Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa
File: VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa (raw, json)
Hash identifier: GSe9f2ztsRA7Q88QbByOofUezG3ymkrprrPrLM+VvFs=
Subject key identifier: 55:6B:90:08:1E:27:AB:91:F8:77:B4:50:58:25:3B:3B:E7:C6:6F:9C
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018E9A0F1B912AA15F188D60381B4639CD3F
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa
Signing time: Mon 01 Apr 2024 14:27:45 +0000
ROA not before: Mon 01 Apr 2024 14:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 93.190.12.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9a:0f:1b:91:2a:a1:5f:18:8d:60:38:1b:46:39:cd:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Apr 1 14:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=556b90081e27ab91f877b45058253b3be7c66f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e7:2d:61:9e:8d:90:09:a7:2b:71:d4:6e:da:
3c:93:8a:0a:6e:7b:08:76:f5:06:4f:53:10:52:8e:
e2:0b:fb:aa:22:35:9c:24:9b:01:3f:11:8e:1e:c6:
71:b1:76:77:c5:ba:a8:fa:d8:8f:ba:15:0d:7f:ca:
0e:fd:eb:9c:91:15:df:50:dc:51:39:04:a5:e8:45:
34:98:4f:aa:6c:4d:c4:36:a4:d7:59:76:df:e4:ac:
a0:d6:97:5b:36:07:ef:33:f9:7a:fd:63:1c:e8:05:
57:9d:6c:4c:1a:1c:71:3a:ad:92:9e:3b:8c:83:36:
a3:76:83:06:82:f7:35:76:89:4d:9e:80:a4:43:5e:
01:83:34:58:29:37:ba:28:fe:33:03:49:ac:d2:24:
2f:d2:21:79:55:cd:59:c5:a1:99:79:3c:80:2a:d5:
d7:16:d0:a6:31:9f:3a:02:dd:48:97:a1:28:8b:35:
9d:6e:f9:6e:79:57:0d:31:11:0b:7b:37:82:47:69:
23:9b:61:74:c9:9e:b2:f1:3e:60:27:26:6c:53:8f:
0d:7f:e2:e1:ee:b8:28:5d:fa:01:25:82:54:ef:b8:
6e:57:37:cd:46:3c:75:21:e2:14:01:e6:a4:ed:4e:
8b:e3:58:ec:c0:57:48:cc:f5:36:ce:b9:5a:43:af:
b4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6B:90:08:1E:27:AB:91:F8:77:B4:50:58:25:3B:3B:E7:C6:6F:9C
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/VWuQCB4nq5H4d7RQWCU7O-fGb5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.12.0/24
109.236.51.0/24
160.20.109.0/24
185.86.6.0/24
185.243.181.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
67:10:45:ad:70:56:ca:9d:24:9d:1f:c9:5d:51:af:d9:b0:06:
90:7d:ce:4d:c9:4e:cf:a3:01:16:14:2e:81:ce:01:1c:bd:5a:
cd:49:d7:c3:b0:3d:e2:fc:82:d5:5b:cf:ed:f1:df:16:06:43:
d5:9c:0b:7a:3c:0d:d8:60:21:4c:a5:08:a6:5d:fe:fa:69:b0:
dd:e3:45:e5:65:00:91:1d:78:c7:6e:f4:d6:31:a5:c5:60:71:
24:40:10:9e:95:07:f1:77:94:f0:e7:9a:7a:9f:2e:4c:9e:32:
0a:d3:e2:69:86:17:1c:93:96:de:49:57:7b:7e:fb:40:d4:42:
0e:93:db:0a:07:59:d4:77:78:84:fc:d2:10:98:3c:c1:04:bc:
d2:ef:da:de:a4:4f:59:f3:2b:bb:08:9e:bf:f4:3e:cf:02:f6:
d5:47:c3:4d:25:03:8c:8c:b8:aa:f2:6a:f9:34:58:cd:fa:69:
6d:30:2a:55:94:2f:c1:c9:b9:c5:25:16:66:68:db:85:59:bb:
f4:da:ff:d1:c2:a2:30:b0:42:0f:2a:2f:82:c8:0f:97:2f:e8:
af:60:19:7b:99:4a:24:4d:da:6b:6e:42:d0:32:f8:74:c3:31:
59:91:36:91:7e:a8:90:1c:b9:49:91:97:4e:3d:62:52:14:c9:
b2:37:55:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6aDxuRKqFfGI1gOBtGOc0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwNDAxMTQyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTZiOTAwODFlMjdhYjkxZjg3N2I0NTA1ODI1M2IzYmU3YzY2ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhectYZ6NkAmnK3HUbto8k4oKbnsI
dvUGT1MQUo7iC/uqIjWcJJsBPxGOHsZxsXZ3xbqo+tiPuhUNf8oO/euckRXfUNxR
OQSl6EU0mE+qbE3ENqTXWXbf5Kyg1pdbNgfvM/l6/WMc6AVXnWxMGhxxOq2SnjuM
gzajdoMGgvc1dolNnoCkQ14BgzRYKTe6KP4zA0ms0iQv0iF5Vc1ZxaGZeTyAKtXX
FtCmMZ86At1Il6EoizWdbvlueVcNMRELezeCR2kjm2F0yZ6y8T5gJyZsU48Nf+Lh
7rgoXfoBJYJU77huVzfNRjx1IeIUAeak7U6L41jswFdIzPU2zrlaQ6+0BwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFVrkAgeJ6uR+He0UFglOzvnxm+cMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvVld1UUNCNG5xNUg0ZDdSUVdDVTdPLWZHYjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXb4MAwQA
bewzAwQAoBRtAwQAuVYGAwQAufO1AwQAwaCPMA0GCSqGSIb3DQEBCwUAA4IBAQBn
EEWtcFbKnSSdH8ldUa/ZsAaQfc5NyU7PowEWFC6BzgEcvVrNSdfDsD3i/ILVW8/t
8d8WBkPVnAt6PA3YYCFMpQimXf76abDd40XlZQCRHXjHbvTWMaXFYHEkQBCelQfx
d5Tw55p6ny5MnjIK0+Jphhcck5beSVd7fvtA1EIOk9sKB1nUd3iE/NIQmDzBBLzS
79repE9Z8yu7CJ6/9D7PAvbVR8NNJQOMjLiq8mr5NFjN+mltMCpVlC/BybnFJRZm
aNuFWbv02v/RwqIwsEIPKi+CyA+XL+ivYBl7mUokTdprbkLQMvh0wzFZkTaRfqiQ
HLlJkZdOPWJSFMmyN1UR
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:58:56 2024 by rpki-client on console-ams.rpki-client.org