Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/CH0SmvefiK3fAGjdkkrvuu3CS3w.roa
File: CH0SmvefiK3fAGjdkkrvuu3CS3w.roa (raw, json)
Hash identifier: oRTDDr1fOHy7NfzjY+FoIB9ryuDpcY9GK1LELjaCSbM=
Subject key identifier: 08:7D:12:9A:F7:9F:88:AD:DF:00:68:DD:92:4A:EF:BA:ED:C2:4B:7C
Certificate issuer: /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial: 018CC500535054D40F25FE0824A004D7A12D
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/CH0SmvefiK3fAGjdkkrvuu3CS3w.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 89.35.57.0/24 maxlen: 24
185.122.223.0/24 maxlen: 24
89.42.31.0/24 maxlen: 24
93.119.178.0/24 maxlen: 24
93.119.179.0/24 maxlen: 24
93.119.180.0/24 maxlen: 24
93.119.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 15:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:53:50:54:d4:0f:25:fe:08:24:a0:04:d7:a1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=087d129af79f88addf0068dd924aefbaedc24b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8a:20:40:0a:eb:e4:be:80:10:34:05:c5:d2:
5a:2d:f6:51:91:2b:2c:9c:e5:23:fe:cb:04:44:c1:
c7:0e:61:10:56:ed:58:ed:8a:28:4e:84:3b:72:b1:
78:b7:46:a6:82:2a:0a:3b:a2:8c:20:03:a1:d3:5b:
92:11:17:d6:08:d1:8e:74:81:35:1a:e6:4c:6a:de:
cc:8e:23:eb:5f:2a:09:61:e4:fd:1a:45:e9:29:9c:
2b:94:f8:30:5a:f8:88:a9:7e:f6:32:9b:d7:ce:28:
62:9f:15:ba:f9:2a:57:0d:34:12:7b:74:46:07:90:
dc:ee:f1:b1:f5:f9:15:f7:28:9c:46:01:60:1c:2d:
a6:87:72:f1:0c:5c:0f:e0:c4:85:eb:4f:ed:c0:7b:
9c:d5:46:3f:1d:7a:1e:fb:c8:a0:1c:1b:24:fe:4f:
1e:56:f3:b0:ee:b0:38:1b:05:9a:24:7a:c9:86:70:
33:dc:be:bd:1a:fa:af:21:55:3a:02:bd:d1:16:c3:
02:85:13:d7:08:bc:e0:c8:28:22:91:21:5e:5c:78:
b0:6b:dd:ef:0e:43:7e:46:c9:bd:af:ed:d7:bb:88:
37:f0:5f:6f:b7:9d:8c:38:5c:ba:04:55:9e:69:60:
f1:b1:d2:f7:f6:84:15:07:c1:62:a2:01:a7:33:df:
5d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7D:12:9A:F7:9F:88:AD:DF:00:68:DD:92:4A:EF:BA:ED:C2:4B:7C
X509v3 Authority Key Identifier:
keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/CH0SmvefiK3fAGjdkkrvuu3CS3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.57.0/24
89.42.31.0/24
93.119.178.0-93.119.181.255
185.122.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:b2:c2:1c:d6:60:de:41:68:bc:fd:31:fc:c9:88:21:ec:f6:
cd:60:db:82:2c:89:99:bb:3f:f2:66:37:ac:88:61:d3:0e:cb:
0c:7e:3e:ae:0c:7d:f3:5b:b3:42:c5:b8:bb:61:28:c8:66:4d:
72:33:55:55:18:bc:7f:9f:11:bf:ca:b6:31:2c:ed:19:15:76:
67:bc:fc:da:92:ce:d9:e5:d6:c3:e3:0e:af:c7:9b:60:b3:36:
8d:89:16:bd:9f:93:46:a6:0e:27:fe:aa:bf:77:21:fc:2b:b3:
9b:04:d5:7a:54:3f:a1:14:cd:4a:54:59:eb:a7:91:18:f8:75:
cb:41:37:75:b0:0a:aa:c0:cf:3f:07:1e:64:ec:a4:57:3b:30:
5e:90:dc:cb:c4:29:19:a8:cc:49:b6:07:07:c9:47:62:fe:d2:
41:c5:84:6d:f0:28:81:36:b4:af:43:4e:da:8c:6e:47:58:fc:
d0:0e:c0:bf:4d:26:02:f1:6d:59:f6:ab:23:20:2e:51:f0:9a:
10:75:78:80:4d:ba:ce:9d:94:26:7a:73:14:f1:fe:e6:36:0b:
64:a8:0a:78:54:d5:bd:4b:06:ed:e6:51:a0:17:f3:64:7e:ab:
11:3c:bf:a9:be:c3:ae:ce:cf:e6:19:2c:de:07:6f:1d:b1:1e:
34:04:43:c4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFAFNQVNQPJf4IJKAE16EtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzA1OTFlMmViNDlkMDU1OWU2ZmNlN2VlMmFhODFmMGY1
OWJhNmYwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdkMTI5YWY3OWY4OGFkZGYwMDY4ZGQ5MjRhZWZiYWVkYzI0YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioogQArr5L6AEDQFxdJaLfZRkSss
nOUj/ssERMHHDmEQVu1Y7YooToQ7crF4t0amgioKO6KMIAOh01uSERfWCNGOdIE1
GuZMat7MjiPrXyoJYeT9GkXpKZwrlPgwWviIqX72MpvXzihinxW6+SpXDTQSe3RG
B5Dc7vGx9fkV9yicRgFgHC2mh3LxDFwP4MSF60/twHuc1UY/HXoe+8igHBsk/k8e
VvOw7rA4GwWaJHrJhnAz3L69GvqvIVU6Ar3RFsMChRPXCLzgyCgikSFeXHiwa93v
DkN+Rsm9r+3Xu4g38F9vt52MOFy6BFWeaWDxsdL39oQVB8FiogGnM99d3wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAh9Epr3n4it3wBo3ZJK77rtwkt8MB8GA1UdIwQY
MBaAFMPAWR4utJ0FWeb85+4qqB8PWbpvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQt
ZTM0MDcxNzQ2NjNiLzEvQ0gwU212ZWZpSzNmQUdqZGtrcnZ1dTNDUzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQtZTM0MDcxNzQ2NjNi
LzEvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWSM5AwQA
WSofMAwDBAFdd7IDBAFdd7QDBAC5et8wDQYJKoZIhvcNAQELBQADggEBAKSywhzW
YN5BaLz9MfzJiCHs9s1g24IsiZm7P/JmN6yIYdMOywx+Pq4MffNbs0LFuLthKMhm
TXIzVVUYvH+fEb/KtjEs7RkVdme8/NqSztnl1sPjDq/Hm2CzNo2JFr2fk0amDif+
qr93Ifwrs5sE1XpUP6EUzUpUWeunkRj4dctBN3WwCqrAzz8HHmTspFc7MF6Q3MvE
KRmozEm2BwfJR2L+0kHFhG3wKIE2tK9DTtqMbkdY/NAOwL9NJgLxbVn2qyMgLlHw
mhB1eIBNus6dlCZ6cxTx/uY2C2SoCnhU1b1LBu3mUaAX82R+qxE8v6m+w67Oz+YZ
LN4Hbx2xHjQEQ8Q=
-----END CERTIFICATE-----
Generated at Sat Apr 27 21:49:25 2024 by rpki-client on console-ams.rpki-client.org