k2YBEpe0.roa
File: HtTkzCCVSPuYoECQ2y8k2YBEpe0.roa (raw, json)
Hash identifier: Qff+CIaNo8njCQx3jCm8+ol4dSGKrVA9tmKJXSZKsWU=
Subject key identifier: 1E:D4:E4:CC:20:95:48:FB:98:A0:40:90:DB:2F:24:D9:80:44:A5:ED
Certificate issuer: /CN=1571e6684306b748156c2ae3f420bb366b2efcee
Certificate serial: 018CC8018FC1010AA14590320AECE0275C41
Authority key identifier: 15:71:E6:68:43:06:B7:48:15:6C:2A:E3:F4:20:BB:36:6B:2E:FC:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FXHmaEMGt0gVbCrj9CC7Nmsu_O4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/506f2a-7246-4190-96ff-738c0bf8ea98/1/HtTkzCCVSPuYoECQ2y8k2YBEpe0.roa
Signing time: Tue 02 Jan 2024 02:29:54 +0000
ROA not before: Tue 02 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207646
IP address blocks: 194.31.224.0/24 maxlen: 24
194.31.226.0/24 maxlen: 24
2a0f:aa40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/506f2a-7246-4190-96ff-738c0bf8ea98/1/FXHmaEMGt0gVbCrj9CC7Nmsu_O4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/506f2a-7246-4190-96ff-738c0bf8ea98/1/FXHmaEMGt0gVbCrj9CC7Nmsu_O4.mft
rsync://rpki.ripe.net/repository/DEFAULT/FXHmaEMGt0gVbCrj9CC7Nmsu_O4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8f:c1:01:0a:a1:45:90:32:0a:ec:e0:27:5c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1571e6684306b748156c2ae3f420bb366b2efcee
Validity
Not Before: Jan 2 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed4e4cc209548fb98a04090db2f24d98044a5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8f:66:04:cc:c3:ca:a1:fa:b3:2e:15:ef:0a:
ab:f7:d2:ce:d0:10:da:d6:c2:95:50:4f:42:be:16:
cb:a0:d1:87:7e:19:05:c6:70:50:86:5e:36:26:a7:
9b:8a:c4:55:0c:56:cd:cf:71:78:43:a6:9f:d4:23:
14:4e:5d:4f:3c:12:20:6c:1a:a8:6d:c8:6c:1c:bb:
04:b6:82:ba:a0:4c:da:37:70:0a:65:44:90:c4:65:
51:81:0d:64:74:fa:a7:3c:43:6d:27:c8:5b:27:90:
76:07:16:be:9c:9b:49:b7:cf:76:19:7d:3a:d8:14:
d4:94:55:27:85:d8:41:4f:f7:f3:9b:7a:bf:34:92:
a3:d3:a0:cb:47:b3:bb:1e:3c:c5:0b:c9:38:3c:a0:
c3:b1:f1:b8:e8:9b:60:03:96:65:d1:4a:14:56:a3:
2f:f8:81:0e:84:b0:b7:1c:cc:91:e3:1c:7a:ca:a3:
c2:6c:c3:d2:f6:10:fe:b6:8a:3c:75:7a:6b:b1:b6:
ac:3a:27:cc:b0:80:69:2a:8b:db:c1:d5:87:0a:5b:
59:e8:cb:3a:78:71:ae:b2:00:e2:87:6a:4d:5e:54:
da:80:07:ba:08:5d:10:b0:24:a0:ca:22:b6:ee:03:
73:55:07:53:7f:16:a6:bd:d3:9b:0c:d4:92:61:09:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D4:E4:CC:20:95:48:FB:98:A0:40:90:DB:2F:24:D9:80:44:A5:ED
X509v3 Authority Key Identifier:
keyid:15:71:E6:68:43:06:B7:48:15:6C:2A:E3:F4:20:BB:36:6B:2E:FC:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FXHmaEMGt0gVbCrj9CC7Nmsu_O4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/506f2a-7246-4190-96ff-738c0bf8ea98/1/HtTkzCCVSPuYoECQ2y8k2YBEpe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/506f2a-7246-4190-96ff-738c0bf8ea98/1/FXHmaEMGt0gVbCrj9CC7Nmsu_O4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.224.0/24
194.31.226.0/24
IPv6:
2a0f:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
83:a9:93:fc:19:97:ed:ae:68:24:08:c5:c8:ee:35:6d:df:07:
b2:4c:27:d5:17:8d:ca:7c:22:9f:58:d1:c3:7b:5f:d5:81:7f:
f9:7e:63:60:3c:4a:11:5a:d2:0d:09:95:a2:c2:c9:76:ee:b7:
33:07:52:0e:14:62:78:e5:36:af:98:eb:38:a2:ee:4d:69:67:
9d:31:5d:c4:6e:16:31:b1:74:89:91:b2:4b:74:83:3c:51:4f:
a4:c0:85:fd:f4:57:a6:83:26:d3:37:db:99:cf:dc:a1:4d:2c:
dd:4d:11:e6:8c:b2:71:63:e1:e7:5c:b7:d5:a3:4a:2c:bb:10:
00:9f:58:9e:cd:0c:57:ea:b3:3f:be:1f:80:a5:31:92:49:7f:
30:35:96:ca:86:be:ee:48:66:88:d1:1e:33:13:e2:b7:9e:fa:
28:fc:05:c8:44:23:58:95:4f:d6:52:77:eb:76:61:4a:41:14:
a9:cd:19:db:df:90:0a:a1:45:45:e3:53:94:bb:8e:24:0f:1c:
2c:1b:80:de:24:d8:37:c9:33:e4:4f:99:7a:64:5e:42:bb:b4:
2b:7b:1f:ab:9c:73:ce:71:9d:87:da:18:71:e7:c5:b3:ff:f3:
cb:80:a2:19:fe:71:98:06:b3:6a:34:29:19:c2:0d:cb:e4:2a:
7a:41:33:f4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAY/BAQqhRZAyCuzgJ1xBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NzFlNjY4NDMwNmI3NDgxNTZjMmFlM2Y0MjBiYjM2NmIy
ZWZjZWUwHhcNMjQwMTAyMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ0ZTRjYzIwOTU0OGZiOThhMDQwOTBkYjJmMjRkOTgwNDRhNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk49mBMzDyqH6sy4V7wqr99LO0BDa
1sKVUE9CvhbLoNGHfhkFxnBQhl42JqebisRVDFbNz3F4Q6af1CMUTl1PPBIgbBqo
bchsHLsEtoK6oEzaN3AKZUSQxGVRgQ1kdPqnPENtJ8hbJ5B2Bxa+nJtJt892GX06
2BTUlFUnhdhBT/fzm3q/NJKj06DLR7O7HjzFC8k4PKDDsfG46JtgA5Zl0UoUVqMv
+IEOhLC3HMyR4xx6yqPCbMPS9hD+too8dXprsbasOifMsIBpKovbwdWHCltZ6Ms6
eHGusgDih2pNXlTagAe6CF0QsCSgyiK27gNzVQdTfxamvdObDNSSYQkQbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB7U5MwglUj7mKBAkNsvJNmARKXtMB8GA1UdIwQY
MBaAFBVx5mhDBrdIFWwq4/QguzZrLvzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlhIbWFFTUd0MGdWYkNyajlDQzdObXN1X080LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC81MDZmMmEtNzI0Ni00MTkwLTk2ZmYt
NzM4YzBiZjhlYTk4LzEvSHRUa3pDQ1ZTUHVZb0VDUTJ5OGsyWUJFcGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC81MDZmMmEtNzI0Ni00MTkwLTk2ZmYtNzM4YzBiZjhlYTk4
LzEvRlhIbWFFTUd0MGdWYkNyajlDQzdObXN1X080LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwh/gAwQA
wh/iMA0EAgACMAcDBQMqD6pAMA0GCSqGSIb3DQEBCwUAA4IBAQCDqZP8GZftrmgk
CMXI7jVt3weyTCfVF43KfCKfWNHDe1/VgX/5fmNgPEoRWtINCZWiwsl27rczB1IO
FGJ45TavmOs4ou5NaWedMV3EbhYxsXSJkbJLdIM8UU+kwIX99FemgybTN9uZz9yh
TSzdTRHmjLJxY+HnXLfVo0osuxAAn1iezQxX6rM/vh+ApTGSSX8wNZbKhr7uSGaI
0R4zE+K3nvoo/AXIRCNYlU/WUnfrdmFKQRSpzRnb35AKoUVF41OUu44kDxwsG4De
JNg3yTPkT5l6ZF5Cu7Qrex+rnHPOcZ2H2hhx58Wz//PLgKIZ/nGYBrNqNCkZwg3L
5Cp6QTP0
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:55:39 2024 by rpki-client on console-fra.rpki-client.org