Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/oXPprr6CcPqNrGkBXEjO7fCt-6c.roa
File: oXPprr6CcPqNrGkBXEjO7fCt-6c.roa (raw, json)
Hash identifier: 01W5f5FIEAHhk9co1JIe8uH5rGWNeq45vpYH2aD2dbg=
Subject key identifier: A1:73:E9:AE:BE:82:70:FA:8D:AC:69:01:5C:48:CE:ED:F0:AD:FB:A7
Certificate issuer: /CN=c3042f5c4789c97c4f92ef2177e7b8938c8dd5c4
Certificate serial: 018E517A7B3526521B377533D750CC71A97F
Authority key identifier: C3:04:2F:5C:47:89:C9:7C:4F:92:EF:21:77:E7:B8:93:8C:8D:D5:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wwQvXEeJyXxPku8hd-e4k4yN1cQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/oXPprr6CcPqNrGkBXEjO7fCt-6c.roa
Signing time: Mon 18 Mar 2024 12:12:45 +0000
ROA not before: Mon 18 Mar 2024 12:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 89.145.172.0/22 maxlen: 24
185.177.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/wwQvXEeJyXxPku8hd-e4k4yN1cQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/wwQvXEeJyXxPku8hd-e4k4yN1cQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wwQvXEeJyXxPku8hd-e4k4yN1cQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:7a:7b:35:26:52:1b:37:75:33:d7:50:cc:71:a9:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3042f5c4789c97c4f92ef2177e7b8938c8dd5c4
Validity
Not Before: Mar 18 12:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a173e9aebe8270fa8dac69015c48ceedf0adfba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:06:45:a1:4d:05:2f:74:f8:05:7b:61:38:
27:b3:db:2a:22:79:a9:2e:0e:1b:58:d1:9a:29:36:
9c:fa:9a:46:71:83:c7:a1:55:8b:21:28:21:40:61:
9d:3f:70:3d:a8:78:24:53:7c:05:0d:6a:f0:d5:a1:
34:26:ac:91:2e:1d:39:a0:da:f1:dd:fa:e2:ff:4f:
e8:92:c3:82:c1:95:ee:5f:0a:d5:40:08:ab:f0:a0:
a4:14:57:d9:b2:5f:4c:9e:17:dd:8f:8f:a5:f7:45:
af:73:e2:d3:24:c3:8f:ca:7e:df:db:cc:36:15:2f:
20:5d:9e:77:10:aa:d8:f8:46:60:c5:32:d7:c1:6a:
0f:ca:1e:f2:3b:f6:a6:9a:e1:4f:f8:01:89:d0:ad:
a0:0f:44:ac:33:84:28:54:8f:50:df:9c:ad:60:c3:
13:c3:42:38:e3:4f:8f:3e:f2:cb:1d:86:06:b3:56:
3b:b7:f1:03:f8:7d:6c:c8:73:de:6d:25:b9:8d:26:
33:bb:61:a1:35:5b:fd:73:c9:14:4c:b0:c1:23:1d:
86:f8:75:87:ab:e6:30:69:58:f9:fc:c7:ac:37:db:
25:43:99:97:c5:8e:8d:80:da:5a:d7:58:9b:29:4e:
a0:d6:18:58:da:51:e8:d8:b0:40:9d:6d:20:df:9c:
97:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:73:E9:AE:BE:82:70:FA:8D:AC:69:01:5C:48:CE:ED:F0:AD:FB:A7
X509v3 Authority Key Identifier:
keyid:C3:04:2F:5C:47:89:C9:7C:4F:92:EF:21:77:E7:B8:93:8C:8D:D5:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wwQvXEeJyXxPku8hd-e4k4yN1cQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/oXPprr6CcPqNrGkBXEjO7fCt-6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/wwQvXEeJyXxPku8hd-e4k4yN1cQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.172.0/22
185.177.64.0/22
Signature Algorithm: sha256WithRSAEncryption
13:14:5a:dd:3e:bf:01:f6:87:19:41:f8:0e:17:87:15:8f:6d:
6b:f9:78:4b:da:1a:b1:67:ea:6e:c0:1b:e7:be:83:4b:54:9b:
2b:2d:19:50:6f:40:95:94:33:67:2f:d5:6a:f9:70:5c:03:e7:
73:05:38:83:7c:98:5f:6b:41:a5:a9:12:7b:64:ea:30:99:f2:
af:d9:a8:b9:ab:11:a4:d1:11:1d:3d:e0:bb:ae:0a:42:f8:6c:
ea:0f:a8:e5:3f:0a:6d:cc:30:d1:ae:ba:6f:fa:8a:64:52:cc:
36:c3:c9:3d:55:25:7d:fc:e1:d1:4d:31:73:e4:c8:4f:42:b8:
f0:92:a6:2a:38:8b:3c:c2:e3:4f:41:0a:9a:72:a8:4b:52:71:
74:be:51:8a:b0:db:c2:a1:d4:1f:82:05:7a:2b:2e:b0:e7:30:
99:83:ad:d5:0b:0b:21:bb:65:a0:bd:76:fe:9a:48:e6:11:47:
bf:a6:75:4a:6c:1f:41:5d:8c:0f:00:1c:a2:70:c0:bf:36:fd:
6d:54:16:86:35:83:21:39:19:10:f3:0e:90:72:a2:52:e4:f3:
1c:03:72:72:ac:9b:e7:ad:ba:d8:dd:aa:6e:4e:9a:88:d1:29:
b1:e5:59:87:ba:c0:11:2b:9e:31:1b:62:1a:d2:42:7a:6e:3a:
68:b8:34:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5Rens1JlIbN3Uz11DMcal/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMDQyZjVjNDc4OWM5N2M0ZjkyZWYyMTc3ZTdiODkzOGM4
ZGQ1YzQwHhcNMjQwMzE4MTIxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTczZTlhZWJlODI3MGZhOGRhYzY5MDE1YzQ4Y2VlZGYwYWRmYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSwGRaFNBS90+AV7YTgns9sqInmp
Lg4bWNGaKTac+ppGcYPHoVWLISghQGGdP3A9qHgkU3wFDWrw1aE0JqyRLh05oNrx
3fri/0/oksOCwZXuXwrVQAir8KCkFFfZsl9Mnhfdj4+l90Wvc+LTJMOPyn7f28w2
FS8gXZ53EKrY+EZgxTLXwWoPyh7yO/ammuFP+AGJ0K2gD0SsM4QoVI9Q35ytYMMT
w0I440+PPvLLHYYGs1Y7t/ED+H1syHPebSW5jSYzu2GhNVv9c8kUTLDBIx2G+HWH
q+YwaVj5/MesN9slQ5mXxY6NgNpa11ibKU6g1hhY2lHo2LBAnW0g35yX7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKFz6a6+gnD6jaxpAVxIzu3wrfunMB8GA1UdIwQY
MBaAFMMEL1xHicl8T5LvIXfnuJOMjdXEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3dRdlhFZUp5WHhQa3U4aGQtZTRrNHlOMWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85ZTFkNWItZGU2MS00ZDlhLTg0YmQt
MDI3OTJmOWNmMDdiLzEvb1hQcHJyNkNjUHFOckdrQlhFak83ZkN0LTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy85ZTFkNWItZGU2MS00ZDlhLTg0YmQtMDI3OTJmOWNmMDdi
LzEvd3dRdlhFZUp5WHhQa3U4aGQtZTRrNHlOMWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWZGsAwQC
ubFAMA0GCSqGSIb3DQEBCwUAA4IBAQATFFrdPr8B9ocZQfgOF4cVj21r+XhL2hqx
Z+puwBvnvoNLVJsrLRlQb0CVlDNnL9Vq+XBcA+dzBTiDfJhfa0GlqRJ7ZOowmfKv
2ai5qxGk0REdPeC7rgpC+GzqD6jlPwptzDDRrrpv+opkUsw2w8k9VSV9/OHRTTFz
5MhPQrjwkqYqOIs8wuNPQQqacqhLUnF0vlGKsNvCodQfggV6Ky6w5zCZg63VCwsh
u2WgvXb+mkjmEUe/pnVKbB9BXYwPAByicMC/Nv1tVBaGNYMhORkQ8w6QcqJS5PMc
A3JyrJvnrbrY3apuTpqI0Smx5VmHusARK54xG2Ia0kJ6bjpouDRd
-----END CERTIFICATE-----
Generated at Fri May 3 18:20:29 2024 by rpki-client on console-ams.rpki-client.org