Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/wFzXXigsfDWibBhEZ5E6v86nCf0.roa
File: wFzXXigsfDWibBhEZ5E6v86nCf0.roa (raw, json)
Hash identifier: +mkVHNAPBrgvmzFd6Zr73dTvBmiv09IA46UnBYZS9lg=
Subject key identifier: C0:5C:D7:5E:28:2C:7C:35:A2:6C:18:44:67:91:3A:BF:CE:A7:09:FD
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 018CC425300B039642A53EA6C09E0A96B6CF
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/wFzXXigsfDWibBhEZ5E6v86nCf0.roa
Signing time: Mon 01 Jan 2024 08:30:20 +0000
ROA not before: Mon 01 Jan 2024 08:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206874
IP address blocks: 109.74.82.0/23 maxlen: 23
109.74.82.0/24 maxlen: 24
109.74.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:30:0b:03:96:42:a5:3e:a6:c0:9e:0a:96:b6:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 08:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05cd75e282c7c35a26c184467913abfcea709fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1c:04:42:6a:a2:67:7a:20:65:e3:30:fd:d0:
aa:e0:f8:44:06:e1:b1:e3:07:13:87:5c:8f:41:ef:
ee:dc:19:07:77:43:d9:50:47:f1:0a:9b:ca:2a:ae:
63:66:b9:f9:a0:80:42:ee:be:30:c6:63:2f:c3:e7:
9a:7a:41:e2:fd:36:a6:06:1b:fc:99:f5:6f:cc:81:
5a:bd:61:ca:f2:74:46:29:dc:f7:8f:5f:b4:47:6b:
60:27:f3:07:8b:83:a6:4c:78:28:96:c4:1c:72:a0:
be:38:44:08:76:40:ab:c4:04:13:8d:69:58:ea:50:
61:13:a8:ff:6c:1d:1f:37:0d:24:fb:d8:7d:22:87:
83:51:58:5e:b6:14:74:0b:18:41:67:97:59:99:5a:
72:fc:07:33:74:4b:99:2c:df:f3:af:0f:10:1c:60:
32:03:4a:07:c3:b0:8d:63:a0:03:f3:b4:27:b3:a4:
34:90:62:81:f0:10:24:5f:af:ae:09:7f:50:41:22:
94:6d:83:54:9e:20:6f:ba:84:0e:c0:84:f6:1d:3e:
4d:05:a1:45:18:12:7e:2d:01:1a:a8:ea:ff:27:92:
fa:7c:f9:01:41:1a:67:0e:55:44:59:2c:18:e7:28:
12:f1:6f:4d:59:af:51:e6:3e:7c:49:00:c7:42:72:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5C:D7:5E:28:2C:7C:35:A2:6C:18:44:67:91:3A:BF:CE:A7:09:FD
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/wFzXXigsfDWibBhEZ5E6v86nCf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.82.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:2d:76:99:0e:63:d5:98:6e:80:53:d5:26:70:27:d2:dc:df:
0e:6d:b5:04:a7:62:75:09:85:f3:72:02:90:30:2e:e7:3a:71:
69:b7:c2:19:d7:68:89:1f:b0:29:01:3a:f5:f5:36:db:f9:a3:
c7:8c:d4:8b:21:24:f5:2a:b4:96:6d:48:eb:ea:a9:c5:3a:f6:
d5:2d:dd:63:9e:ef:c8:cf:e5:97:74:bc:61:14:ad:fa:41:f4:
46:c1:de:35:ef:23:fd:40:43:a6:da:84:d7:d0:4a:03:36:18:
50:42:73:ee:2b:56:03:05:9e:aa:21:87:08:7c:38:b2:d7:71:
80:64:a2:88:08:39:8e:53:85:61:6e:2a:a9:04:63:63:a8:99:
ad:07:32:f8:65:ab:7c:fd:a1:39:fa:e3:4e:86:a6:3b:26:d2:
8f:3d:5a:c1:20:35:27:bc:cc:aa:dd:e1:a3:3c:18:81:1a:03:
ff:f8:b6:9b:d3:ae:f3:8a:d7:32:3e:5a:64:17:78:ae:c4:8b:
9c:84:c3:be:12:3e:9a:4c:10:08:0b:0b:f5:50:29:2f:d4:ee:
e6:aa:ad:d3:8c:27:fc:82:4a:f1:20:32:fd:a1:4a:f2:7c:3a:
a7:a0:52:49:07:b9:45:c8:8e:e9:a6:ea:5e:44:01:31:e5:14:
0d:60:d4:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJTALA5ZCpT6mwJ4KlrbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjQwMTAxMDgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDVjZDc1ZTI4MmM3YzM1YTI2YzE4NDQ2NzkxM2FiZmNlYTcwOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxwEQmqiZ3ogZeMw/dCq4PhEBuGx
4wcTh1yPQe/u3BkHd0PZUEfxCpvKKq5jZrn5oIBC7r4wxmMvw+eaekHi/TamBhv8
mfVvzIFavWHK8nRGKdz3j1+0R2tgJ/MHi4OmTHgolsQccqC+OEQIdkCrxAQTjWlY
6lBhE6j/bB0fNw0k+9h9IoeDUVhethR0CxhBZ5dZmVpy/AczdEuZLN/zrw8QHGAy
A0oHw7CNY6AD87Qns6Q0kGKB8BAkX6+uCX9QQSKUbYNUniBvuoQOwIT2HT5NBaFF
GBJ+LQEaqOr/J5L6fPkBQRpnDlVEWSwY5ygS8W9NWa9R5j58SQDHQnJ8xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBc114oLHw1omwYRGeROr/Opwn9MB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvd0Z6WFhpZ3NmRFdpYkJoRVo1RTZ2ODZuQ2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbUpSMA0G
CSqGSIb3DQEBCwUAA4IBAQBqLXaZDmPVmG6AU9UmcCfS3N8ObbUEp2J1CYXzcgKQ
MC7nOnFpt8IZ12iJH7ApATr19Tbb+aPHjNSLIST1KrSWbUjr6qnFOvbVLd1jnu/I
z+WXdLxhFK36QfRGwd417yP9QEOm2oTX0EoDNhhQQnPuK1YDBZ6qIYcIfDiy13GA
ZKKICDmOU4VhbiqpBGNjqJmtBzL4Zat8/aE5+uNOhqY7JtKPPVrBIDUnvMyq3eGj
PBiBGgP/+Lab067zitcyPlpkF3iuxIuchMO+Ej6aTBAICwv1UCkv1O7mqq3TjCf8
gkrxIDL9oUryfDqnoFJJB7lFyI7ppupeRAEx5RQNYNRU
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:15:11 2024 by rpki-client on console-fra.rpki-client.org