Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cIi8SWWYGo53kmASfiUXUI6nQxo.roa
File: cIi8SWWYGo53kmASfiUXUI6nQxo.roa (raw, json)
Hash identifier: zhCmNjh0mEDiCNo9hCcvfi80tWT/ThevRLkZTI8txxk=
Subject key identifier: 70:88:BC:49:65:98:1A:8E:77:92:60:12:7E:25:17:50:8E:A7:43:1A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DB2D297F3AB4D56384280E098B6571AEA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cIi8SWWYGo53kmASfiUXUI6nQxo.roa
Signing time: Fri 16 Feb 2024 16:49:22 +0000
ROA not before: Fri 16 Feb 2024 16:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41798
IP address blocks: 193.124.93.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 17:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:d2:97:f3:ab:4d:56:38:42:80:e0:98:b6:57:1a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 16 16:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7088bc4965981a8e779260127e2517508ea7431a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:65:fa:5d:41:43:99:8e:4a:c8:e4:9a:91:60:
d4:44:09:f9:c1:a7:47:9a:a0:30:97:19:81:e6:43:
10:3a:9d:2d:18:7a:6a:7b:ba:1e:e0:bc:69:f9:bd:
ed:d9:e3:13:15:41:d4:98:7c:8b:dd:4c:54:f5:5c:
c5:0a:a9:b7:a4:03:ae:c3:4c:e3:ac:65:49:44:3f:
34:88:e1:58:9d:c5:bf:62:0a:95:82:2a:29:39:c9:
e6:e7:f0:3d:9c:dc:23:13:a3:4c:c1:10:71:c5:02:
13:6b:32:67:f1:d2:32:3c:cc:9a:af:b2:5b:9b:17:
98:39:13:77:96:b9:3e:07:3b:2b:02:ed:ca:4a:a7:
14:65:7f:fd:d0:0e:8e:b2:0d:2b:20:7d:c2:b8:7e:
e1:e6:53:21:08:ed:5a:b3:26:09:f5:26:16:88:73:
53:41:d5:28:32:b4:a8:0d:56:f1:a1:46:28:89:e5:
df:4f:d6:52:2f:61:29:08:8d:ea:61:8a:1d:a7:6a:
a3:f9:e2:8c:18:02:a7:98:ee:f5:b7:39:19:bc:4c:
f2:e7:12:a7:93:bf:45:4c:9e:bd:82:d9:6d:26:c7:
c5:57:0a:cd:36:55:b8:0b:44:1b:ef:71:04:da:a1:
d0:b7:bd:b2:77:04:eb:f1:ae:ac:74:c0:b3:4b:6d:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:88:BC:49:65:98:1A:8E:77:92:60:12:7E:25:17:50:8E:A7:43:1A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cIi8SWWYGo53kmASfiUXUI6nQxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.93.0/24
194.58.42.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a7:34:a9:2b:65:a4:37:a8:12:7c:ea:17:39:4c:11:1d:a8:
07:f8:e4:7a:a7:64:f1:36:94:a0:88:27:9f:c1:69:02:c8:f7:
4f:cc:56:56:f8:bc:5d:cb:ec:68:5e:c6:60:8d:f7:c4:ea:68:
5b:3f:c5:81:b6:bf:ea:c1:76:90:6b:8f:02:d6:b4:fd:d4:a6:
39:e0:6c:4c:64:9e:16:16:93:91:b6:72:a2:4f:ae:45:8f:9a:
86:a3:b6:04:57:ae:39:d7:26:10:0f:5a:92:b5:18:a7:8a:d0:
32:10:9b:fe:87:95:68:bf:13:2f:e3:63:9f:51:d3:78:06:1d:
fe:c9:f7:c4:d3:aa:8e:91:dd:c5:79:b8:60:ce:88:cc:e0:08:
a7:14:58:33:bb:b8:da:eb:26:38:a8:af:64:f0:49:dd:cf:2c:
46:65:4d:9a:98:0d:f4:02:41:24:73:d6:30:d6:aa:14:0d:61:
2c:44:f6:c5:52:73:98:de:bc:8d:31:c5:95:fb:7b:d7:53:55:
67:db:d3:04:7f:2d:6e:1b:de:4f:5a:8e:15:16:a9:4f:ee:11:
12:3d:1d:7e:75:d1:c2:77:86:8e:9a:91:25:c4:07:ad:ba:3f:
a8:85:86:e5:3a:9f:03:7f:de:4d:1b:0c:76:42:26:24:80:01:
51:6a:b7:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2y0pfzq01WOEKA4Ji2VxrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE2MTY0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg4YmM0OTY1OTgxYThlNzc5MjYwMTI3ZTI1MTc1MDhlYTc0MzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGX6XUFDmY5KyOSakWDURAn5wadH
mqAwlxmB5kMQOp0tGHpqe7oe4Lxp+b3t2eMTFUHUmHyL3UxU9VzFCqm3pAOuw0zj
rGVJRD80iOFYncW/YgqVgiopOcnm5/A9nNwjE6NMwRBxxQITazJn8dIyPMyar7Jb
mxeYORN3lrk+BzsrAu3KSqcUZX/90A6Osg0rIH3CuH7h5lMhCO1asyYJ9SYWiHNT
QdUoMrSoDVbxoUYoieXfT9ZSL2EpCI3qYYodp2qj+eKMGAKnmO71tzkZvEzy5xKn
k79FTJ69gtltJsfFVwrNNlW4C0Qb73EE2qHQt72ydwTr8a6sdMCzS20HlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCIvEllmBqOd5JgEn4lF1COp0MaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0lpOFNXV1lHbzUza21BU2ZpVVhVSTZuUXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXxdAwQA
wjoqMA0GCSqGSIb3DQEBCwUAA4IBAQBmpzSpK2WkN6gSfOoXOUwRHagH+OR6p2Tx
NpSgiCefwWkCyPdPzFZW+Lxdy+xoXsZgjffE6mhbP8WBtr/qwXaQa48C1rT91KY5
4GxMZJ4WFpORtnKiT65Fj5qGo7YEV6451yYQD1qStRinitAyEJv+h5VovxMv42Of
UdN4Bh3+yffE06qOkd3FebhgzojM4AinFFgzu7ja6yY4qK9k8EndzyxGZU2amA30
AkEkc9Yw1qoUDWEsRPbFUnOY3ryNMcWV+3vXU1Vn29MEfy1uG95PWo4VFqlP7hES
PR1+ddHCd4aOmpElxAetuj+ohYblOp8Df95NGwx2QiYkgAFRarce
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:01:41 2024 by rpki-client on console-ams.rpki-client.org