Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/D-N5CfpAgVDC9VThRYM8jTy-kmc.roa
File: D-N5CfpAgVDC9VThRYM8jTy-kmc.roa (raw, json)
Hash identifier: yWgt5ucJhEtBTRQH1bhROxkcX6B9q6euBa4hPk31cvo=
Subject key identifier: 0F:E3:79:09:FA:40:81:50:C2:F5:54:E1:45:83:3C:8D:3C:BE:92:67
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B6B65E420B22400E305E84616F73F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/D-N5CfpAgVDC9VThRYM8jTy-kmc.roa
Signing time: Tue 02 Jan 2024 12:34:52 +0000
ROA not before: Tue 02 Jan 2024 12:34:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399114
IP address blocks: 193.22.157.0/24 maxlen: 32
193.22.158.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:6b:65:e4:20:b2:24:00:e3:05:e8:46:16:f7:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fe37909fa408150c2f554e145833c8d3cbe9267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8f:25:dc:03:82:e3:30:00:fe:30:0d:cb:c3:
a6:95:06:d6:e9:dd:da:ad:dc:41:7a:00:f6:e7:a6:
f4:18:2d:f0:d4:4e:41:d7:55:92:df:20:53:16:13:
df:3d:78:c4:12:65:e9:6d:76:2c:73:b5:ac:02:d1:
40:92:85:65:7f:03:70:66:86:d0:5a:27:bd:a3:78:
d0:6f:ff:85:58:b0:c6:8b:88:7b:e3:49:f1:ee:3d:
48:88:92:ab:32:bd:b6:3a:b0:e2:f1:80:4b:69:1b:
aa:d2:ea:96:8d:45:60:21:23:98:31:55:3c:10:56:
b6:68:8b:5e:42:64:cb:26:0a:cc:f4:e6:3c:c5:b5:
02:1f:cf:15:00:8d:5a:f5:52:0b:38:83:15:f6:34:
9a:37:84:78:8b:04:cd:c2:54:3e:7f:ce:85:10:30:
e9:e4:48:df:42:62:96:45:89:72:e7:23:9a:d0:b6:
be:d4:27:11:cd:ab:b5:2f:b2:ab:d7:f6:38:ea:b0:
1f:f7:4e:5f:bf:05:4e:aa:43:1b:b1:62:5d:1e:b4:
d9:93:93:4c:8e:10:cc:03:a0:c7:55:57:98:5c:3f:
d5:5f:3d:78:23:9d:70:53:db:b8:45:66:05:21:d5:
55:47:5c:3a:71:02:9a:81:92:98:79:6b:16:cb:6a:
55:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E3:79:09:FA:40:81:50:C2:F5:54:E1:45:83:3C:8D:3C:BE:92:67
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/D-N5CfpAgVDC9VThRYM8jTy-kmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.157.0-193.22.158.255
Signature Algorithm: sha256WithRSAEncryption
39:78:f1:71:6f:5e:49:dd:e4:cd:f0:bc:28:a0:83:eb:9f:5b:
e7:f4:cd:81:41:f0:2a:fd:66:01:22:2f:a0:39:4b:45:ee:cb:
a0:bd:6c:89:6d:55:fa:87:f7:33:95:c5:57:ca:28:e9:4d:e9:
2f:c5:47:51:40:36:4e:8c:8d:72:b4:59:8f:cb:c7:3e:59:01:
6a:4d:fc:dc:3e:d3:4d:85:19:d1:46:7b:95:96:78:20:54:69:
59:4c:f1:e0:1e:93:c8:78:dc:a1:0d:84:32:a9:3a:6a:00:11:
6f:dc:bd:ec:df:41:a3:17:c4:bd:d9:90:a5:cd:07:08:aa:7e:
81:a0:b4:1d:51:d1:be:fa:e2:b1:65:d3:df:b9:1b:3a:f9:6e:
b1:61:90:49:9e:7c:8e:e4:e9:24:86:1a:e8:47:34:93:dd:b4:
5e:ff:01:da:73:9e:18:67:d0:b0:8e:a9:65:cd:d8:d7:8b:0e:
4c:bf:ed:e8:94:ed:c3:1b:b2:d5:8b:71:c9:92:46:63:7e:d0:
08:7b:b1:23:54:1b:bf:75:2d:d0:c0:ee:79:43:e6:45:34:11:
f4:9b:a1:96:c5:3d:27:55:19:43:15:04:a6:a6:c7:fc:65:4e:
e2:e0:22:e2:66:b7:d4:49:77:4c:03:cf:d0:22:43:43:b5:ec:
4e:e0:6a:a6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKK2tl5CCyJADjBehGFvc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmUzNzkwOWZhNDA4MTUwYzJmNTU0ZTE0NTgzM2M4ZDNjYmU5MjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI8l3AOC4zAA/jANy8OmlQbW6d3a
rdxBegD256b0GC3w1E5B11WS3yBTFhPfPXjEEmXpbXYsc7WsAtFAkoVlfwNwZobQ
Wie9o3jQb/+FWLDGi4h740nx7j1IiJKrMr22OrDi8YBLaRuq0uqWjUVgISOYMVU8
EFa2aIteQmTLJgrM9OY8xbUCH88VAI1a9VILOIMV9jSaN4R4iwTNwlQ+f86FEDDp
5EjfQmKWRYly5yOa0La+1CcRzau1L7Kr1/Y46rAf905fvwVOqkMbsWJdHrTZk5NM
jhDMA6DHVVeYXD/VXz14I51wU9u4RWYFIdVVR1w6cQKagZKYeWsWy2pVOQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA/jeQn6QIFQwvVU4UWDPI08vpJnMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvRC1ONUNmcEFnVkRDOVZUaFJZTThqVHkta21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBFp0D
BADBFp4wDQYJKoZIhvcNAQELBQADggEBADl48XFvXknd5M3wvCigg+ufW+f0zYFB
8Cr9ZgEiL6A5S0Xuy6C9bIltVfqH9zOVxVfKKOlN6S/FR1FANk6MjXK0WY/Lxz5Z
AWpN/Nw+002FGdFGe5WWeCBUaVlM8eAek8h43KENhDKpOmoAEW/cvezfQaMXxL3Z
kKXNBwiqfoGgtB1R0b764rFl09+5Gzr5brFhkEmefI7k6SSGGuhHNJPdtF7/Adpz
nhhn0LCOqWXN2NeLDky/7eiU7cMbstWLccmSRmN+0Ah7sSNUG791LdDA7nlD5kU0
EfSboZbFPSdVGUMVBKamx/xlTuLgIuJmt9RJd0wDz9AiQ0O17E7gaqY=
-----END CERTIFICATE-----
Generated at Sun Apr 28 04:23:24 2024 by rpki-client on console-ams.rpki-client.org