Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CbZjJ0yZGjbYuEv1Rn7XOOFrot8.roa
File: CbZjJ0yZGjbYuEv1Rn7XOOFrot8.roa (raw, json)
Hash identifier: 1Oif6gBVmCZJU6bdbL0SQlP12vlmA4/RRX5pNNE+6lg=
Subject key identifier: 09:B6:63:27:4C:99:1A:36:D8:B8:4B:F5:46:7E:D7:38:E1:6B:A2:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191E1AB5D9313616C344DC327370136A5E0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CbZjJ0yZGjbYuEv1Rn7XOOFrot8.roa
Signing time: Wed 11 Sep 2024 15:19:49 +0000
ROA not before: Wed 11 Sep 2024 15:19:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 93.88.203.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:ab:5d:93:13:61:6c:34:4d:c3:27:37:01:36:a5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 11 15:19:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b663274c991a36d8b84bf5467ed738e16ba2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:a3:8a:c1:f7:d7:3c:d3:d1:f8:24:69:30:
9b:52:51:8a:fa:ca:16:35:ca:4f:d9:9c:5e:08:e3:
88:cf:3a:d0:e7:a3:d3:29:b1:9d:1e:65:00:73:62:
0b:33:e1:b9:38:7f:c3:b1:6e:b1:81:33:57:a1:c9:
2a:a7:9c:bd:9e:0c:bf:92:aa:1a:a5:e8:ed:34:fd:
2a:3c:b0:aa:b5:79:01:2d:90:92:e9:04:46:bf:06:
62:a0:87:99:14:f3:08:6c:06:50:a5:5d:db:df:ee:
c5:c7:b9:8c:a7:d7:fc:c8:cf:68:5a:4d:2a:25:38:
05:6a:23:22:de:f0:c9:b9:41:60:2e:58:12:91:6f:
1d:e4:c0:4c:75:4f:bf:d1:10:fa:09:e6:69:cf:42:
4c:13:8b:67:6a:e7:79:18:da:22:a8:b0:eb:95:8b:
68:de:6c:a9:9c:52:4e:09:5e:74:cc:ad:f8:71:61:
28:bd:72:82:ef:6c:be:34:5c:b2:44:7c:25:fe:02:
bb:8c:da:ad:92:c4:78:a8:26:fb:15:28:97:d3:92:
47:50:db:7a:3c:c9:68:f2:5d:c4:20:4f:a1:ad:6e:
dd:b4:c9:30:62:97:30:20:1b:dd:49:0a:5f:81:be:
52:91:d3:7d:d3:11:29:10:bc:5d:61:76:29:1d:b3:
c2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B6:63:27:4C:99:1A:36:D8:B8:4B:F5:46:7E:D7:38:E1:6B:A2:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CbZjJ0yZGjbYuEv1Rn7XOOFrot8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.203.0/24
194.50.111.0/24
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
87:41:8b:58:99:55:d1:c4:96:c0:ce:97:2f:55:bb:cf:70:3a:
83:3e:cf:1c:c2:e5:06:fa:58:7f:2f:68:54:b8:a1:75:46:da:
26:cc:f2:ed:c9:bd:93:8a:9d:00:dc:37:15:90:1f:f2:b4:2d:
ae:99:89:f6:37:6f:e7:45:77:95:e4:5e:8c:f3:8c:18:19:e6:
2a:84:31:88:8c:b5:f3:36:46:ec:0f:4b:87:d5:8b:43:a3:5a:
a2:0b:93:aa:c9:c6:0a:32:2c:08:98:49:be:1d:d6:34:a4:57:
8d:d7:66:7f:9d:83:e1:4a:f8:72:b8:c9:5d:1a:42:f7:ab:ab:
6e:4c:9b:d7:60:be:6b:13:67:57:88:f7:bc:3f:80:f2:dd:34:
d2:25:41:01:f4:0c:3e:08:3a:81:98:b7:6c:60:e6:a2:1a:84:
53:d9:9b:11:ff:7b:a9:f4:3b:50:8f:ae:57:40:e1:74:da:bf:
e9:7c:5b:87:be:63:3d:9e:4e:82:6a:51:15:03:4c:65:a1:3c:
db:8b:99:b8:11:ce:83:02:9c:45:7f:02:d4:5e:a2:bd:e7:50:
1a:26:88:6e:63:08:76:47:fc:8c:54:2f:24:02:8e:03:c6:15:
4b:c0:60:c3:16:f7:fb:54:47:56:ff:d8:37:e0:3b:7f:78:f2:
16:84:a0:29
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZHhq12TE2FsNE3DJzcBNqXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTExMTUxOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI2NjMyNzRjOTkxYTM2ZDhiODRiZjU0NjdlZDczOGUxNmJhMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7qjisH31zzT0fgkaTCbUlGK+soW
NcpP2ZxeCOOIzzrQ56PTKbGdHmUAc2ILM+G5OH/DsW6xgTNXockqp5y9ngy/kqoa
pejtNP0qPLCqtXkBLZCS6QRGvwZioIeZFPMIbAZQpV3b3+7Fx7mMp9f8yM9oWk0q
JTgFaiMi3vDJuUFgLlgSkW8d5MBMdU+/0RD6CeZpz0JME4tnaud5GNoiqLDrlYto
3mypnFJOCV50zK34cWEovXKC72y+NFyyRHwl/gK7jNqtksR4qCb7FSiX05JHUNt6
PMlo8l3EIE+hrW7dtMkwYpcwIBvdSQpfgb5SkdN90xEpELxdYXYpHbPCUQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAm2YydMmRo22LhL9UZ+1zjha6LfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ2JaakoweVpHamJZdUV2MVJuN1hPT0Zyb3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDASBAIAATAMAwQAXVjLAwQA
wjJvMD4EAgACMDgDBwAqDpfABBEDBwAqDpfACOADBwAqDrEHGaAwEgMHACoOsQca
YwMHACoOsQcaZAMHAioOsQcogDANBgkqhkiG9w0BAQsFAAOCAQEAh0GLWJlV0cSW
wM6XL1W7z3A6gz7PHMLlBvpYfy9oVLihdUbaJszy7cm9k4qdANw3FZAf8rQtrpmJ
9jdv50V3leRejPOMGBnmKoQxiIy18zZG7A9Lh9WLQ6NaoguTqsnGCjIsCJhJvh3W
NKRXjddmf52D4Ur4crjJXRpC96urbkyb12C+axNnV4j3vD+A8t000iVBAfQMPgg6
gZi3bGDmohqEU9mbEf97qfQ7UI+uV0DhdNq/6Xxbh75jPZ5OgmpRFQNMZaE824uZ
uBHOgwKcRX8C1F6ivedQGiaIbmMIdkf8jFQvJAKOA8YVS8Bgwxb3+1RHVv/YN+A7
f3jyFoSgKQ==
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:04:35 2024 by rpki-client on console-ams.rpki-client.org