Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/1xNgMNNi7K7EaxdypS9KB_qhUcI.roa
File: 1xNgMNNi7K7EaxdypS9KB_qhUcI.roa (raw, json)
Hash identifier: IWhJ1dVN8TxDnIAFQ4h0ULQJjnQYH1VGIf+tqDY2+OU=
Subject key identifier: D7:13:60:30:D3:62:EC:AE:C4:6B:17:72:A5:2F:4A:07:FA:A1:51:C2
Certificate issuer: /CN=14da869ba03374a192c8e3bdce950a90027adcaf
Certificate serial: 018CC64B4E2FB4C6DA39A658BB76C5ECAD17
Authority key identifier: 14:DA:86:9B:A0:33:74:A1:92:C8:E3:BD:CE:95:0A:90:02:7A:DC:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/1xNgMNNi7K7EaxdypS9KB_qhUcI.roa
Signing time: Mon 01 Jan 2024 18:31:13 +0000
ROA not before: Mon 01 Jan 2024 18:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12903
IP address blocks: 193.218.113.0/24 maxlen: 24
194.29.208.0/21 maxlen: 24
91.188.192.0/22 maxlen: 24
217.68.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/FNqGm6AzdKGSyOO9zpUKkAJ63K8.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/FNqGm6AzdKGSyOO9zpUKkAJ63K8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:4e:2f:b4:c6:da:39:a6:58:bb:76:c5:ec:ad:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14da869ba03374a192c8e3bdce950a90027adcaf
Validity
Not Before: Jan 1 18:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7136030d362ecaec46b1772a52f4a07faa151c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6c:a9:1b:b3:ab:1e:87:a7:f2:5a:4c:8a:40:
04:2d:94:e1:21:04:4f:9f:bb:33:8c:24:6e:63:fc:
99:ef:6f:b8:9a:3d:73:34:2e:89:bf:ee:54:db:2d:
1f:97:e8:fe:09:ac:9e:61:12:76:aa:1f:8f:77:60:
05:9f:aa:95:56:c1:ef:c3:3a:bd:6e:ee:f2:d2:ca:
3a:d9:b8:98:81:f5:11:ff:d2:e1:95:c1:3d:f6:60:
b4:9a:8a:e4:f2:6a:51:24:2d:a2:d2:0f:b2:54:be:
98:71:f0:c4:4b:1f:a9:83:20:b1:e6:a7:15:55:7a:
ed:36:f1:45:44:f1:2a:60:b3:6f:ad:0f:32:7c:7b:
2b:32:70:92:29:ff:14:86:9c:3c:ae:16:c9:05:ea:
80:a3:81:29:c4:3c:69:12:c2:7b:7b:09:1f:a4:e9:
f7:9c:d7:9a:dd:95:62:0a:fb:57:fb:fd:fb:2e:35:
9c:40:e0:6f:f7:52:79:2d:f6:6a:fc:2b:1d:36:d9:
83:22:fa:f3:8d:c9:59:65:b5:21:8a:4f:01:63:38:
97:da:7c:5d:4b:b5:87:26:96:f1:37:13:0f:51:34:
3a:d2:0d:bf:03:02:2d:0e:fb:c8:22:56:31:17:10:
df:5f:0f:de:51:09:0d:a4:f2:0f:7f:ac:75:ca:53:
84:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:13:60:30:D3:62:EC:AE:C4:6B:17:72:A5:2F:4A:07:FA:A1:51:C2
X509v3 Authority Key Identifier:
keyid:14:DA:86:9B:A0:33:74:A1:92:C8:E3:BD:CE:95:0A:90:02:7A:DC:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/1xNgMNNi7K7EaxdypS9KB_qhUcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/FNqGm6AzdKGSyOO9zpUKkAJ63K8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.192.0/22
193.218.113.0/24
194.29.208.0/21
217.68.208.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:97:9c:d0:ca:24:55:04:f6:8d:34:97:c6:7a:4d:42:1a:10:
14:04:ac:60:e1:da:a8:63:5a:73:67:7b:cf:55:3e:66:70:02:
fe:bb:01:70:8c:0b:72:b6:84:f6:8a:43:91:05:d1:f3:65:66:
27:62:93:4e:9e:c2:d9:e6:d9:14:58:13:26:f4:15:05:d2:f7:
77:d4:77:22:de:64:17:30:db:85:79:ba:80:3b:b6:c4:6b:10:
47:1a:1f:a9:a9:b8:86:5c:20:88:de:00:32:44:8c:1a:47:79:
36:a2:7d:da:90:f3:6a:93:ad:a1:ef:74:43:b9:de:96:8a:59:
96:47:56:f7:98:3e:3b:04:80:9a:57:de:a3:a0:bf:7e:04:cf:
dd:cb:43:a2:a7:49:c3:cb:96:1a:e2:11:60:e5:c2:28:4a:89:
ae:06:0a:8f:d2:d5:2e:94:7c:42:a3:1b:80:3b:a7:33:a8:b0:
9b:e2:4b:a6:50:b1:01:6a:e1:ff:0a:d6:63:cb:b6:d1:c2:df:
85:30:64:1b:fb:54:0c:a7:44:31:55:fb:68:2e:94:b3:55:d9:
85:10:3b:70:4f:9f:bf:da:9d:26:da:3b:43:c3:7c:54:8e:53:
12:bb:89:87:c6:a2:32:84:84:95:f0:5b:73:4e:2a:a1:d6:f7:
e8:5a:c0:26
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGS04vtMbaOaZYu3bF7K0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZGE4NjliYTAzMzc0YTE5MmM4ZTNiZGNlOTUwYTkwMDI3
YWRjYWYwHhcNMjQwMTAxMTgzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzEzNjAzMGQzNjJlY2FlYzQ2YjE3NzJhNTJmNGEwN2ZhYTE1MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGypG7OrHoen8lpMikAELZThIQRP
n7szjCRuY/yZ72+4mj1zNC6Jv+5U2y0fl+j+CayeYRJ2qh+Pd2AFn6qVVsHvwzq9
bu7y0so62biYgfUR/9LhlcE99mC0mork8mpRJC2i0g+yVL6YcfDESx+pgyCx5qcV
VXrtNvFFRPEqYLNvrQ8yfHsrMnCSKf8Uhpw8rhbJBeqAo4EpxDxpEsJ7ewkfpOn3
nNea3ZViCvtX+/37LjWcQOBv91J5LfZq/CsdNtmDIvrzjclZZbUhik8BYziX2nxd
S7WHJpbxNxMPUTQ60g2/AwItDvvIIlYxFxDfXw/eUQkNpPIPf6x1ylOECQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNcTYDDTYuyuxGsXcqUvSgf6oVHCMB8GA1UdIwQY
MBaAFBTahpugM3Shksjjvc6VCpACetyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5xR202QXpkS0dTeU9POXpwVUtrQUo2M0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8xOGU1YTktMTIzZi00OGFkLTkxYzUt
ZjYwMDc0ODJmYTkzLzEvMXhOZ01OTmk3SzdFYXhkeXBTOUtCX3FoVWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8xOGU1YTktMTIzZi00OGFkLTkxYzUtZjYwMDc0ODJmYTkz
LzEvRk5xR202QXpkS0dTeU9POXpwVUtrQUo2M0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW7zAAwQA
wdpxAwQDwh3QAwQE2UTQMA0GCSqGSIb3DQEBCwUAA4IBAQBOl5zQyiRVBPaNNJfG
ek1CGhAUBKxg4dqoY1pzZ3vPVT5mcAL+uwFwjAtytoT2ikORBdHzZWYnYpNOnsLZ
5tkUWBMm9BUF0vd31Hci3mQXMNuFebqAO7bEaxBHGh+pqbiGXCCI3gAyRIwaR3k2
on3akPNqk62h73RDud6WilmWR1b3mD47BICaV96joL9+BM/dy0Oip0nDy5Ya4hFg
5cIoSomuBgqP0tUulHxCoxuAO6czqLCb4kumULEBauH/CtZjy7bRwt+FMGQb+1QM
p0QxVftoLpSzVdmFEDtwT5+/2p0m2jtDw3xUjlMSu4mHxqIyhISV8FtzTiqh1vfo
WsAm
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:29 2024 by rpki-client on console-ams.rpki-client.org