Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dCTpHBxevqQ7HnzYpcc71AwUq14.roa
File: dCTpHBxevqQ7HnzYpcc71AwUq14.roa (raw, json)
Hash identifier: e+pmbcXRxfcX57N8KQ152CC9GsJX0yyGD5Q+jQv8Tck=
Subject key identifier: 74:24:E9:1C:1C:5E:BE:A4:3B:1E:7C:D8:A5:C7:3B:D4:0C:14:AB:5E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019302763613867A2BF88DC60CB4E30ED791
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dCTpHBxevqQ7HnzYpcc71AwUq14.roa
Signing time: Wed 06 Nov 2024 17:12:01 +0000
ROA not before: Wed 06 Nov 2024 17:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215242
IP address blocks: 2.56.111.0/24 maxlen: 24
45.9.28.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:76:36:13:86:7a:2b:f8:8d:c6:0c:b4:e3:0e:d7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 6 17:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7424e91c1c5ebea43b1e7cd8a5c73bd40c14ab5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8d:5e:33:5a:9c:b0:50:19:92:ef:b1:13:79:
6a:41:df:bf:ac:89:50:70:d3:3a:97:87:80:ee:ef:
1d:d8:67:58:73:2c:a3:cd:a9:9a:2f:5b:d2:4f:be:
f7:30:02:3a:94:0c:ec:17:b4:46:d8:d1:14:f7:a2:
32:0f:12:26:2d:81:c3:c7:14:16:ac:8f:15:12:f0:
ca:cb:55:d8:ae:c5:45:0d:4b:4e:be:43:3b:f6:63:
45:f1:06:e2:46:3f:30:2a:cd:22:9f:2f:6a:cf:ae:
f5:ef:32:b2:5b:d6:b2:0c:b2:79:6f:bf:82:9a:3f:
5b:05:1c:2e:23:93:ab:00:c1:a1:13:f1:e5:aa:8c:
97:11:7d:75:99:a8:05:28:68:b7:03:99:0b:2f:b1:
ed:f8:74:17:80:3b:7e:9b:1b:21:51:2c:5b:c3:ac:
fb:99:50:07:3e:4d:eb:ff:db:b7:42:de:24:d3:f7:
be:52:73:e0:db:a1:bc:3a:64:bb:95:e9:63:1c:4d:
18:51:82:11:ca:88:cd:50:78:85:9e:a3:ee:5f:90:
9b:0e:f2:55:88:62:e2:99:d6:00:0b:bf:40:90:56:
d4:88:9c:de:60:47:4e:5f:70:a7:67:57:86:93:c5:
fb:26:60:2c:57:5d:3e:9f:39:b7:4e:7b:98:6e:8f:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:24:E9:1C:1C:5E:BE:A4:3B:1E:7C:D8:A5:C7:3B:D4:0C:14:AB:5E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dCTpHBxevqQ7HnzYpcc71AwUq14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.9.28.0/24
45.88.138.0/24
77.83.38.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d1:36:28:92:02:d4:8f:42:bd:cc:bf:8e:33:ab:a9:2f:05:
80:35:4c:e6:ae:42:5c:67:45:b1:80:1e:59:36:ee:85:14:ef:
64:27:23:c3:51:d3:1e:20:68:7d:50:40:40:21:73:2b:0f:e2:
55:5b:bf:46:ff:d4:b6:b7:c0:96:54:6e:77:2b:52:ce:d4:2e:
cd:b0:c1:1a:09:4e:ba:ac:13:85:6d:ef:1d:b0:43:10:be:14:
5f:df:3e:2c:d7:24:44:4b:37:07:86:65:55:22:6c:8b:fd:ce:
03:89:97:fc:59:b1:cb:38:4d:43:47:90:c0:a4:06:9a:c0:0c:
e0:1a:55:05:5c:bb:8e:97:36:58:9b:89:a3:e4:29:88:c1:9b:
27:e7:32:eb:dd:0e:7a:43:d5:89:91:b9:ae:fe:5b:c8:ff:f8:
1c:8a:ff:4b:37:93:1a:03:e3:41:13:3f:31:a6:dd:12:9c:d1:
98:ec:70:24:23:b8:54:44:3e:47:c5:ca:19:67:fe:d5:7d:98:
3f:31:47:f6:eb:e7:de:a8:ab:66:df:c5:f6:3b:d3:86:a1:85:
56:5a:a8:04:58:03:93:d3:af:16:ea:8c:d3:48:c5:69:9f:2f:
c4:d6:02:4d:55:25:6a:4d:41:05:f2:f4:63:ec:c5:47:e7:ed:
4b:81:3c:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMCdjYThnor+I3GDLTjDteRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTA2MTcxMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDI0ZTkxYzFjNWViZWE0M2IxZTdjZDhhNWM3M2JkNDBjMTRhYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY1eM1qcsFAZku+xE3lqQd+/rIlQ
cNM6l4eA7u8d2GdYcyyjzamaL1vST773MAI6lAzsF7RG2NEU96IyDxImLYHDxxQW
rI8VEvDKy1XYrsVFDUtOvkM79mNF8QbiRj8wKs0iny9qz6717zKyW9ayDLJ5b7+C
mj9bBRwuI5OrAMGhE/HlqoyXEX11magFKGi3A5kLL7Ht+HQXgDt+mxshUSxbw6z7
mVAHPk3r/9u3Qt4k0/e+UnPg26G8OmS7leljHE0YUYIRyojNUHiFnqPuX5CbDvJV
iGLimdYAC79AkFbUiJzeYEdOX3CnZ1eGk8X7JmAsV10+nzm3TnuYbo+fgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHQk6RwcXr6kOx582KXHO9QMFKteMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZENUcEhCeGV2cVE3SG56WXBjYzcxQXdVcTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjhvAwQA
LQkcAwQALViKAwQATVMmMA0GCSqGSIb3DQEBCwUAA4IBAQBr0TYokgLUj0K9zL+O
M6upLwWANUzmrkJcZ0WxgB5ZNu6FFO9kJyPDUdMeIGh9UEBAIXMrD+JVW79G/9S2
t8CWVG53K1LO1C7NsMEaCU66rBOFbe8dsEMQvhRf3z4s1yRESzcHhmVVImyL/c4D
iZf8WbHLOE1DR5DApAaawAzgGlUFXLuOlzZYm4mj5CmIwZsn5zLr3Q56Q9WJkbmu
/lvI//gciv9LN5MaA+NBEz8xpt0SnNGY7HAkI7hURD5HxcoZZ/7VfZg/MUf26+fe
qKtm38X2O9OGoYVWWqgEWAOT068W6ozTSMVpny/E1gJNVSVqTUEF8vRj7MVH5+1L
gTwX
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:51:15 2024 by rpki-client on console-ams.rpki-client.org