Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/w9mCxcKcH6d6c0sSXGC1oKW_iyE.roa
File: w9mCxcKcH6d6c0sSXGC1oKW_iyE.roa (raw, json)
Hash identifier: YEWT8mgpONeEmaNnFqEZ6DDCrelbTrdAiNm4dWJcmx0=
Subject key identifier: C3:D9:82:C5:C2:9C:1F:A7:7A:73:4B:12:5C:60:B5:A0:A5:BF:8B:21
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348D4A774F1BBAEAD9A74C114895FEC
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/w9mCxcKcH6d6c0sSXGC1oKW_iyE.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 195.65.17.0/24 maxlen: 24
194.209.178.0/24 maxlen: 24
194.6.190.0/24 maxlen: 24
195.65.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d4:a7:74:f1:bb:ae:ad:9a:74:c1:14:89:5f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3d982c5c29c1fa77a734b125c60b5a0a5bf8b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:15:92:51:76:65:1f:4f:b8:48:8a:48:f9:cf:
1b:4a:ed:f7:1f:0b:1d:8e:96:ab:ea:de:f0:c9:ec:
8a:bb:05:72:0d:a3:bc:82:f7:da:7d:78:22:62:85:
03:22:e9:a8:4c:f4:4f:69:34:a0:20:8c:63:66:d2:
28:fd:2a:93:e4:7f:3b:6c:55:56:f6:52:81:9c:87:
ec:e7:f6:b1:f0:7c:f7:84:5d:a4:d9:5e:a0:32:96:
b0:21:4c:dc:ef:35:f9:63:b3:c4:ac:cd:24:f3:b1:
29:6e:16:e4:ec:49:35:59:c3:59:48:0b:db:f8:5b:
d5:6c:dc:8d:09:00:1b:8a:cc:5a:45:0b:40:b1:eb:
a3:2d:4d:ff:f8:f2:d4:cd:b5:bd:44:db:58:3a:79:
15:3b:a8:1e:6e:43:ff:bb:61:dd:57:7a:74:c0:76:
f8:26:d9:f8:5a:7e:d0:3f:0c:06:ca:90:8f:39:02:
76:aa:00:2a:55:22:4c:ba:bf:bb:32:43:50:c3:68:
13:0b:25:89:df:6c:4d:bd:b7:f3:11:8a:db:35:0b:
92:e4:e0:15:6d:d6:f8:1a:0a:a3:0a:15:5e:35:d6:
01:29:6c:5f:dd:80:1b:f4:62:ec:3d:27:f9:89:2a:
99:58:77:92:cb:95:99:e9:13:be:2a:b3:57:4c:41:
f5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D9:82:C5:C2:9C:1F:A7:7A:73:4B:12:5C:60:B5:A0:A5:BF:8B:21
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/w9mCxcKcH6d6c0sSXGC1oKW_iyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.190.0/24
194.209.178.0/24
195.65.17.0/24
195.65.208.0/24
Signature Algorithm: sha256WithRSAEncryption
15:61:26:6b:a6:72:53:6f:e5:29:c9:32:15:4f:64:b9:18:66:
d5:db:9e:5b:a2:c4:25:6b:36:fb:8e:4a:58:e1:1b:55:21:6f:
e7:62:b3:98:21:25:f1:15:92:a6:8c:9d:f8:0d:b5:50:1d:a7:
33:3a:7d:ec:93:18:57:ba:11:1f:d5:ca:ad:f1:75:c8:5a:f5:
44:cf:9c:b1:2f:fc:c5:4a:fb:bb:3e:c5:37:6d:fa:91:62:27:
73:3e:50:4e:9e:3c:76:82:9e:2f:c4:73:bd:56:74:05:41:b8:
f4:1e:0a:9a:76:ba:10:93:40:7e:dc:ce:48:8f:29:e8:e9:53:
4c:3d:db:cd:56:c0:c4:e6:c4:69:f7:87:0c:b8:23:dc:1a:8c:
99:b5:e9:4e:80:c5:db:e8:36:0d:05:4d:47:67:c5:cb:48:80:
78:cb:5a:ca:dc:b9:fd:54:fd:d7:e4:a2:d3:1b:18:d2:e1:73:
e6:12:f5:1c:07:ec:a0:30:c7:03:bd:45:6d:5d:a8:55:82:a6:
6c:4e:ed:31:cb:7e:95:dd:25:0a:38:20:5e:8b:a4:03:21:45:
f5:71:d1:1a:b7:6f:4e:dd:26:55:87:30:8e:80:12:a4:e2:72:
55:c4:c7:04:fc:8a:56:5a:3b:90:e4:11:cc:2d:4a:7c:88:b5:
24:02:9e:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSNSndPG7rq2adMEUiV/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q5ODJjNWMyOWMxZmE3N2E3MzRiMTI1YzYwYjVhMGE1YmY4YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBWSUXZlH0+4SIpI+c8bSu33Hwsd
jpar6t7wyeyKuwVyDaO8gvfafXgiYoUDIumoTPRPaTSgIIxjZtIo/SqT5H87bFVW
9lKBnIfs5/ax8Hz3hF2k2V6gMpawIUzc7zX5Y7PErM0k87Epbhbk7Ek1WcNZSAvb
+FvVbNyNCQAbisxaRQtAseujLU3/+PLUzbW9RNtYOnkVO6gebkP/u2HdV3p0wHb4
Jtn4Wn7QPwwGypCPOQJ2qgAqVSJMur+7MkNQw2gTCyWJ32xNvbfzEYrbNQuS5OAV
bdb4GgqjChVeNdYBKWxf3YAb9GLsPSf5iSqZWHeSy5WZ6RO+KrNXTEH1lQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMPZgsXCnB+nenNLElxgtaClv4shMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvdzltQ3hjS2NINmQ2YzBzU1hHQzFvS1dfaXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwga+AwQA
wtGyAwQAw0ERAwQAw0HQMA0GCSqGSIb3DQEBCwUAA4IBAQAVYSZrpnJTb+UpyTIV
T2S5GGbV255bosQlazb7jkpY4RtVIW/nYrOYISXxFZKmjJ34DbVQHaczOn3skxhX
uhEf1cqt8XXIWvVEz5yxL/zFSvu7PsU3bfqRYidzPlBOnjx2gp4vxHO9VnQFQbj0
HgqadroQk0B+3M5Ijyno6VNMPdvNVsDE5sRp94cMuCPcGoyZtelOgMXb6DYNBU1H
Z8XLSIB4y1rK3Ln9VP3X5KLTGxjS4XPmEvUcB+ygMMcDvUVtXahVgqZsTu0xy36V
3SUKOCBei6QDIUX1cdEat29O3SZVhzCOgBKk4nJVxMcE/IpWWjuQ5BHMLUp8iLUk
Ap7i
-----END CERTIFICATE-----
Generated at Fri May 3 01:11:57 2024 by rpki-client on console-ams.rpki-client.org