Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/SIv5cxEoA2Ruw3rYTyyzLKqYw-c.roa
File: SIv5cxEoA2Ruw3rYTyyzLKqYw-c.roa (raw, json)
Hash identifier: /ulP17EFY23K6GniQpd38wwQmUZyZmR8KBFF5CsWuHk=
Subject key identifier: 48:8B:F9:73:11:28:03:64:6E:C3:7A:D8:4F:2C:B3:2C:AA:98:C3:E7
Certificate issuer: /CN=c0d0495acf9c78b9183bba0c05b8a29974382b14
Certificate serial: 018CC2DB3CD86C361A9EE2AC94FF1B11881D
Authority key identifier: C0:D0:49:5A:CF:9C:78:B9:18:3B:BA:0C:05:B8:A2:99:74:38:2B:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/SIv5cxEoA2Ruw3rYTyyzLKqYw-c.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201971
IP address blocks: 185.57.188.0/22 maxlen: 24
2a04:de40::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3c:d8:6c:36:1a:9e:e2:ac:94:ff:1b:11:88:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0d0495acf9c78b9183bba0c05b8a29974382b14
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=488bf973112803646ec37ad84f2cb32caa98c3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fa:d5:5f:28:f0:17:f8:05:c8:44:f5:2a:de:
f7:dd:cf:b1:5a:64:84:4a:b0:b9:50:c9:5c:c4:dd:
a8:73:19:ae:18:11:b1:c5:ba:83:e7:bb:e6:49:e3:
c2:58:e8:1a:9e:fc:75:e2:cf:fe:c7:92:53:57:88:
bb:51:23:c2:fe:84:79:90:74:22:94:5d:e9:03:d2:
21:1a:2e:2c:a4:8d:6f:bf:f2:f8:f1:d9:77:a4:5e:
c2:25:cf:e1:77:39:74:a8:43:ee:c6:71:ad:d5:50:
ba:95:61:1f:ae:28:58:c4:32:0b:f9:76:60:7d:13:
d7:c9:8b:28:87:4e:c4:ac:4d:39:7b:72:3b:3e:37:
c8:05:f5:f1:5e:e9:6a:51:3a:bf:b3:29:8c:7c:40:
06:79:ba:4d:e4:c5:2a:d7:7f:58:4c:b7:47:11:42:
c0:3a:bd:f3:43:ea:e1:54:09:ea:48:f7:bb:08:a7:
1f:95:76:95:1f:dc:a5:ed:75:96:11:f6:1b:d0:a7:
0a:bd:4a:0e:75:92:3d:66:72:e5:e1:fd:e1:0a:b9:
36:8d:d1:54:e4:1f:8b:eb:12:34:52:11:e1:8c:16:
ec:f7:28:17:6b:6a:a6:dc:19:a6:92:fb:53:2e:1c:
5f:83:ed:d9:d6:ca:c0:3e:33:69:59:46:01:b2:05:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8B:F9:73:11:28:03:64:6E:C3:7A:D8:4F:2C:B3:2C:AA:98:C3:E7
X509v3 Authority Key Identifier:
keyid:C0:D0:49:5A:CF:9C:78:B9:18:3B:BA:0C:05:B8:A2:99:74:38:2B:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/SIv5cxEoA2Ruw3rYTyyzLKqYw-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.188.0/22
IPv6:
2a04:de40::/29
Signature Algorithm: sha256WithRSAEncryption
63:94:b3:83:ba:32:8c:38:12:3e:a8:1f:c0:7f:b9:dc:7a:50:
d5:76:25:f5:27:05:36:7d:cd:6c:9c:c1:d7:d3:3b:eb:10:11:
60:de:f6:15:1e:90:8b:4b:03:2c:e9:70:2b:3e:22:cd:7f:7f:
95:98:08:e5:5a:28:c3:44:c1:b4:9c:41:85:42:78:34:97:76:
d1:6e:6f:34:d1:7e:ac:e1:52:60:43:1f:e6:65:ee:51:62:00:
07:76:8b:eb:74:c3:b6:b8:54:64:e4:38:8a:55:b8:a1:2f:33:
23:08:5d:01:dc:57:7c:60:3a:c7:38:ad:e5:b1:77:3a:e6:f1:
5c:80:92:6b:85:b0:5a:6d:89:6a:ea:b0:2f:77:16:18:1a:7d:
53:ae:26:bc:58:35:21:22:9b:5d:cf:89:58:d9:36:0d:44:0d:
8f:a8:f4:7b:58:f3:c8:e9:c9:73:63:e5:63:57:79:fd:8c:bb:
1d:13:8b:72:67:f8:ec:f5:3c:87:a0:3d:bd:f6:14:75:b9:cc:
e3:7d:09:64:d3:e6:e7:73:f4:50:75:74:28:34:8e:3a:ee:90:
0d:71:49:b5:8a:e5:4c:59:34:ec:cd:6c:cb:54:91:4a:4c:2b:
f0:1e:1c:9d:ce:2a:15:f8:e4:0f:f7:f3:9d:73:2d:35:47:d1:
a0:07:5e:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2zzYbDYanuKslP8bEYgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZDA0OTVhY2Y5Yzc4YjkxODNiYmEwYzA1YjhhMjk5NzQz
ODJiMTQwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODhiZjk3MzExMjgwMzY0NmVjMzdhZDg0ZjJjYjMyY2FhOThjM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfrVXyjwF/gFyET1Kt733c+xWmSE
SrC5UMlcxN2ocxmuGBGxxbqD57vmSePCWOganvx14s/+x5JTV4i7USPC/oR5kHQi
lF3pA9IhGi4spI1vv/L48dl3pF7CJc/hdzl0qEPuxnGt1VC6lWEfrihYxDIL+XZg
fRPXyYsoh07ErE05e3I7PjfIBfXxXulqUTq/symMfEAGebpN5MUq139YTLdHEULA
Or3zQ+rhVAnqSPe7CKcflXaVH9yl7XWWEfYb0KcKvUoOdZI9ZnLl4f3hCrk2jdFU
5B+L6xI0UhHhjBbs9ygXa2qm3BmmkvtTLhxfg+3Z1srAPjNpWUYBsgWaKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEiL+XMRKANkbsN62E8ssyyqmMPnMB8GA1UdIwQY
MBaAFMDQSVrPnHi5GDu6DAW4opl0OCsUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd05CSldzLWNlTGtZTzdvTUJiaWltWFE0S3hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNjUzOTgtYThlYi00ZDE2LTljNGUt
MzU4NGUyYWIxZjBkLzEvU0l2NWN4RW9BMlJ1dzNyWVR5eXpMS3FZdy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jNjUzOTgtYThlYi00ZDE2LTljNGUtMzU4NGUyYWIxZjBk
LzEvd05CSldzLWNlTGtZTzdvTUJiaWltWFE0S3hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTm8MA0E
AgACMAcDBQMqBN5AMA0GCSqGSIb3DQEBCwUAA4IBAQBjlLODujKMOBI+qB/Af7nc
elDVdiX1JwU2fc1snMHX0zvrEBFg3vYVHpCLSwMs6XArPiLNf3+VmAjlWijDRMG0
nEGFQng0l3bRbm800X6s4VJgQx/mZe5RYgAHdovrdMO2uFRk5DiKVbihLzMjCF0B
3Fd8YDrHOK3lsXc65vFcgJJrhbBabYlq6rAvdxYYGn1Tria8WDUhIptdz4lY2TYN
RA2PqPR7WPPI6clzY+VjV3n9jLsdE4tyZ/js9TyHoD299hR1uczjfQlk0+bnc/RQ
dXQoNI467pANcUm1iuVMWTTszWzLVJFKTCvwHhydzioV+OQP9/Odcy01R9GgB17c
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:10:19 2024 by rpki-client on console-fra.rpki-client.org