Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/w9_Js2mnrjgRNwuXWogaP3-uZlY.roa
File: w9_Js2mnrjgRNwuXWogaP3-uZlY.roa (raw, json)
Hash identifier: l8+iDaL/+7odCO+l97xF4CS8lb5576RtxE5KrrQmxxE=
Subject key identifier: C3:DF:C9:B3:69:A7:AE:38:11:37:0B:97:5A:88:1A:3F:7F:AE:66:56
Certificate issuer: /CN=98db3dcf25d2c22c5b997d157a7cefac4d45f762
Certificate serial: 018CC94E3BA621EC9870120E4747B757C601
Authority key identifier: 98:DB:3D:CF:25:D2:C2:2C:5B:99:7D:15:7A:7C:EF:AC:4D:45:F7:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mNs9zyXSwixbmX0VenzvrE1F92I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/w9_Js2mnrjgRNwuXWogaP3-uZlY.roa
Signing time: Tue 02 Jan 2024 08:33:16 +0000
ROA not before: Tue 02 Jan 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209007
IP address blocks: 185.188.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/mNs9zyXSwixbmX0VenzvrE1F92I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/mNs9zyXSwixbmX0VenzvrE1F92I.mft
rsync://rpki.ripe.net/repository/DEFAULT/mNs9zyXSwixbmX0VenzvrE1F92I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3b:a6:21:ec:98:70:12:0e:47:47:b7:57:c6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98db3dcf25d2c22c5b997d157a7cefac4d45f762
Validity
Not Before: Jan 2 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3dfc9b369a7ae3811370b975a881a3f7fae6656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:ce:1f:2e:e0:73:75:e4:90:90:5d:d9:d6:
39:a9:48:08:0f:dc:39:fd:09:9f:55:07:01:a5:a1:
a6:0c:d3:c4:70:72:52:1e:8e:e9:23:74:22:3c:4c:
a2:d5:dd:8b:e3:23:10:2e:30:ea:3e:23:06:b8:be:
bc:9c:18:10:00:81:9e:aa:d5:de:ca:17:2b:a6:4c:
a5:22:43:1e:b7:47:ec:7b:61:6c:45:4f:e9:ed:ca:
75:03:78:15:d4:22:fb:23:21:2f:93:86:43:d3:c3:
6c:53:09:74:6d:a9:34:f1:90:be:64:98:2b:e7:9b:
f7:28:da:2a:8b:7c:ce:dc:7d:38:b9:cf:11:ca:45:
5a:3d:26:68:44:b1:d1:7f:37:29:f8:44:61:55:43:
f4:fc:4c:55:1f:4b:09:d3:e6:3b:a2:96:21:12:4f:
c1:22:db:26:98:a3:6b:a0:b2:94:33:fe:84:93:dc:
3b:3b:1d:b5:49:16:cc:08:31:00:38:df:44:c0:ff:
81:ef:ed:da:8f:05:49:3c:01:e1:90:9f:aa:1e:77:
c4:90:55:45:e4:d6:76:b6:a0:7f:91:1e:b8:68:4e:
a5:fd:af:4c:4c:5e:f5:c3:27:5a:82:b5:28:f8:66:
8b:23:1d:14:ba:a2:16:dd:65:3c:b9:32:b7:42:ae:
e2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DF:C9:B3:69:A7:AE:38:11:37:0B:97:5A:88:1A:3F:7F:AE:66:56
X509v3 Authority Key Identifier:
keyid:98:DB:3D:CF:25:D2:C2:2C:5B:99:7D:15:7A:7C:EF:AC:4D:45:F7:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNs9zyXSwixbmX0VenzvrE1F92I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/w9_Js2mnrjgRNwuXWogaP3-uZlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/mNs9zyXSwixbmX0VenzvrE1F92I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.29.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:98:11:61:58:8d:f9:ec:39:14:e3:78:4f:a9:21:bb:a9:2a:
fe:f8:66:76:0b:0d:a3:fe:17:8e:05:b6:c1:93:46:dd:10:d0:
52:e6:e6:5f:76:8f:86:43:2b:8d:9d:e1:e3:7b:6f:2b:9d:b7:
d8:a7:90:bc:5a:1b:1b:9c:9c:08:c7:ab:a1:9a:d5:2a:7f:47:
dc:e9:e1:d6:f3:90:90:c7:2a:7b:23:12:de:86:76:95:d7:be:
e5:65:97:76:e0:f8:22:4d:95:7d:aa:6a:a1:2b:30:aa:73:a7:
94:9e:d4:7b:db:b1:f5:12:81:0c:20:84:3f:6d:65:f1:73:04:
ed:fb:24:a6:43:71:68:56:b3:7a:cd:e2:e0:d3:7e:6d:1f:ae:
9c:19:85:10:be:d2:3e:05:ef:ad:90:26:52:31:98:64:5d:d5:
c1:1e:be:71:75:cb:8c:2d:16:90:24:74:1e:23:93:89:33:db:
74:97:04:34:6d:ad:a3:f5:5b:d6:29:d4:ac:3b:e4:3f:e1:86:
fa:d3:68:cb:d7:13:87:e0:c9:16:59:70:98:11:17:48:66:ae:
0e:8b:fc:48:c2:b6:78:7f:96:62:2d:9e:ec:5e:59:1f:c5:3f:
07:cd:d6:84:8a:fc:97:8b:98:51:93:1b:83:08:a2:28:99:32:
4d:15:9e:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTjumIeyYcBIOR0e3V8YBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZGIzZGNmMjVkMmMyMmM1Yjk5N2QxNTdhN2NlZmFjNGQ0
NWY3NjIwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2RmYzliMzY5YTdhZTM4MTEzNzBiOTc1YTg4MWEzZjdmYWU2NjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsrOHy7gc3XkkJBd2dY5qUgID9w5
/QmfVQcBpaGmDNPEcHJSHo7pI3QiPEyi1d2L4yMQLjDqPiMGuL68nBgQAIGeqtXe
yhcrpkylIkMet0fse2FsRU/p7cp1A3gV1CL7IyEvk4ZD08NsUwl0bak08ZC+ZJgr
55v3KNoqi3zO3H04uc8RykVaPSZoRLHRfzcp+ERhVUP0/ExVH0sJ0+Y7opYhEk/B
ItsmmKNroLKUM/6Ek9w7Ox21SRbMCDEAON9EwP+B7+3ajwVJPAHhkJ+qHnfEkFVF
5NZ2tqB/kR64aE6l/a9MTF71wydagrUo+GaLIx0UuqIW3WU8uTK3Qq7iuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMPfybNpp644ETcLl1qIGj9/rmZWMB8GA1UdIwQY
MBaAFJjbPc8l0sIsW5l9FXp876xNRfdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU5zOXp5WFN3aXhibVgwVmVuenZyRTFGOTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9mM2ViNjYtZDdkNy00MTFhLWFkMGIt
ZTUzOGUyOWZiMWMwLzEvdzlfSnMybW5yamdSTnd1WFdvZ2FQMy11WmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9mM2ViNjYtZDdkNy00MTFhLWFkMGItZTUzOGUyOWZiMWMw
LzEvbU5zOXp5WFN3aXhibVgwVmVuenZyRTFGOTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubwdMA0G
CSqGSIb3DQEBCwUAA4IBAQBvmBFhWI357DkU43hPqSG7qSr++GZ2Cw2j/heOBbbB
k0bdENBS5uZfdo+GQyuNneHje28rnbfYp5C8WhsbnJwIx6uhmtUqf0fc6eHW85CQ
xyp7IxLehnaV177lZZd24PgiTZV9qmqhKzCqc6eUntR727H1EoEMIIQ/bWXxcwTt
+ySmQ3FoVrN6zeLg035tH66cGYUQvtI+Be+tkCZSMZhkXdXBHr5xdcuMLRaQJHQe
I5OJM9t0lwQ0ba2j9VvWKdSsO+Q/4Yb602jL1xOH4MkWWXCYERdIZq4Oi/xIwrZ4
f5ZiLZ7sXlkfxT8HzdaEivyXi5hRkxuDCKIomTJNFZ4B
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:18:32 2024 by rpki-client on console-fra.rpki-client.org