Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/fe5ac1-28fe-43ec-8700-bf25ce0f8393/1/g7pFgNn9P392Qi9TseTU5vbLA6c.roa
File: g7pFgNn9P392Qi9TseTU5vbLA6c.roa (raw, json)
Hash identifier: 2QLkkN16UAuwCY5qQVrWBPaEDLxBaQBXosyTwnErWlM=
Subject key identifier: 83:BA:45:80:D9:FD:3F:7F:76:42:2F:53:B1:E4:D4:E6:F6:CB:03:A7
Certificate issuer: /CN=3802c7987004ae78190e691e370de509ff59127b
Certificate serial: 018CC6B92975BF44DCE1AAF8BFF063164842
Authority key identifier: 38:02:C7:98:70:04:AE:78:19:0E:69:1E:37:0D:E5:09:FF:59:12:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OALHmHAErngZDmkeNw3lCf9ZEns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/fe5ac1-28fe-43ec-8700-bf25ce0f8393/1/g7pFgNn9P392Qi9TseTU5vbLA6c.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31477
IP address blocks: 194.13.8.0/22 maxlen: 24
194.13.12.0/23 maxlen: 24
194.13.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/fe5ac1-28fe-43ec-8700-bf25ce0f8393/1/OALHmHAErngZDmkeNw3lCf9ZEns.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/fe5ac1-28fe-43ec-8700-bf25ce0f8393/1/OALHmHAErngZDmkeNw3lCf9ZEns.mft
rsync://rpki.ripe.net/repository/DEFAULT/OALHmHAErngZDmkeNw3lCf9ZEns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:29:75:bf:44:dc:e1:aa:f8:bf:f0:63:16:48:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3802c7987004ae78190e691e370de509ff59127b
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83ba4580d9fd3f7f76422f53b1e4d4e6f6cb03a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a4:4a:97:85:ff:51:c3:b9:c9:6d:f6:54:a1:
cc:7a:86:5b:c2:06:df:5f:9a:45:c6:c3:d1:f6:8b:
12:29:7c:70:21:c6:54:a8:13:c9:e1:09:8c:fb:55:
7f:82:68:9b:60:90:56:c4:00:f4:14:eb:f3:23:49:
ff:bf:4d:f4:c1:f2:9d:4a:1b:a8:6a:7c:98:65:cc:
5e:fb:6c:4f:ed:a9:bf:8b:66:72:bd:99:f9:59:e8:
d6:c9:dc:ee:74:c1:f3:82:ae:8c:ec:90:6b:a6:ce:
53:da:ca:6a:92:65:d3:37:72:db:97:d3:05:4d:15:
cf:94:1e:08:63:df:ee:2b:07:e0:f6:66:62:3e:21:
dd:bb:65:54:dc:68:df:bb:e3:71:67:e7:df:1f:ac:
42:00:ea:83:76:0a:b1:b7:bf:f1:4b:4d:c4:1c:10:
bc:43:f5:0e:6c:1b:04:f1:01:ef:b7:09:da:ed:c3:
01:a0:eb:48:9e:45:d3:32:19:fc:d1:65:69:bc:68:
df:f9:05:01:94:3e:a3:6d:ff:60:e4:28:d5:ac:14:
20:86:5d:62:2c:b5:68:45:95:75:9c:df:18:44:0d:
1a:1a:45:dc:74:e6:50:3b:e0:7f:9d:92:28:61:78:
31:04:c3:97:13:23:3b:f8:1d:3f:b8:77:42:42:f4:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BA:45:80:D9:FD:3F:7F:76:42:2F:53:B1:E4:D4:E6:F6:CB:03:A7
X509v3 Authority Key Identifier:
keyid:38:02:C7:98:70:04:AE:78:19:0E:69:1E:37:0D:E5:09:FF:59:12:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OALHmHAErngZDmkeNw3lCf9ZEns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/fe5ac1-28fe-43ec-8700-bf25ce0f8393/1/g7pFgNn9P392Qi9TseTU5vbLA6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/fe5ac1-28fe-43ec-8700-bf25ce0f8393/1/OALHmHAErngZDmkeNw3lCf9ZEns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.8.0-194.13.14.255
Signature Algorithm: sha256WithRSAEncryption
35:4a:b7:e3:86:37:64:e3:83:96:f0:82:19:0a:f0:52:21:06:
c6:01:34:1f:6d:a5:eb:94:a7:4c:9c:9d:45:f3:27:e0:7f:6f:
65:3f:31:94:67:62:14:89:bb:ce:b2:38:21:38:c5:a7:15:af:
16:4b:cc:d0:9c:60:0c:af:98:18:12:cb:ef:80:94:e6:15:f7:
08:57:fe:45:09:10:01:5c:56:64:1c:c2:07:04:6b:43:3f:38:
9e:59:a0:76:aa:50:74:4b:40:33:07:41:b3:44:1f:50:0f:7a:
fd:1b:0a:41:c5:18:e6:54:e1:7d:61:76:69:fd:90:05:d3:94:
25:01:df:41:98:47:e2:6c:4b:03:37:ca:a7:93:d5:f6:22:d1:
ab:ce:22:04:18:9a:34:90:55:21:f1:0e:a1:77:06:bf:57:2b:
9d:79:20:bc:a1:4d:4d:34:09:c8:62:91:19:d9:eb:76:29:ff:
d3:61:1f:ff:96:95:42:01:c9:8a:9e:37:63:ea:f7:74:0c:19:
a6:25:cb:b1:2e:6a:fe:98:41:ba:42:d8:d1:9a:72:04:8a:82:
7c:50:a9:1a:6e:49:d8:be:ab:7c:b9:53:12:34:3b:ab:83:52:
bc:20:c7:ef:fb:31:0d:d8:29:f6:b1:66:cd:82:8a:0c:a5:04:
89:07:7e:91
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGuSl1v0Tc4ar4v/BjFkhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDJjNzk4NzAwNGFlNzgxOTBlNjkxZTM3MGRlNTA5ZmY1
OTEyN2IwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JhNDU4MGQ5ZmQzZjdmNzY0MjJmNTNiMWU0ZDRlNmY2Y2IwM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KRKl4X/UcO5yW32VKHMeoZbwgbf
X5pFxsPR9osSKXxwIcZUqBPJ4QmM+1V/gmibYJBWxAD0FOvzI0n/v030wfKdShuo
anyYZcxe+2xP7am/i2ZyvZn5WejWydzudMHzgq6M7JBrps5T2spqkmXTN3Lbl9MF
TRXPlB4IY9/uKwfg9mZiPiHdu2VU3Gjfu+NxZ+ffH6xCAOqDdgqxt7/xS03EHBC8
Q/UObBsE8QHvtwna7cMBoOtInkXTMhn80WVpvGjf+QUBlD6jbf9g5CjVrBQghl1i
LLVoRZV1nN8YRA0aGkXcdOZQO+B/nZIoYXgxBMOXEyM7+B0/uHdCQvT/6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIO6RYDZ/T9/dkIvU7Hk1Ob2ywOnMB8GA1UdIwQY
MBaAFDgCx5hwBK54GQ5pHjcN5Qn/WRJ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FMSG1IQUVybmdaRG1rZU53M2xDZjlaRW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9mZTVhYzEtMjhmZS00M2VjLTg3MDAt
YmYyNWNlMGY4MzkzLzEvZzdwRmdObjlQMzkyUWk5VHNlVFU1dmJMQTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9mZTVhYzEtMjhmZS00M2VjLTg3MDAtYmYyNWNlMGY4Mzkz
LzEvT0FMSG1IQUVybmdaRG1rZU53M2xDZjlaRW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPCDQgD
BADCDQ4wDQYJKoZIhvcNAQELBQADggEBADVKt+OGN2Tjg5bwghkK8FIhBsYBNB9t
peuUp0ycnUXzJ+B/b2U/MZRnYhSJu86yOCE4xacVrxZLzNCcYAyvmBgSy++AlOYV
9whX/kUJEAFcVmQcwgcEa0M/OJ5ZoHaqUHRLQDMHQbNEH1APev0bCkHFGOZU4X1h
dmn9kAXTlCUB30GYR+JsSwM3yqeT1fYi0avOIgQYmjSQVSHxDqF3Br9XK515ILyh
TU00CchikRnZ63Yp/9NhH/+WlUIByYqeN2Pq93QMGaYly7Euav6YQbpC2NGacgSK
gnxQqRpuSdi+q3y5UxI0O6uDUrwgx+/7MQ3YKfaxZs2CigylBIkHfpE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:29:04 2024 by rpki-client on console-fra.rpki-client.org