Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/5tnFgEIsUwBoMQk-OVJICdWDM68.roa
File: 5tnFgEIsUwBoMQk-OVJICdWDM68.roa (raw, json)
Hash identifier: joa2M4NoolnPOQF9X+bVDDr3bDDJWLbl3GDm4QioZYI=
Subject key identifier: E6:D9:C5:80:42:2C:53:00:68:31:09:3E:39:52:48:09:D5:83:33:AF
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A0EE98E63180652C5F027D87B190F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/5tnFgEIsUwBoMQk-OVJICdWDM68.roa
Signing time: Tue 02 Jan 2024 12:33:23 +0000
ROA not before: Tue 02 Jan 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51495
IP address blocks: 93.171.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0e:e9:8e:63:18:06:52:c5:f0:27:d8:7b:19:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d9c580422c53006831093e39524809d58333af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c2:56:74:fc:88:c8:5a:0e:a0:a7:21:2a:c5:
60:82:1e:04:c5:df:a6:9c:51:ce:38:a8:83:f6:67:
e2:ed:62:c0:76:ea:73:ed:9f:e8:1d:25:4c:e9:21:
f7:84:33:3d:49:83:e8:a4:37:ae:44:b8:4d:6b:88:
b3:39:06:55:b6:de:2f:b3:f1:68:75:4a:08:f9:be:
0c:6b:f4:bc:45:ab:d6:37:33:3e:b9:aa:7f:7b:10:
47:74:dc:2e:3c:57:df:d6:bc:2b:c8:13:0a:d8:a0:
8f:e4:8e:5c:99:62:12:02:73:69:15:22:c9:82:82:
1f:92:ea:06:1d:d7:2c:02:ff:63:ef:e4:1c:74:47:
6c:de:bf:d3:3e:0c:db:18:21:2d:1a:31:14:aa:d0:
a3:54:8d:8e:6f:41:1b:c1:0c:e2:f2:1e:c3:cc:7f:
ff:0d:45:40:16:eb:19:d8:99:e7:7d:26:92:19:08:
ec:0c:43:fb:71:e5:34:3a:30:65:be:a6:61:f2:61:
5e:a3:43:4b:ec:6f:81:5f:db:43:fb:e4:e8:54:53:
db:ca:18:f6:c9:c3:9f:f1:35:47:58:b9:85:d5:bf:
5c:a5:2c:52:28:11:3d:d9:93:e0:67:84:76:3c:ea:
c4:bf:6a:29:22:8d:24:99:4d:08:eb:a7:59:f1:ac:
2c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D9:C5:80:42:2C:53:00:68:31:09:3E:39:52:48:09:D5:83:33:AF
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/5tnFgEIsUwBoMQk-OVJICdWDM68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:84:c1:a3:01:56:21:12:1c:39:e8:1c:4e:c6:49:bc:67:9c:
e0:74:80:7d:e7:4a:b3:ce:18:7e:2c:90:30:44:9b:c5:5f:97:
49:b2:d6:31:32:71:71:a1:e5:7a:09:f2:9f:24:86:9f:6f:06:
97:8a:60:62:8e:44:c9:da:76:7d:f0:85:68:01:54:4d:75:95:
1e:63:5d:9f:4b:0a:f7:18:1c:bc:2b:46:3e:ea:ad:f6:b8:bb:
a9:5e:bc:6c:dc:0a:98:85:f7:a3:cd:c2:f1:b3:91:cb:a3:e0:
84:a9:e2:68:69:c3:7c:3f:51:f0:af:42:ad:55:06:11:e2:4b:
02:7e:b7:59:9c:93:f8:c5:73:72:1e:a9:72:86:dd:22:33:27:
aa:e8:68:d3:ae:4c:aa:68:c8:2f:e3:5c:8c:ac:2d:b9:57:9e:
b7:82:73:a5:53:6a:84:6a:0d:5b:d0:be:1f:a3:79:2c:98:b5:
49:fb:00:45:e0:e9:ba:a1:35:d5:68:c0:c5:61:3b:71:a4:a7:
66:03:6c:a2:f0:35:1e:39:04:d9:92:9d:2a:ac:87:82:40:d3:
9d:31:25:24:ea:04:84:b2:8d:97:81:a7:99:c4:3b:4a:4f:8d:
56:7f:d8:0a:6b:58:8b:0b:13:8d:3d:2c:e8:be:fa:ad:73:12:
5f:5a:25:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKg7pjmMYBlLF8CfYexkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ5YzU4MDQyMmM1MzAwNjgzMTA5M2UzOTUyNDgwOWQ1ODMzM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMJWdPyIyFoOoKchKsVggh4Exd+m
nFHOOKiD9mfi7WLAdupz7Z/oHSVM6SH3hDM9SYPopDeuRLhNa4izOQZVtt4vs/Fo
dUoI+b4Ma/S8RavWNzM+uap/exBHdNwuPFff1rwryBMK2KCP5I5cmWISAnNpFSLJ
goIfkuoGHdcsAv9j7+QcdEds3r/TPgzbGCEtGjEUqtCjVI2Ob0EbwQzi8h7DzH//
DUVAFusZ2JnnfSaSGQjsDEP7ceU0OjBlvqZh8mFeo0NL7G+BX9tD++ToVFPbyhj2
ycOf8TVHWLmF1b9cpSxSKBE92ZPgZ4R2POrEv2opIo0kmU0I66dZ8awsvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObZxYBCLFMAaDEJPjlSSAnVgzOvMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNXRuRmdFSXNVd0JvTVFrLU9WSklDZFdETTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXavcMA0G
CSqGSIb3DQEBCwUAA4IBAQCmhMGjAVYhEhw56BxOxkm8Z5zgdIB950qzzhh+LJAw
RJvFX5dJstYxMnFxoeV6CfKfJIafbwaXimBijkTJ2nZ98IVoAVRNdZUeY12fSwr3
GBy8K0Y+6q32uLupXrxs3AqYhfejzcLxs5HLo+CEqeJoacN8P1Hwr0KtVQYR4ksC
frdZnJP4xXNyHqlyht0iMyeq6GjTrkyqaMgv41yMrC25V563gnOlU2qEag1b0L4f
o3ksmLVJ+wBF4Om6oTXVaMDFYTtxpKdmA2yi8DUeOQTZkp0qrIeCQNOdMSUk6gSE
so2XgaeZxDtKT41Wf9gKa1iLCxONPSzovvqtcxJfWiUm
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:41 2024 by rpki-client on console-ams.rpki-client.org