Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/769743-4ba1-43ce-af23-4846062f9a73/1/X1Rq2mAz9kq-OxhwyI2X79Ub5RY.roa
File: X1Rq2mAz9kq-OxhwyI2X79Ub5RY.roa (raw, json)
Hash identifier: FR+ZAUPQYRZLaqa65JnkmZVJKrKJqA05tNHPUjh7MJc=
Subject key identifier: 5F:54:6A:DA:60:33:F6:4A:BE:3B:18:70:C8:8D:97:EF:D5:1B:E5:16
Certificate issuer: /CN=c0d2a8845cdf6576de8eb0111808abd65fd8bc44
Certificate serial: 018CC8015E87E55C6A6B73D4F5466997FFA4
Authority key identifier: C0:D2:A8:84:5C:DF:65:76:DE:8E:B0:11:18:08:AB:D6:5F:D8:BC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wNKohFzfZXbejrARGAir1l_YvEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/769743-4ba1-43ce-af23-4846062f9a73/1/X1Rq2mAz9kq-OxhwyI2X79Ub5RY.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9211
IP address blocks: 195.242.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/769743-4ba1-43ce-af23-4846062f9a73/1/wNKohFzfZXbejrARGAir1l_YvEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/769743-4ba1-43ce-af23-4846062f9a73/1/wNKohFzfZXbejrARGAir1l_YvEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wNKohFzfZXbejrARGAir1l_YvEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5e:87:e5:5c:6a:6b:73:d4:f5:46:69:97:ff:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0d2a8845cdf6576de8eb0111808abd65fd8bc44
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f546ada6033f64abe3b1870c88d97efd51be516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:47:7b:73:36:b8:08:9f:f6:ae:52:0b:c6:e1:
26:33:70:83:e1:8b:10:fe:58:b7:d0:16:8d:b2:cb:
f3:94:76:fc:38:f2:6c:a9:85:71:cf:18:1d:f9:9b:
a0:75:02:f2:2c:0c:7e:02:0d:ec:da:50:35:53:e6:
ab:cf:9d:2c:52:26:d7:a0:d0:7c:71:c8:10:65:4b:
0c:23:6f:2c:cb:b5:45:6b:64:e1:b6:8a:6b:e4:1f:
70:83:53:21:5c:5d:f4:07:72:f7:b3:3a:28:34:c1:
da:b0:5e:65:6c:a7:44:83:39:8c:9d:09:f4:9e:ab:
f9:be:6b:7b:07:34:c4:cf:dd:61:5a:e0:5f:41:52:
16:d5:46:00:97:fe:20:7b:da:9b:ca:f9:0d:ad:96:
80:9f:fb:10:69:66:df:88:18:c7:dd:31:f3:e3:f6:
5f:9d:6e:20:be:84:1d:86:49:5d:e8:ee:ae:03:c4:
2c:e1:64:f5:19:b2:0d:9f:75:5f:ac:a5:84:0d:0e:
63:d8:7e:a3:dc:79:62:84:7f:f1:d1:dc:a1:6c:60:
d1:ca:4d:fc:0c:f6:f1:c5:10:f0:23:65:ef:35:3e:
6e:ee:1b:01:d8:8e:d7:7d:60:c8:29:a5:dd:67:42:
be:7b:38:0f:ab:8a:6b:c3:b1:38:a6:96:44:13:60:
c5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:54:6A:DA:60:33:F6:4A:BE:3B:18:70:C8:8D:97:EF:D5:1B:E5:16
X509v3 Authority Key Identifier:
keyid:C0:D2:A8:84:5C:DF:65:76:DE:8E:B0:11:18:08:AB:D6:5F:D8:BC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wNKohFzfZXbejrARGAir1l_YvEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/769743-4ba1-43ce-af23-4846062f9a73/1/X1Rq2mAz9kq-OxhwyI2X79Ub5RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/769743-4ba1-43ce-af23-4846062f9a73/1/wNKohFzfZXbejrARGAir1l_YvEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.100.0/22
Signature Algorithm: sha256WithRSAEncryption
37:97:d0:c0:f3:ff:27:54:b7:44:9e:b3:fa:4c:f8:d5:b4:88:
5c:26:5f:ce:8e:51:ea:9b:65:68:d1:28:06:ea:e1:7a:cd:c7:
0a:ed:8a:9c:2d:d2:c4:30:fb:16:52:d0:6e:e2:6c:ac:79:bb:
f5:fd:27:f9:75:0a:68:fd:af:65:4b:23:4c:36:f1:70:de:4e:
78:ee:4d:69:31:f1:91:cc:50:3d:8d:ee:f5:be:e6:7d:25:10:
af:60:b9:6a:90:14:e5:d9:b9:50:12:e9:73:15:ea:c9:8a:46:
46:80:34:32:ae:92:5d:11:c3:5d:d2:85:72:1a:f0:3d:9c:6d:
a6:78:ac:a1:f1:3f:5b:0f:bc:30:69:37:8b:a9:e6:e0:2b:ec:
ad:57:7c:9b:07:50:70:7d:4a:45:c0:42:ba:d2:14:32:3e:28:
b0:b5:56:51:95:77:e7:e2:b4:e8:74:f8:ca:33:06:c0:82:bf:
d1:d1:a2:fe:55:88:f2:fc:b3:27:5c:4d:c6:01:21:b6:67:f3:
cd:08:86:89:49:2c:73:0e:d9:e6:cf:d6:e4:1a:d4:c6:51:42:
6e:49:75:84:1b:be:6c:d9:cf:ae:11:86:ca:83:15:6c:af:a1:
f9:67:a7:93:df:7d:8e:df:f9:b7:83:5e:93:be:4f:48:79:01:
23:91:bb:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAV6H5Vxqa3PU9UZpl/+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZDJhODg0NWNkZjY1NzZkZThlYjAxMTE4MDhhYmQ2NWZk
OGJjNDQwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU0NmFkYTYwMzNmNjRhYmUzYjE4NzBjODhkOTdlZmQ1MWJlNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkd7cza4CJ/2rlILxuEmM3CD4YsQ
/li30BaNssvzlHb8OPJsqYVxzxgd+ZugdQLyLAx+Ag3s2lA1U+arz50sUibXoNB8
ccgQZUsMI28sy7VFa2Thtopr5B9wg1MhXF30B3L3szooNMHasF5lbKdEgzmMnQn0
nqv5vmt7BzTEz91hWuBfQVIW1UYAl/4ge9qbyvkNrZaAn/sQaWbfiBjH3THz4/Zf
nW4gvoQdhkld6O6uA8Qs4WT1GbINn3VfrKWEDQ5j2H6j3HlihH/x0dyhbGDRyk38
DPbxxRDwI2XvNT5u7hsB2I7XfWDIKaXdZ0K+ezgPq4prw7E4ppZEE2DFTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9UatpgM/ZKvjsYcMiNl+/VG+UWMB8GA1UdIwQY
MBaAFMDSqIRc32V23o6wERgIq9Zf2LxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd05Lb2hGemZaWGJlanJBUkdBaXIxbF9ZdkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83Njk3NDMtNGJhMS00M2NlLWFmMjMt
NDg0NjA2MmY5YTczLzEvWDFScTJtQXo5a3EtT3hod3lJMlg3OVViNVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83Njk3NDMtNGJhMS00M2NlLWFmMjMtNDg0NjA2MmY5YTcz
LzEvd05Lb2hGemZaWGJlanJBUkdBaXIxbF9ZdkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw/JkMA0G
CSqGSIb3DQEBCwUAA4IBAQA3l9DA8/8nVLdEnrP6TPjVtIhcJl/OjlHqm2Vo0SgG
6uF6zccK7YqcLdLEMPsWUtBu4mysebv1/Sf5dQpo/a9lSyNMNvFw3k547k1pMfGR
zFA9je71vuZ9JRCvYLlqkBTl2blQEulzFerJikZGgDQyrpJdEcNd0oVyGvA9nG2m
eKyh8T9bD7wwaTeLqebgK+ytV3ybB1BwfUpFwEK60hQyPiiwtVZRlXfn4rTodPjK
MwbAgr/R0aL+VYjy/LMnXE3GASG2Z/PNCIaJSSxzDtnmz9bkGtTGUUJuSXWEG75s
2c+uEYbKgxVsr6H5Z6eT332O3/m3g16Tvk9IeQEjkbve
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:17:58 2024 by rpki-client on console-ams.rpki-client.org