Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/ciiC9tr-sGMqOxkrJYibFWPZq84.roa
File: ciiC9tr-sGMqOxkrJYibFWPZq84.roa (raw, json)
Hash identifier: HzPHOin6OubR3VPbJ+2qqFh1mm08Y59hbuHWNS9H6QM=
Subject key identifier: 72:28:82:F6:DA:FE:B0:63:2A:3B:19:2B:25:88:9B:15:63:D9:AB:CE
Certificate issuer: /CN=58ec149761a5d84b8c49e2c9936bbb748033fe66
Certificate serial: 018CC6B77BB1E5C03475F25D0ABC8AD967DB
Authority key identifier: 58:EC:14:97:61:A5:D8:4B:8C:49:E2:C9:93:6B:BB:74:80:33:FE:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/ciiC9tr-sGMqOxkrJYibFWPZq84.roa
Signing time: Mon 01 Jan 2024 20:29:22 +0000
ROA not before: Mon 01 Jan 2024 20:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3278
IP address blocks: 194.180.2.0/24 maxlen: 24
194.180.1.0/24 maxlen: 24
194.180.4.0/23 maxlen: 23
194.180.4.0/24 maxlen: 24
194.180.3.0/24 maxlen: 24
194.180.0.0/24 maxlen: 24
194.180.0.0/22 maxlen: 22
194.180.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.mft
rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:7b:b1:e5:c0:34:75:f2:5d:0a:bc:8a:d9:67:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ec149761a5d84b8c49e2c9936bbb748033fe66
Validity
Not Before: Jan 1 20:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=722882f6dafeb0632a3b192b25889b1563d9abce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:71:30:86:19:d5:98:47:3a:7a:96:a8:32:44:
c9:80:9d:97:fa:ce:16:0e:52:49:f5:af:5d:58:39:
19:3f:52:43:c6:1e:68:70:c4:68:3a:83:88:1b:2d:
0f:71:69:d9:f5:03:6d:b3:2d:60:6a:23:ea:9b:2c:
60:08:c1:6e:8f:63:24:73:9a:b6:cc:e5:4d:f5:4d:
9a:9c:71:b4:94:fd:7b:4c:2e:c5:eb:3d:1f:4b:71:
45:95:11:4e:08:77:6f:1a:ec:fb:f9:50:e7:93:5f:
c0:61:7e:38:b1:07:71:df:5e:c1:69:07:57:5a:18:
07:4c:54:18:a6:87:e9:31:45:05:ec:c9:d9:34:e9:
ea:38:6f:d1:b9:2e:88:77:70:06:82:b2:75:b6:4d:
3c:63:e9:4f:93:69:06:d9:ed:70:b0:95:12:b5:80:
ae:82:5d:72:cf:a3:f2:7d:f4:c9:91:ef:e0:8a:70:
17:fc:9a:68:43:f9:16:7e:87:81:f9:52:70:61:ff:
c1:16:3c:5c:06:e1:a7:ab:e5:fa:03:47:f9:85:b5:
44:66:d7:9f:d8:d5:20:04:fd:65:47:c4:56:1c:85:
cb:26:c2:55:0c:6b:8f:37:71:7d:d3:b9:01:d3:2e:
b5:cf:38:db:32:bf:68:83:ec:40:a1:b0:0b:01:2b:
12:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:28:82:F6:DA:FE:B0:63:2A:3B:19:2B:25:88:9B:15:63:D9:AB:CE
X509v3 Authority Key Identifier:
keyid:58:EC:14:97:61:A5:D8:4B:8C:49:E2:C9:93:6B:BB:74:80:33:FE:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/ciiC9tr-sGMqOxkrJYibFWPZq84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.0.0-194.180.5.255
Signature Algorithm: sha256WithRSAEncryption
9e:a3:c1:f5:5a:1b:17:3d:c2:8b:fe:63:3c:48:fc:a3:55:52:
7c:df:95:0a:8a:76:d9:0d:89:af:fc:b1:3b:e9:d0:b8:20:ba:
2f:68:66:c4:db:b4:4e:06:32:e6:27:a4:61:14:ce:d5:e3:fd:
52:fb:aa:04:61:98:4a:65:96:19:2d:b6:fa:27:79:e4:58:37:
d7:62:f8:73:ce:05:90:16:c2:a4:bb:56:e7:b4:91:f8:01:2f:
7a:74:c9:7e:76:a8:56:85:27:18:20:f8:03:49:e7:44:09:fc:
5b:7c:af:2b:16:fd:96:10:7d:d2:91:43:80:04:2b:72:37:15:
2f:b0:66:a7:7b:cd:69:61:3f:e0:4b:c0:66:71:02:02:50:81:
55:a8:77:2b:63:1c:08:a1:94:80:7d:e2:f9:a6:66:75:ab:46:
31:c0:f9:8e:25:f7:96:41:f4:e3:35:45:68:cb:51:4e:87:4c:
1e:3a:45:66:50:45:f8:26:4a:1e:fe:00:f0:07:cb:98:7a:ed:
4b:f7:b3:4d:0b:bc:66:d9:bc:44:f0:30:43:fd:55:98:bf:48:
c1:e6:26:bb:0f:9a:9a:7b:0f:bc:9a:b2:cf:06:79:dc:c5:47:
33:f6:6e:11:47:61:2d:4e:dc:c4:ea:6e:e5:bb:42:41:68:d2:
8e:7c:18:2d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzGt3ux5cA0dfJdCryK2WfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZWMxNDk3NjFhNWQ4NGI4YzQ5ZTJjOTkzNmJiYjc0ODAz
M2ZlNjYwHhcNMjQwMTAxMjAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjI4ODJmNmRhZmViMDYzMmEzYjE5MmIyNTg4OWIxNTYzZDlhYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHEwhhnVmEc6epaoMkTJgJ2X+s4W
DlJJ9a9dWDkZP1JDxh5ocMRoOoOIGy0PcWnZ9QNtsy1gaiPqmyxgCMFuj2Mkc5q2
zOVN9U2anHG0lP17TC7F6z0fS3FFlRFOCHdvGuz7+VDnk1/AYX44sQdx317BaQdX
WhgHTFQYpofpMUUF7MnZNOnqOG/RuS6Id3AGgrJ1tk08Y+lPk2kG2e1wsJUStYCu
gl1yz6PyffTJke/ginAX/JpoQ/kWfoeB+VJwYf/BFjxcBuGnq+X6A0f5hbVEZtef
2NUgBP1lR8RWHIXLJsJVDGuPN3F907kB0y61zzjbMr9og+xAobALASsSowIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFHIogvba/rBjKjsZKyWImxVj2avOMB8GA1UdIwQY
MBaAFFjsFJdhpdhLjEniyZNru3SAM/5mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV093VWwyR2wyRXVNU2VMSmsydTdkSUF6X21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iNGFkOWMtMGQwYi00YzNkLTg1MzMt
ZGJmNjJmYzViZWIwLzEvY2lpQzl0ci1zR01xT3hrckpZaWJGV1BacTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iNGFkOWMtMGQwYi00YzNkLTg1MzMtZGJmNjJmYzViZWIw
LzEvV093VWwyR2wyRXVNU2VMSmsydTdkSUF6X21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwLCtAME
AcK0BDANBgkqhkiG9w0BAQsFAAOCAQEAnqPB9VobFz3Ci/5jPEj8o1VSfN+VCop2
2Q2Jr/yxO+nQuCC6L2hmxNu0TgYy5iekYRTO1eP9UvuqBGGYSmWWGS22+id55Fg3
12L4c84FkBbCpLtW57SR+AEvenTJfnaoVoUnGCD4A0nnRAn8W3yvKxb9lhB90pFD
gAQrcjcVL7Bmp3vNaWE/4EvAZnECAlCBVah3K2McCKGUgH3i+aZmdatGMcD5jiX3
lkH04zVFaMtRTodMHjpFZlBF+CZKHv4A8AfLmHrtS/ezTQu8Ztm8RPAwQ/1VmL9I
weYmuw+amnsPvJqyzwZ53MVHM/ZuEUdhLU7cxOpu5btCQWjSjnwYLQ==
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:35:41 2024 by rpki-client on console-fra.rpki-client.org