Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/4kwxaAOqnEHIuZQFRPC6_8gSKKE.roa
File: 4kwxaAOqnEHIuZQFRPC6_8gSKKE.roa (raw, json)
Hash identifier: 99snrJD/G2ltRGqQ+/55Rj4A63J+M56MMYDzsjhmZGE=
Subject key identifier: E2:4C:31:68:03:AA:9C:41:C8:B9:94:05:44:F0:BA:FF:C8:12:28:A1
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018CC5DCDA9E7F5CFCCBE97F99684C689BF1
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/4kwxaAOqnEHIuZQFRPC6_8gSKKE.roa
Signing time: Mon 01 Jan 2024 16:30:34 +0000
ROA not before: Mon 01 Jan 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206185
IP address blocks: 194.126.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:da:9e:7f:5c:fc:cb:e9:7f:99:68:4c:68:9b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e24c316803aa9c41c8b9940544f0baffc81228a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:69:b1:7a:b5:bc:53:58:77:20:56:02:5a:6e:
63:d6:aa:bf:57:d3:66:65:a6:9f:65:01:9b:89:2b:
f5:97:aa:8c:85:c4:c4:ab:74:3c:32:d8:b7:f4:d1:
47:10:c3:1f:ea:7b:54:64:30:eb:60:03:2a:d1:8f:
a6:d8:97:b0:3e:04:e5:19:53:03:93:9f:21:52:85:
a1:4a:31:af:ec:5f:6d:03:0f:b8:a8:ad:d9:a9:0f:
88:b1:0d:8c:bc:b8:b3:9e:68:ca:dd:75:45:23:87:
fe:7a:1d:19:30:97:1c:b2:45:91:ba:c0:4d:76:13:
90:ff:5e:ea:f1:f9:7a:16:dd:1c:b4:d0:e8:6e:d2:
ce:e2:ae:6e:cd:6c:a0:8d:cb:10:83:c8:a7:a0:7b:
fb:e0:36:f4:ad:6a:3f:bf:8b:42:cc:d4:29:89:e7:
cf:9e:93:07:30:c8:a1:c6:1f:db:fe:fe:2d:70:b3:
8e:31:0c:0e:0a:cf:5d:2f:4d:6c:87:41:eb:74:76:
1a:85:7f:1f:a1:68:9a:9a:b2:ec:a6:d2:05:15:04:
26:b7:b3:f3:c5:d1:50:45:fe:64:62:a5:a2:41:de:
90:74:24:67:0b:24:e4:df:d2:1f:51:25:00:2b:2c:
6f:23:df:d8:1b:98:1e:f7:1c:cb:4d:20:bf:ee:a2:
e8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4C:31:68:03:AA:9C:41:C8:B9:94:05:44:F0:BA:FF:C8:12:28:A1
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/4kwxaAOqnEHIuZQFRPC6_8gSKKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:ad:ee:e3:c4:3e:cd:a6:92:1b:f0:50:53:be:af:35:d4:e0:
93:ff:d9:f5:ab:50:97:70:f1:c4:df:7d:dd:9c:86:29:07:50:
ea:ae:28:bc:15:35:36:79:47:37:b2:5c:ac:44:81:8b:b7:3d:
d0:48:87:fb:b5:3f:b7:cd:aa:70:2e:ec:00:e9:2d:4c:17:c0:
bb:ce:b5:20:4b:f1:ee:44:b9:06:9d:2b:0b:c6:e5:af:7c:c7:
32:59:a6:d7:53:95:11:47:26:22:15:ec:6d:56:77:f3:28:71:
66:58:63:a8:5b:5c:31:2b:55:3c:a8:b1:be:a7:e0:8c:62:38:
69:a1:a0:4c:6d:d5:42:fd:3b:92:3a:6a:1b:c2:53:73:ac:44:
8f:8a:45:73:5e:f9:da:d0:d8:53:9e:e3:6c:99:59:33:3f:77:
a9:45:cb:e6:84:f1:80:94:a5:c2:86:7b:d8:3e:be:29:99:fb:
63:e1:60:af:10:fd:f2:a0:3b:fd:75:23:59:a2:fe:fd:c2:cc:
46:be:4b:07:1c:ed:45:bf:b7:31:c5:f3:97:71:4e:f2:a6:5a:
82:72:5d:42:7b:e4:d0:a9:bb:86:87:fa:2b:52:c8:bc:54:cc:
88:a5:bb:1d:a2:3a:89:73:85:cc:48:28:5a:35:97:83:39:bf:
46:6b:b3:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Nqef1z8y+l/mWhMaJvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjQwMTAxMTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjRjMzE2ODAzYWE5YzQxYzhiOTk0MDU0NGYwYmFmZmM4MTIyOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2mxerW8U1h3IFYCWm5j1qq/V9Nm
ZaafZQGbiSv1l6qMhcTEq3Q8Mti39NFHEMMf6ntUZDDrYAMq0Y+m2JewPgTlGVMD
k58hUoWhSjGv7F9tAw+4qK3ZqQ+IsQ2MvLiznmjK3XVFI4f+eh0ZMJccskWRusBN
dhOQ/17q8fl6Ft0ctNDobtLO4q5uzWygjcsQg8inoHv74Db0rWo/v4tCzNQpiefP
npMHMMihxh/b/v4tcLOOMQwOCs9dL01sh0HrdHYahX8foWiamrLsptIFFQQmt7Pz
xdFQRf5kYqWiQd6QdCRnCyTk39IfUSUAKyxvI9/YG5ge9xzLTSC/7qLohwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJMMWgDqpxByLmUBUTwuv/IEiihMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvNGt3eGFBT3FuRUhJdVpRRlJQQzZfOGdTS0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwn6kMA0G
CSqGSIb3DQEBCwUAA4IBAQB9re7jxD7NppIb8FBTvq811OCT/9n1q1CXcPHE333d
nIYpB1Dqrii8FTU2eUc3slysRIGLtz3QSIf7tT+3zapwLuwA6S1MF8C7zrUgS/Hu
RLkGnSsLxuWvfMcyWabXU5URRyYiFextVnfzKHFmWGOoW1wxK1U8qLG+p+CMYjhp
oaBMbdVC/TuSOmobwlNzrESPikVzXvna0NhTnuNsmVkzP3epRcvmhPGAlKXChnvY
Pr4pmftj4WCvEP3yoDv9dSNZov79wsxGvksHHO1Fv7cxxfOXcU7yplqCcl1Ce+TQ
qbuGh/orUsi8VMyIpbsdojqJc4XMSChaNZeDOb9Ga7OK
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:38:10 2024 by rpki-client on console-fra.rpki-client.org