Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/rJ9WMUZX_1DDTPHYfppjTthZhj4.roa
File: rJ9WMUZX_1DDTPHYfppjTthZhj4.roa (raw, json)
Hash identifier: qW6osaQ8QgPgfWJiLc8B2j7NXZuF70jexQ+nLK+M+Uo=
Subject key identifier: AC:9F:56:31:46:57:FF:50:C3:4C:F1:D8:7E:9A:63:4E:D8:59:86:3E
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649D92BD3AEC619EB7A7D581312A424
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/rJ9WMUZX_1DDTPHYfppjTthZhj4.roa
Signing time: Mon 01 Jan 2024 18:29:37 +0000
ROA not before: Mon 01 Jan 2024 18:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41782
IP address blocks: 85.196.169.0/24 maxlen: 24
85.196.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 06:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:d9:2b:d3:ae:c6:19:eb:7a:7d:58:13:12:a4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac9f56314657ff50c34cf1d87e9a634ed859863e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ef:57:1b:2a:fd:e9:04:bd:c2:d8:78:8c:e1:
0d:2b:25:eb:d3:ac:2e:49:71:13:d0:49:cb:5c:1d:
0f:9f:6e:f8:7a:15:f6:cd:81:03:94:7b:d1:05:49:
73:ac:58:7a:40:dd:d7:ed:96:3d:c3:f5:a5:af:29:
b6:9f:9c:85:da:8f:8a:e4:fb:94:5f:08:c4:b2:f0:
4c:bc:17:53:e7:a6:5a:44:fc:8a:22:2e:b3:3b:dc:
16:78:7a:d6:3d:c9:90:d7:0f:81:fa:92:ec:1d:eb:
1c:5a:8a:c9:fe:7c:ee:9c:4c:8b:6b:c3:99:fe:d7:
24:30:1a:49:2d:ee:ed:d5:fb:13:18:04:7e:a9:f6:
ae:d3:8b:7a:a7:99:db:24:ed:5a:c1:e6:0e:40:75:
ba:b4:a3:37:0c:c1:8f:62:eb:33:0d:43:5d:df:fc:
80:2f:f4:03:c8:eb:4c:e3:bf:a2:f0:46:33:0d:be:
a3:97:f0:4b:03:75:2b:5e:81:ca:45:79:52:03:e6:
b3:f5:d5:93:80:fe:2b:12:f4:c2:d6:2a:31:46:e7:
f7:b5:74:3f:df:06:a8:dd:8b:91:36:16:de:98:fa:
14:ab:90:41:e5:0c:f7:32:ce:43:95:b4:08:e7:9a:
8d:73:d3:80:e6:be:1a:cd:8f:0f:da:78:30:3e:69:
27:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9F:56:31:46:57:FF:50:C3:4C:F1:D8:7E:9A:63:4E:D8:59:86:3E
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/rJ9WMUZX_1DDTPHYfppjTthZhj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.196.168.0/23
Signature Algorithm: sha256WithRSAEncryption
47:86:93:07:a8:17:6f:3f:20:4c:41:2b:bc:43:1a:51:17:12:
2a:08:44:cb:d3:42:ee:a6:f6:96:f9:dc:6e:d9:bf:3d:37:43:
85:00:94:3c:16:e2:66:72:e2:44:f0:28:fd:74:96:69:74:d0:
ea:2e:2e:34:5d:2b:b2:3c:b2:0d:82:92:30:90:6a:c3:ad:33:
7a:01:9a:fd:39:a8:2d:c7:92:dc:41:15:61:12:a2:d5:0b:a2:
08:f9:51:26:a5:1d:81:c7:4f:27:ca:0e:af:6f:40:4a:a0:b9:
41:f2:17:89:10:47:4a:5a:7b:18:2d:3d:2e:78:8b:a0:5c:1e:
b3:1f:cb:00:6c:81:9d:4e:c0:34:75:e1:6e:24:2b:98:70:7a:
08:57:bc:42:b0:4a:a5:b8:60:82:13:cc:bf:a4:c4:c0:da:a9:
ac:78:d2:63:5f:15:be:64:3f:6f:26:02:1e:69:c5:9b:a6:b9:
7a:fe:23:af:16:ec:9d:42:10:3f:a8:30:b8:16:d1:be:b6:c1:
92:6f:ec:ae:7d:05:57:23:e2:da:7c:ea:12:89:c4:1f:47:f4:
81:2e:9d:d0:d3:36:e9:b8:d6:f4:9c:4c:4f:1a:19:39:41:ff:
af:8d:53:30:4b:a7:fc:7d:d3:20:2b:37:8e:c2:26:f8:76:5a:
b1:80:c5:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSdkr067GGet6fVgTEqQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlmNTYzMTQ2NTdmZjUwYzM0Y2YxZDg3ZTlhNjM0ZWQ4NTk4NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+9XGyr96QS9wth4jOENKyXr06wu
SXET0EnLXB0Pn274ehX2zYEDlHvRBUlzrFh6QN3X7ZY9w/Wlrym2n5yF2o+K5PuU
XwjEsvBMvBdT56ZaRPyKIi6zO9wWeHrWPcmQ1w+B+pLsHescWorJ/nzunEyLa8OZ
/tckMBpJLe7t1fsTGAR+qfau04t6p5nbJO1aweYOQHW6tKM3DMGPYuszDUNd3/yA
L/QDyOtM47+i8EYzDb6jl/BLA3UrXoHKRXlSA+az9dWTgP4rEvTC1ioxRuf3tXQ/
3wao3YuRNhbemPoUq5BB5Qz3Ms5DlbQI55qNc9OA5r4azY8P2ngwPmkn6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyfVjFGV/9Qw0zx2H6aY07YWYY+MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvcko5V01VWlhfMUREVFBIWWZwcGpUdGhaaGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVcSoMA0G
CSqGSIb3DQEBCwUAA4IBAQBHhpMHqBdvPyBMQSu8QxpRFxIqCETL00LupvaW+dxu
2b89N0OFAJQ8FuJmcuJE8Cj9dJZpdNDqLi40XSuyPLINgpIwkGrDrTN6AZr9Oagt
x5LcQRVhEqLVC6II+VEmpR2Bx08nyg6vb0BKoLlB8heJEEdKWnsYLT0ueIugXB6z
H8sAbIGdTsA0deFuJCuYcHoIV7xCsEqluGCCE8y/pMTA2qmseNJjXxW+ZD9vJgIe
acWbprl6/iOvFuydQhA/qDC4FtG+tsGSb+yufQVXI+LafOoSicQfR/SBLp3Q0zbp
uNb0nExPGhk5Qf+vjVMwS6f8fdMgKzeOwib4dlqxgMVI
-----END CERTIFICATE-----
Generated at Mon May 6 15:22:55 2024 by rpki-client on console-ams.rpki-client.org