Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/2csktXYVGXHJ4SDIzf8-9e9MOVM.roa
File: 2csktXYVGXHJ4SDIzf8-9e9MOVM.roa (raw, json)
Hash identifier: iRgHnHGSm+HMp34kBhpZ48oPkbloT/Ntw3CfMB29SHU=
Subject key identifier: D9:CB:24:B5:76:15:19:71:C9:E1:20:C8:CD:FF:3E:F5:EF:4C:39:53
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 018CC64B769964492E887468739DB462B085
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/2csktXYVGXHJ4SDIzf8-9e9MOVM.roa
Signing time: Mon 01 Jan 2024 18:31:23 +0000
ROA not before: Mon 01 Jan 2024 18:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202371
IP address blocks: 94.185.120.0/24 maxlen: 24
94.185.121.0/24 maxlen: 24
94.185.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:76:99:64:49:2e:88:74:68:73:9d:b4:62:b0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Jan 1 18:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9cb24b576151971c9e120c8cdff3ef5ef4c3953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:15:f1:31:eb:b5:57:f8:c9:bf:08:1b:66:fd:
91:8d:af:53:e3:62:73:86:ad:ba:f6:f5:6d:a1:17:
7e:3e:0d:9c:14:da:aa:af:8b:36:91:36:c9:eb:a3:
a3:cb:b8:05:4f:65:6e:20:ca:b9:3d:08:a8:2e:f3:
3e:eb:df:13:fd:26:47:83:eb:c4:e2:cc:70:2b:28:
1f:cf:4f:5b:26:19:1a:2b:5d:1f:b3:b7:48:56:1f:
d6:b5:02:8d:24:ae:49:0c:3a:72:98:b0:9d:93:90:
a4:bf:f5:91:63:3f:23:db:06:27:36:1d:a6:2e:5c:
f7:ef:f1:ad:19:62:c2:c1:99:8f:16:fb:3c:64:57:
9b:f2:d9:d8:47:6e:18:44:b3:79:5d:73:e9:c0:86:
a2:95:3c:8d:b3:58:aa:29:b2:cc:b3:2a:7e:fe:7a:
02:e4:fd:2c:52:e1:4d:87:b1:94:83:52:a7:22:3e:
e5:d0:cd:77:93:5e:8f:e8:63:cf:4f:82:fb:ba:e2:
c7:93:65:8d:3a:f3:30:6a:54:95:a9:81:3d:b7:d2:
21:84:5e:d3:1b:71:67:ea:66:79:1c:34:73:54:6b:
67:4b:ff:41:75:cd:fa:67:de:3e:4f:76:12:49:3b:
90:4e:9b:d3:7a:89:45:48:13:bd:2f:45:45:bf:0d:
84:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CB:24:B5:76:15:19:71:C9:E1:20:C8:CD:FF:3E:F5:EF:4C:39:53
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/2csktXYVGXHJ4SDIzf8-9e9MOVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.120.0-94.185.122.255
Signature Algorithm: sha256WithRSAEncryption
4b:33:8a:57:fe:00:c7:0d:fa:97:df:3c:23:b4:48:a5:36:b8:
82:31:84:cd:bd:ec:2b:3e:b0:4f:d3:ba:27:60:e9:d4:3f:9d:
30:9a:e5:e6:92:69:8b:49:6d:a2:b3:e2:d1:f2:28:67:5b:96:
47:94:30:1b:79:5f:aa:0f:8b:c2:5a:63:84:1f:5c:fe:ea:f3:
64:36:d9:15:f1:10:68:a3:70:0a:eb:a3:88:ed:3e:6f:bf:a8:
f1:bc:da:09:a9:3b:39:ee:f4:07:61:e2:85:2a:b5:08:0f:f5:
9f:0f:ec:2f:19:54:2b:15:e1:18:0d:36:75:5d:d1:2d:8a:05:
3d:1a:c3:dc:87:79:20:3c:35:98:6f:95:7e:ff:42:8a:1b:d6:
5f:ff:e0:c0:ab:89:6f:0e:e0:3a:96:1f:c4:a0:a6:d1:cd:f5:
39:7a:9c:fa:38:80:88:6e:dc:0c:d9:fa:fa:6e:c6:ea:de:fd:
f7:e7:e3:17:18:da:ca:b8:aa:1f:73:f1:4e:fb:2c:eb:cf:e4:
9f:89:7b:a2:75:97:ae:85:6d:98:c5:c6:b2:85:1d:56:aa:9f:
19:23:db:cd:6f:0d:b0:30:56:f0:d9:38:c3:fa:76:57:30:fb:
2e:64:f1:7b:b6:97:e4:f3:15:7e:11:ef:91:b1:db:3e:43:d3:
c8:6d:bf:60
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGS3aZZEkuiHRoc520YrCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjQwMTAxMTgzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNiMjRiNTc2MTUxOTcxYzllMTIwYzhjZGZmM2VmNWVmNGMzOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRXxMeu1V/jJvwgbZv2Rja9T42Jz
hq269vVtoRd+Pg2cFNqqr4s2kTbJ66Ojy7gFT2VuIMq5PQioLvM+698T/SZHg+vE
4sxwKygfz09bJhkaK10fs7dIVh/WtQKNJK5JDDpymLCdk5Ckv/WRYz8j2wYnNh2m
Llz37/GtGWLCwZmPFvs8ZFeb8tnYR24YRLN5XXPpwIailTyNs1iqKbLMsyp+/noC
5P0sUuFNh7GUg1KnIj7l0M13k16P6GPPT4L7uuLHk2WNOvMwalSVqYE9t9IhhF7T
G3Fn6mZ5HDRzVGtnS/9Bdc36Z94+T3YSSTuQTpvTeolFSBO9L0VFvw2EkwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNnLJLV2FRlxyeEgyM3/PvXvTDlTMB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvMmNza3RYWVZHWEhKNFNESXpmOC05ZTlNT1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANeuXgD
BABeuXowDQYJKoZIhvcNAQELBQADggEBAEszilf+AMcN+pffPCO0SKU2uIIxhM29
7Cs+sE/Tuidg6dQ/nTCa5eaSaYtJbaKz4tHyKGdblkeUMBt5X6oPi8JaY4QfXP7q
82Q22RXxEGijcArro4jtPm+/qPG82gmpOznu9Adh4oUqtQgP9Z8P7C8ZVCsV4RgN
NnVd0S2KBT0aw9yHeSA8NZhvlX7/Qoob1l//4MCriW8O4DqWH8SgptHN9Tl6nPo4
gIhu3AzZ+vpuxure/ffn4xcY2sq4qh9z8U77LOvP5J+Je6J1l66FbZjFxrKFHVaq
nxkj281vDbAwVvDZOMP6dlcw+y5k8Xu2l+TzFX4R75Gx2z5D08htv2A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:26 2024 by rpki-client on console-ams.rpki-client.org