Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/wSIVfWHR9HqfiMkRrn8LqVptC9U.roa
File: wSIVfWHR9HqfiMkRrn8LqVptC9U.roa (raw, json)
Hash identifier: bJG+vTINq+Y6SpGiLVZNpKx/Y6bPlxrOHFw2w2roZjI=
Subject key identifier: C1:22:15:7D:61:D1:F4:7A:9F:88:C9:11:AE:7F:0B:A9:5A:6D:0B:D5
Certificate issuer: /CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Certificate serial: 018CC348D108CFF6B8C5FB08F5FE36CB6E7C
Authority key identifier: 78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/wSIVfWHR9HqfiMkRrn8LqVptC9U.roa
Signing time: Mon 01 Jan 2024 04:29:38 +0000
ROA not before: Mon 01 Jan 2024 04:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197709
IP address blocks: 185.238.60.0/24 maxlen: 24
91.242.231.0/24 maxlen: 24
192.162.144.0/22 maxlen: 22
193.227.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.mft
rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d1:08:cf:f6:b8:c5:fb:08:f5:fe:36:cb:6e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Validity
Not Before: Jan 1 04:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c122157d61d1f47a9f88c911ae7f0ba95a6d0bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b7:1a:ad:d0:a0:21:95:d9:fd:ab:b9:31:40:
f1:f6:2c:27:0f:ce:d6:53:f5:6f:20:95:40:f0:2d:
3c:a8:d0:1e:59:81:a9:4d:2c:06:e8:d2:1d:fd:a2:
c1:da:33:ac:9e:4d:83:fa:13:92:71:65:41:f9:33:
ad:cd:7a:f5:43:2f:f2:6b:26:de:30:2a:fb:c6:06:
14:f1:3d:a1:22:ff:25:8d:2c:7e:44:cc:62:0f:3d:
3a:21:fe:f5:e7:24:25:01:0b:70:f5:51:32:b5:88:
af:ce:a4:bd:c0:25:49:a5:2d:59:32:c8:ec:08:7d:
9a:b8:b6:be:d5:e2:02:d6:6f:cc:d8:8e:d3:5b:b5:
fe:ec:c7:c9:c1:27:2f:11:ce:80:df:4b:39:d2:32:
af:83:48:9b:c5:90:a9:a6:93:9e:45:82:31:ac:fc:
56:60:8a:2d:9e:1f:c2:15:15:76:88:fe:68:2d:b6:
0b:90:d7:5a:74:26:f4:ac:91:42:29:75:ee:97:2c:
d1:df:bf:10:31:a7:96:83:73:37:95:37:cf:d6:eb:
19:95:1c:47:e5:0d:09:25:92:f7:62:87:76:fa:b5:
f4:75:24:6d:5f:59:31:11:b7:9c:5b:e0:07:2d:8d:
64:60:de:b0:aa:7c:78:b5:29:2f:63:17:32:a7:c6:
05:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:22:15:7D:61:D1:F4:7A:9F:88:C9:11:AE:7F:0B:A9:5A:6D:0B:D5
X509v3 Authority Key Identifier:
keyid:78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/wSIVfWHR9HqfiMkRrn8LqVptC9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.231.0/24
185.238.60.0/24
192.162.144.0/22
193.227.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b3:c7:1b:0e:c6:21:a9:ee:4f:93:df:dc:52:e5:0f:97:cf:
43:8a:61:47:a2:82:99:1e:8e:40:03:d6:f7:07:00:ca:f0:57:
6d:a2:aa:26:d3:f8:aa:9d:9f:1a:63:29:01:f9:0e:1b:c5:18:
31:c8:a6:ca:93:ff:c4:32:26:eb:eb:31:4b:12:81:ec:16:ff:
83:1a:5d:d1:b5:70:82:38:dd:b0:8f:0e:9f:8d:34:f7:37:07:
8a:d6:d1:29:ba:50:44:8a:cf:5b:d4:ce:94:e0:82:1d:d2:db:
91:1e:22:d6:56:80:14:8c:a9:fc:a4:ed:92:13:10:14:56:5b:
3a:51:8e:03:05:f1:5b:2a:0b:2c:83:47:d5:f5:af:94:35:72:
ae:0d:af:35:88:19:18:b5:a0:1c:83:b2:4f:28:96:e0:7a:ca:
23:a8:ff:59:b7:87:d8:28:1a:3a:b2:5a:5b:38:fc:a2:6c:d1:
3f:bc:c5:3d:74:64:da:56:a3:a7:f9:03:40:39:e9:0e:41:e9:
1d:fb:c8:89:71:e7:d7:63:99:7d:1b:58:e7:3f:c8:40:64:8d:
08:6a:7a:de:18:e3:6e:e6:21:68:e5:5a:6a:17:57:48:7e:2b:
10:1f:97:34:c8:08:41:03:76:12:f2:9d:4b:a1:67:86:d3:25:
ef:21:83:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSNEIz/a4xfsI9f42y258MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGY1YjIxMGYzYzNlYjQyMDY1OTYwZTg1ZDA2MWU5ZDlk
NjNhYjgwHhcNMjQwMTAxMDQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTIyMTU3ZDYxZDFmNDdhOWY4OGM5MTFhZTdmMGJhOTVhNmQwYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbcardCgIZXZ/au5MUDx9iwnD87W
U/VvIJVA8C08qNAeWYGpTSwG6NId/aLB2jOsnk2D+hOScWVB+TOtzXr1Qy/yaybe
MCr7xgYU8T2hIv8ljSx+RMxiDz06If715yQlAQtw9VEytYivzqS9wCVJpS1ZMsjs
CH2auLa+1eIC1m/M2I7TW7X+7MfJwScvEc6A30s50jKvg0ibxZCpppOeRYIxrPxW
YIotnh/CFRV2iP5oLbYLkNdadCb0rJFCKXXulyzR378QMaeWg3M3lTfP1usZlRxH
5Q0JJZL3Yod2+rX0dSRtX1kxEbecW+AHLY1kYN6wqnx4tSkvYxcyp8YFaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMEiFX1h0fR6n4jJEa5/C6labQvVMB8GA1UdIwQY
MBaAFHiPWyEPPD60IGWWDoXQYenZ1jq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmIt
YzRhY2I4OTY5YzQ5LzEvd1NJVmZXSFI5SHFmaU1rUnJuOExxVnB0QzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmItYzRhY2I4OTY5YzQ5
LzEvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW/LnAwQA
ue48AwQCwKKQAwQAweNwMA0GCSqGSIb3DQEBCwUAA4IBAQBOs8cbDsYhqe5Pk9/c
UuUPl89DimFHooKZHo5AA9b3BwDK8Fdtoqom0/iqnZ8aYykB+Q4bxRgxyKbKk//E
Mibr6zFLEoHsFv+DGl3RtXCCON2wjw6fjTT3NweK1tEpulBEis9b1M6U4IId0tuR
HiLWVoAUjKn8pO2SExAUVls6UY4DBfFbKgssg0fV9a+UNXKuDa81iBkYtaAcg7JP
KJbgesojqP9Zt4fYKBo6slpbOPyibNE/vMU9dGTaVqOn+QNAOekOQekd+8iJcefX
Y5l9G1jnP8hAZI0IanreGONu5iFo5VpqF1dIfisQH5c0yAhBA3YS8p1LoWeG0yXv
IYN9
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:04:37 2024 by rpki-client on console-fra.rpki-client.org