Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j3i09-oYnoVtjmOxTPf7_JAa6ng.roa
File: j3i09-oYnoVtjmOxTPf7_JAa6ng.roa (raw, json)
Hash identifier: wvrNlLnhgnU+iKTs1Y0GDjSidI4xXEY6PMJqV3VPLDY=
Subject key identifier: 8F:78:B4:F7:EA:18:9E:85:6D:8E:63:B1:4C:F7:FB:FC:90:1A:EA:78
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29E9D1CCEAC32AE22A0936C943EC25
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j3i09-oYnoVtjmOxTPf7_JAa6ng.roa
Signing time: Tue 02 Jan 2024 12:33:13 +0000
ROA not before: Tue 02 Jan 2024 12:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41245
IP address blocks: 93.170.143.0/24 maxlen: 24
93.171.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:e9:d1:cc:ea:c3:2a:e2:2a:09:36:c9:43:ec:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f78b4f7ea189e856d8e63b14cf7fbfc901aea78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:85:b0:dc:52:5b:30:58:84:99:5b:0a:14:96:
cc:93:56:d6:a6:93:08:05:21:99:50:86:d4:e1:b8:
97:eb:2d:df:90:aa:b1:75:21:77:9e:92:79:0e:8b:
a2:73:bd:e4:e0:6e:70:45:15:7a:18:bd:5b:9b:32:
fa:6a:72:0b:9e:1d:2d:1f:62:8f:49:43:11:27:dd:
99:d7:3c:df:08:fb:af:e4:c8:60:90:73:80:19:40:
d9:d7:26:48:a6:d0:03:6f:5e:b8:e7:b8:6a:58:8f:
e3:11:d0:f2:ca:aa:d3:97:e1:fb:82:99:08:1c:3a:
ed:8c:2a:d7:5d:46:b2:33:76:fb:d8:3a:eb:a1:3e:
a4:9e:d2:b0:ea:f7:5a:43:16:d1:98:e6:b8:bf:28:
21:ef:75:c0:98:00:52:c9:8f:ba:02:1c:99:ad:a7:
70:8d:63:99:81:e7:37:2c:d1:db:2f:41:46:71:5c:
6d:bf:b9:45:55:8f:97:60:ec:a0:a9:f5:27:5d:1f:
09:5d:e5:c9:dc:db:9a:82:f5:5c:4d:74:89:41:30:
b9:31:8a:01:b1:19:2e:3b:d1:6e:a9:57:18:e8:9e:
7a:64:24:e6:ab:a0:a8:be:0d:48:b9:03:59:34:46:
a1:1b:da:49:38:2d:67:b2:4e:82:b7:ba:71:af:53:
e8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:78:B4:F7:EA:18:9E:85:6D:8E:63:B1:4C:F7:FB:FC:90:1A:EA:78
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j3i09-oYnoVtjmOxTPf7_JAa6ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.143.0/24
93.171.6.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:66:98:74:43:2f:38:f0:ff:8e:b5:f8:a0:18:30:ab:99:a8:
bb:75:79:6b:f8:0e:af:83:b7:bc:32:2e:17:77:0a:b8:b8:19:
5c:00:c1:27:3e:16:22:95:e4:b9:51:c8:fe:75:2a:44:3f:0b:
03:10:36:4b:5a:90:e2:ed:a3:df:0f:f3:53:43:79:19:96:61:
ff:8b:36:89:d0:f3:ca:37:5b:66:39:ca:e0:ae:6c:ce:0b:02:
54:f8:0d:0f:18:b0:4c:af:80:cf:bc:23:86:e6:db:54:85:1f:
79:98:d0:b9:48:07:3e:5d:bc:63:ae:0b:2b:b6:b8:e3:da:cb:
f4:e3:cc:ad:19:de:01:32:f1:4a:20:32:fd:0e:3a:7f:46:b0:
18:ee:d1:02:c9:d6:c2:f4:30:47:4f:b4:16:38:71:3a:4a:31:
d0:19:4d:e2:fd:1c:47:cd:f6:52:ee:cc:40:2e:8f:ff:26:4a:
65:5e:74:0b:73:d1:77:fb:1b:ed:0f:0b:ab:73:fb:2a:a5:9f:
16:4b:52:b6:05:a9:72:ad:2b:35:ac:b7:38:2f:8f:c1:2d:3c:
58:3a:cb:d8:0b:f6:92:cc:3d:f7:aa:aa:bc:79:05:5c:4b:73:
e0:64:17:45:ce:3a:4e:ac:54:d4:44:07:4d:c7:18:7e:c5:b6:
5c:e4:81:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKenRzOrDKuIqCTbJQ+wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc4YjRmN2VhMTg5ZTg1NmQ4ZTYzYjE0Y2Y3ZmJmYzkwMWFlYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YWw3FJbMFiEmVsKFJbMk1bWppMI
BSGZUIbU4biX6y3fkKqxdSF3npJ5Douic73k4G5wRRV6GL1bmzL6anILnh0tH2KP
SUMRJ92Z1zzfCPuv5MhgkHOAGUDZ1yZIptADb16457hqWI/jEdDyyqrTl+H7gpkI
HDrtjCrXXUayM3b72DrroT6kntKw6vdaQxbRmOa4vygh73XAmABSyY+6AhyZradw
jWOZgec3LNHbL0FGcVxtv7lFVY+XYOygqfUnXR8JXeXJ3NuagvVcTXSJQTC5MYoB
sRkuO9FuqVcY6J56ZCTmq6Covg1IuQNZNEahG9pJOC1nsk6Ct7pxr1PoBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI94tPfqGJ6FbY5jsUz3+/yQGup4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvajNpMDktb1lub1Z0am1PeFRQZjdfSkFhNm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXaqPAwQA
XasGMA0GCSqGSIb3DQEBCwUAA4IBAQAqZph0Qy848P+OtfigGDCrmai7dXlr+A6v
g7e8Mi4Xdwq4uBlcAMEnPhYileS5Ucj+dSpEPwsDEDZLWpDi7aPfD/NTQ3kZlmH/
izaJ0PPKN1tmOcrgrmzOCwJU+A0PGLBMr4DPvCOG5ttUhR95mNC5SAc+Xbxjrgsr
trjj2sv048ytGd4BMvFKIDL9Djp/RrAY7tECydbC9DBHT7QWOHE6SjHQGU3i/RxH
zfZS7sxALo//JkplXnQLc9F3+xvtDwurc/sqpZ8WS1K2BalyrSs1rLc4L4/BLTxY
OsvYC/aSzD33qqq8eQVcS3PgZBdFzjpOrFTURAdNxxh+xbZc5IFN
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:42 2024 by rpki-client on console-ams.rpki-client.org