Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CpMWErKBVL1WLEFi55nAiyjbOEI.roa
File: CpMWErKBVL1WLEFi55nAiyjbOEI.roa (raw, json)
Hash identifier: NeZBg7S2FVWDkbTryVNk3UUZDTMk3DidB57debf7MNI=
Subject key identifier: 0A:93:16:12:B2:81:54:BD:56:2C:41:62:E7:99:C0:8B:28:DB:38:42
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD045226E2366896D1400216F04BF7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CpMWErKBVL1WLEFi55nAiyjbOEI.roa
Signing time: Tue 02 Jan 2024 06:29:36 +0000
ROA not before: Tue 02 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204281
IP address blocks: 91.92.162.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:04:52:26:e2:36:68:96:d1:40:02:16:f0:4b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a931612b28154bd562c4162e799c08b28db3842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:df:52:60:6b:69:78:95:c5:69:ae:6a:53:be:
5b:ac:96:c8:5b:28:50:3a:e6:69:63:bb:e5:c2:d8:
f5:33:4b:35:58:28:37:36:7a:9a:42:77:aa:b6:31:
2f:14:95:73:4e:bb:24:d7:cb:a8:12:2a:85:a6:9c:
2c:12:4a:bc:d4:e2:53:b0:fe:8d:b9:79:e6:03:6b:
92:22:ef:be:c1:5b:72:55:6c:87:3c:23:a6:3b:c1:
a1:cd:ea:3b:fb:83:d2:13:18:29:97:3c:4f:e5:7b:
ba:f9:85:15:da:f9:e7:12:41:7a:16:37:7b:e3:0a:
b1:60:94:96:da:4c:99:a3:b8:6e:c6:5b:b3:a5:13:
99:24:60:57:d2:a4:26:8f:ef:41:ec:ed:cc:1b:90:
b4:66:ee:c7:a3:70:40:6c:6e:fa:29:e8:fc:97:57:
31:16:16:f0:b1:e0:0b:c4:ab:81:c4:69:f0:0e:90:
98:84:6f:5a:62:fd:67:73:bb:37:00:d4:b8:ce:4a:
5c:f5:7c:cf:01:e7:b1:20:31:c9:82:dd:ee:3a:b8:
04:01:fa:e6:86:91:28:8f:85:69:5e:4c:5b:50:9a:
df:3a:50:c6:10:aa:3f:ea:11:65:d4:9c:42:5c:83:
93:85:e7:b5:01:ad:11:0f:54:4f:25:25:f5:c7:85:
a7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:93:16:12:B2:81:54:BD:56:2C:41:62:E7:99:C0:8B:28:DB:38:42
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CpMWErKBVL1WLEFi55nAiyjbOEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.162.0/23
Signature Algorithm: sha256WithRSAEncryption
46:1f:f1:1e:cb:12:9a:78:bd:34:a4:f5:aa:61:2b:3d:64:34:
91:fd:47:b0:c6:d6:c4:23:b0:b5:78:64:b6:17:d9:1d:f9:9f:
4e:9e:86:52:63:11:71:d1:b2:5b:6b:b3:9a:0f:75:d3:c7:a5:
8e:94:71:6e:be:82:11:4a:52:8a:07:db:74:9b:a5:21:df:2b:
f6:b3:93:30:8b:dd:99:90:2b:b6:7f:0a:32:f8:77:3b:01:0d:
33:0f:ca:02:c7:4f:9d:a4:4b:9b:ba:4c:25:13:a3:ee:a5:8a:
bb:df:ad:6e:7b:41:57:40:b6:5e:bc:10:e9:47:c7:97:89:9e:
c5:3a:c5:29:35:73:b0:fa:9f:48:e5:d6:28:06:98:22:39:72:
a0:f4:92:b1:b6:2f:d9:8e:d0:b2:19:0c:56:cb:1a:7f:79:4b:
73:eb:d1:7b:0c:a5:a9:35:6d:a3:ff:75:e9:14:bb:c4:8d:6c:
a3:41:bd:f6:36:62:ad:96:2c:1a:db:62:cf:3f:60:52:93:6d:
b0:bd:92:10:c4:0f:80:b5:79:52:2c:1b:53:4c:8b:49:82:b5:
30:21:99:4a:ae:52:76:2e:69:66:36:b2:2b:86:d8:64:06:f6:
ca:33:f0:c4:9d:fc:78:74:38:f9:f6:e0:23:04:01:5d:82:c9:
9d:e3:9e:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QRSJuI2aJbRQAIW8Ev3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkzMTYxMmIyODE1NGJkNTYyYzQxNjJlNzk5YzA4YjI4ZGIzODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzN9SYGtpeJXFaa5qU75brJbIWyhQ
OuZpY7vlwtj1M0s1WCg3NnqaQneqtjEvFJVzTrsk18uoEiqFppwsEkq81OJTsP6N
uXnmA2uSIu++wVtyVWyHPCOmO8Ghzeo7+4PSExgplzxP5Xu6+YUV2vnnEkF6Fjd7
4wqxYJSW2kyZo7huxluzpROZJGBX0qQmj+9B7O3MG5C0Zu7Ho3BAbG76Kej8l1cx
FhbwseALxKuBxGnwDpCYhG9aYv1nc7s3ANS4zkpc9XzPAeexIDHJgt3uOrgEAfrm
hpEoj4VpXkxbUJrfOlDGEKo/6hFl1JxCXIOThee1Aa0RD1RPJSX1x4WnWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqTFhKygVS9VixBYueZwIso2zhCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ3BNV0VyS0JWTDFXTEVGaTU1bkFpeWpiT0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW1yiMA0G
CSqGSIb3DQEBCwUAA4IBAQBGH/EeyxKaeL00pPWqYSs9ZDSR/UewxtbEI7C1eGS2
F9kd+Z9OnoZSYxFx0bJba7OaD3XTx6WOlHFuvoIRSlKKB9t0m6Uh3yv2s5Mwi92Z
kCu2fwoy+Hc7AQ0zD8oCx0+dpEubukwlE6PupYq7361ue0FXQLZevBDpR8eXiZ7F
OsUpNXOw+p9I5dYoBpgiOXKg9JKxti/ZjtCyGQxWyxp/eUtz69F7DKWpNW2j/3Xp
FLvEjWyjQb32NmKtliwa22LPP2BSk22wvZIQxA+AtXlSLBtTTItJgrUwIZlKrlJ2
LmlmNrIrhthkBvbKM/DEnfx4dDj59uAjBAFdgsmd4546
-----END CERTIFICATE-----
Generated at Sun Apr 28 14:36:13 2024 by rpki-client on console-ams.rpki-client.org