Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/tD60amqSQXGAlZPQhBMjjrSxBmo.roa
File: tD60amqSQXGAlZPQhBMjjrSxBmo.roa (raw, json)
Hash identifier: TTmSavfIy3d8z5xOT+ubgDdf/yaMm+3GBneHnZdcN7Q=
Subject key identifier: B4:3E:B4:6A:6A:92:41:71:80:95:93:D0:84:13:23:8E:B4:B1:06:6A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01929DFFBF6789FBAE56945D30BCAE7DAA42
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/tD60amqSQXGAlZPQhBMjjrSxBmo.roa
Signing time: Fri 18 Oct 2024 05:00:36 +0000
ROA not before: Fri 18 Oct 2024 05:00:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199961
IP address blocks: 194.28.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9d:ff:bf:67:89:fb:ae:56:94:5d:30:bc:ae:7d:aa:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 18 05:00:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b43eb46a6a924171809593d08413238eb4b1066a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:c5:e4:71:32:c8:fa:9a:30:44:a0:d0:e2:
f3:fd:90:d1:ff:18:a4:26:e0:b2:2f:08:17:ba:89:
20:f7:71:e0:50:0b:0e:80:00:e8:92:47:32:1b:d0:
57:78:ab:2a:eb:5f:47:5d:c2:86:6c:42:6e:3b:5f:
df:14:6b:87:5c:af:eb:d4:fe:2e:fd:e7:75:83:dd:
f1:a5:f8:0b:81:f7:33:0c:20:71:d4:4a:1d:57:82:
ae:3f:5a:de:71:eb:c7:30:d4:a2:4b:eb:b9:8c:ed:
36:80:87:6a:ce:f9:7c:ee:f9:5b:6d:c8:c6:69:0b:
13:1d:ab:53:f2:49:92:ae:99:1c:e0:bd:83:57:ff:
29:1c:de:26:be:d0:0f:72:07:da:7b:96:15:86:63:
6d:a9:8b:a4:7a:ee:7c:40:90:44:28:af:50:91:74:
eb:68:c4:0e:e6:0f:70:b6:a0:07:c3:8e:a8:1b:05:
a2:df:36:60:8b:e5:ac:50:73:95:f6:35:85:92:77:
57:b1:90:8f:d2:cf:24:ad:df:7e:e7:6c:74:ac:20:
19:45:23:76:73:84:02:9b:f6:5c:ba:5a:30:56:67:
76:5d:90:1c:fa:15:00:db:3a:5b:fe:ae:85:ba:c3:
f5:df:ea:f4:d0:ef:af:82:51:34:ad:e0:d7:be:12:
fc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3E:B4:6A:6A:92:41:71:80:95:93:D0:84:13:23:8E:B4:B1:06:6A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/tD60amqSQXGAlZPQhBMjjrSxBmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.227.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:0a:1e:90:1e:b6:73:a8:f7:80:6e:41:3d:f1:e6:24:f2:12:
0e:1d:68:4f:76:f3:8f:0b:61:97:4e:66:5a:2d:64:7d:7f:60:
27:31:c4:9b:82:34:e7:c8:ca:6a:4c:eb:37:6a:cd:18:a6:b1:
a3:e1:56:76:a9:15:01:ef:79:40:f6:41:3a:08:a0:82:0a:56:
1a:74:46:41:d7:21:76:b1:70:a3:aa:7a:90:69:21:48:cf:20:
80:15:38:15:5e:e5:d2:52:aa:84:4b:84:68:89:27:5c:82:e2:
36:b8:95:ee:98:48:cd:e8:e4:da:89:f9:a7:6f:1a:d6:79:11:
3b:99:0c:6f:fc:33:d6:3e:f2:be:45:ab:85:a2:46:27:b6:42:
0f:14:26:7c:ef:0a:91:df:14:bd:91:e1:ba:1b:a7:12:d3:27:
9f:d0:fe:ca:d4:1f:b8:e6:2f:59:21:77:b7:62:6a:10:b5:89:
23:df:a7:6d:77:2e:5d:b2:75:53:62:ed:f3:d8:63:4e:3c:7b:
5a:71:b3:de:73:65:8c:0c:e6:75:ba:3b:b1:e7:af:c6:65:86:
2c:14:a7:83:7d:dc:e6:03:46:b5:d7:31:51:31:3e:6c:76:94:
df:a0:c4:0a:26:86:5a:ad:90:a4:fd:26:13:a6:fe:ef:b6:dd:
99:c6:52:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKd/79nifuuVpRdMLyufapCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMDE4MDUwMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNlYjQ2YTZhOTI0MTcxODA5NTkzZDA4NDEzMjM4ZWI0YjEwNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSbF5HEyyPqaMESg0OLz/ZDR/xik
JuCyLwgXuokg93HgUAsOgADokkcyG9BXeKsq619HXcKGbEJuO1/fFGuHXK/r1P4u
/ed1g93xpfgLgfczDCBx1EodV4KuP1recevHMNSiS+u5jO02gIdqzvl87vlbbcjG
aQsTHatT8kmSrpkc4L2DV/8pHN4mvtAPcgfae5YVhmNtqYukeu58QJBEKK9QkXTr
aMQO5g9wtqAHw46oGwWi3zZgi+WsUHOV9jWFkndXsZCP0s8krd9+52x0rCAZRSN2
c4QCm/ZculowVmd2XZAc+hUA2zpb/q6FusP13+r00O+vglE0reDXvhL86QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQ+tGpqkkFxgJWT0IQTI460sQZqMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvdEQ2MGFtcVNRWEdBbFpQUWhCTWpqclN4Qm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhzjMA0G
CSqGSIb3DQEBCwUAA4IBAQC/Ch6QHrZzqPeAbkE98eYk8hIOHWhPdvOPC2GXTmZa
LWR9f2AnMcSbgjTnyMpqTOs3as0YprGj4VZ2qRUB73lA9kE6CKCCClYadEZB1yF2
sXCjqnqQaSFIzyCAFTgVXuXSUqqES4RoiSdcguI2uJXumEjN6OTaifmnbxrWeRE7
mQxv/DPWPvK+RauFokYntkIPFCZ87wqR3xS9keG6G6cS0yef0P7K1B+45i9ZIXe3
YmoQtYkj36dtdy5dsnVTYu3z2GNOPHtacbPec2WMDOZ1ujux56/GZYYsFKeDfdzm
A0a11zFRMT5sdpTfoMQKJoZarZCk/SYTpv7vtt2ZxlLE
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:27 2024 by rpki-client on console-ams.rpki-client.org