Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/CwQ2348haaFbt9ejDUFqIBm1SoY.roa
File: CwQ2348haaFbt9ejDUFqIBm1SoY.roa (raw, json)
Hash identifier: qygaWlvgcnfo9LlIwSPnSeIpMXS7CjGhE7dO94/uey0=
Subject key identifier: 0B:04:36:DF:8F:21:69:A1:5B:B7:D7:A3:0D:41:6A:20:19:B5:4A:86
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018D7D1EEFD36F23D4CA36600E5BD6AACF68
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/CwQ2348haaFbt9ejDUFqIBm1SoY.roa
Signing time: Tue 06 Feb 2024 06:33:15 +0000
ROA not before: Tue 06 Feb 2024 06:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208088
IP address blocks: 94.188.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:1e:ef:d3:6f:23:d4:ca:36:60:0e:5b:d6:aa:cf:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 6 06:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b0436df8f2169a15bb7d7a30d416a2019b54a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d6:af:01:0e:e7:da:c8:65:0d:d9:80:e8:3e:
6e:36:d6:ff:87:83:20:12:b7:a8:63:a6:f1:9a:cb:
0a:42:e4:6c:c6:17:66:a9:42:3c:f8:a0:b2:d6:1d:
f9:89:18:ca:4c:e2:9a:42:77:49:0f:c5:19:e4:f4:
d6:cf:7e:45:d6:05:65:db:b9:97:5e:c0:41:84:b0:
4a:7e:1c:9c:38:02:86:de:da:f9:29:19:8a:6b:35:
29:c6:c1:38:b0:99:65:08:cf:7a:ad:e1:2f:3a:f7:
a1:29:58:9a:16:e9:59:91:22:e3:9b:e9:ba:ea:c5:
5e:3d:42:47:ea:21:90:5f:1c:5d:93:26:aa:18:6f:
76:21:18:c2:8e:01:25:bb:8c:0b:41:00:5c:80:32:
c6:fe:aa:d7:87:1e:b2:85:07:fb:85:f6:fa:80:74:
72:15:ce:12:a3:53:50:ce:5b:82:ca:d2:45:80:f5:
3e:8a:90:59:53:22:f8:ab:90:71:7e:c4:4a:e1:8f:
05:ee:82:38:f6:7d:66:f2:fc:f2:98:87:95:51:c1:
83:8f:88:61:a3:ac:63:b0:0b:e5:ca:d3:5f:00:81:
70:dc:c9:74:39:f1:ce:4c:2d:6d:91:cc:8d:7b:81:
f5:9a:13:49:2a:9c:4f:65:70:01:13:16:df:e8:a3:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:04:36:DF:8F:21:69:A1:5B:B7:D7:A3:0D:41:6A:20:19:B5:4A:86
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/CwQ2348haaFbt9ejDUFqIBm1SoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.184.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:71:2e:dc:03:d7:71:b5:7c:c1:6e:69:4d:8a:83:a7:65:07:
17:4f:26:d2:32:c6:03:78:a3:19:74:27:11:e7:00:a5:ed:81:
ff:9e:a9:eb:a8:d7:a9:8d:ae:46:56:9d:b0:43:aa:8d:10:c9:
e8:1b:d5:36:2a:40:35:5f:4f:03:a8:b8:89:65:2c:bf:e7:29:
8f:c9:aa:11:d9:4a:32:a6:dc:38:ca:a0:ff:ff:99:fe:53:90:
ff:fb:dc:d4:21:59:af:24:b5:bf:0a:7a:c7:10:c6:23:54:ab:
13:76:7b:bb:98:ae:4e:f0:5f:8b:8e:2e:41:67:18:a0:d4:18:
5d:1d:55:9e:5f:65:e4:38:01:30:5a:ff:29:5e:bb:39:0a:2c:
44:86:ea:b2:9e:d9:a0:07:a7:a0:9b:e7:06:93:3d:52:59:de:
66:b7:89:e4:a8:1e:bd:1e:38:d5:03:4c:88:b8:7e:e5:a1:b5:
fc:14:29:36:a3:05:0b:b1:c3:45:d4:fc:60:da:84:46:ff:69:
7e:94:c3:17:46:da:2c:99:5b:ce:30:dc:95:e1:0f:c8:d0:e6:
e8:4c:f0:c1:d7:39:fa:d4:dc:05:72:1a:d0:d7:cc:68:c2:5e:
6d:6a:40:40:d8:1f:7e:79:74:cd:77:d5:98:38:86:5c:de:dd:
d7:4f:28:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY19Hu/TbyPUyjZgDlvWqs9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjA2MDYzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA0MzZkZjhmMjE2OWExNWJiN2Q3YTMwZDQxNmEyMDE5YjU0YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9avAQ7n2shlDdmA6D5uNtb/h4Mg
EreoY6bxmssKQuRsxhdmqUI8+KCy1h35iRjKTOKaQndJD8UZ5PTWz35F1gVl27mX
XsBBhLBKfhycOAKG3tr5KRmKazUpxsE4sJllCM96reEvOvehKViaFulZkSLjm+m6
6sVePUJH6iGQXxxdkyaqGG92IRjCjgElu4wLQQBcgDLG/qrXhx6yhQf7hfb6gHRy
Fc4So1NQzluCytJFgPU+ipBZUyL4q5BxfsRK4Y8F7oI49n1m8vzymIeVUcGDj4hh
o6xjsAvlytNfAIFw3Ml0OfHOTC1tkcyNe4H1mhNJKpxPZXABExbf6KMtxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsENt+PIWmhW7fXow1BaiAZtUqGMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvQ3dRMjM0OGhhYUZidDllakRVRnFJQm0xU29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXry4MA0G
CSqGSIb3DQEBCwUAA4IBAQAbcS7cA9dxtXzBbmlNioOnZQcXTybSMsYDeKMZdCcR
5wCl7YH/nqnrqNepja5GVp2wQ6qNEMnoG9U2KkA1X08DqLiJZSy/5ymPyaoR2Uoy
ptw4yqD//5n+U5D/+9zUIVmvJLW/CnrHEMYjVKsTdnu7mK5O8F+Lji5BZxig1Bhd
HVWeX2XkOAEwWv8pXrs5CixEhuqyntmgB6egm+cGkz1SWd5mt4nkqB69HjjVA0yI
uH7lobX8FCk2owULscNF1Pxg2oRG/2l+lMMXRtosmVvOMNyV4Q/I0OboTPDB1zn6
1NwFchrQ18xowl5takBA2B9+eXTNd9WYOIZc3t3XTyj1
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:49 2024 by rpki-client on console-ams.rpki-client.org