Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/C-nUdNwj2tk44oXG0HnlL84BUow.roa
File: C-nUdNwj2tk44oXG0HnlL84BUow.roa (raw, json)
Hash identifier: /8DkYI83MeWX+uVUnpcdCdW7iEHSL/JDZvDpDZzxNec=
Subject key identifier: 0B:E9:D4:74:DC:23:DA:D9:38:E2:85:C6:D0:79:E5:2F:CE:01:52:8C
Certificate issuer: /CN=cf9cc33182e44d897f4eacf14213467ef88711d4
Certificate serial: 018CC2DB641FB0731C4F93EB7352F4921B0D
Authority key identifier: CF:9C:C3:31:82:E4:4D:89:7F:4E:AC:F1:42:13:46:7E:F8:87:11:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5zDMYLkTYl_TqzxQhNGfviHEdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/C-nUdNwj2tk44oXG0HnlL84BUow.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35393
IP address blocks: 193.200.171.0/24 maxlen: 24
91.209.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/z5zDMYLkTYl_TqzxQhNGfviHEdQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/z5zDMYLkTYl_TqzxQhNGfviHEdQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/z5zDMYLkTYl_TqzxQhNGfviHEdQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:64:1f:b0:73:1c:4f:93:eb:73:52:f4:92:1b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9cc33182e44d897f4eacf14213467ef88711d4
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0be9d474dc23dad938e285c6d079e52fce01528c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:13:16:1c:a8:2b:12:19:a3:26:b4:a4:57:
ca:81:ed:9e:30:d2:ef:f7:d4:ff:80:a9:63:08:61:
7e:d2:56:00:9d:8b:1c:05:cd:c8:f1:ff:da:f2:d1:
b6:8e:d1:2b:52:98:d6:60:af:b3:c9:19:32:67:5f:
1e:96:8d:cc:5b:ee:53:66:82:36:72:63:04:7d:59:
d5:66:2b:4a:07:5f:78:ea:1d:82:38:f6:11:bc:1f:
67:c5:a0:65:e0:f0:f0:d7:3e:6d:e3:e7:ef:4c:bc:
04:69:9e:09:7c:9c:79:71:8a:a0:06:12:8f:3c:0c:
0b:96:80:2f:63:c1:e0:f1:f4:92:9a:1c:14:f8:94:
b4:37:3f:04:39:77:5f:92:a7:f8:91:05:3d:20:6f:
02:f6:b8:58:3d:d2:4d:0c:6b:8e:4a:b1:86:51:65:
61:5d:5a:8c:02:63:a0:93:79:c1:7e:b8:f1:25:c5:
a2:7f:3d:d7:ec:5d:62:1c:2c:ed:ce:17:dc:14:50:
bf:ae:26:a3:3c:33:82:1d:4d:83:1e:b4:2c:79:16:
bd:c2:f1:55:9a:dc:1f:c7:32:3a:d2:5f:44:e1:bf:
85:12:d9:76:e1:51:e2:53:18:b2:97:4e:49:47:96:
8b:e8:05:36:46:5c:96:2d:4f:28:ae:3d:04:35:29:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E9:D4:74:DC:23:DA:D9:38:E2:85:C6:D0:79:E5:2F:CE:01:52:8C
X509v3 Authority Key Identifier:
keyid:CF:9C:C3:31:82:E4:4D:89:7F:4E:AC:F1:42:13:46:7E:F8:87:11:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5zDMYLkTYl_TqzxQhNGfviHEdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/C-nUdNwj2tk44oXG0HnlL84BUow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/z5zDMYLkTYl_TqzxQhNGfviHEdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.245.0/24
193.200.171.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b5:61:d7:88:75:4e:9b:c1:65:59:96:14:11:60:97:a1:b2:
85:88:29:b6:fe:bb:1d:17:f2:5e:45:8c:a2:a0:b2:23:08:8e:
ea:b8:a5:16:76:dc:3c:8a:e9:30:b2:04:76:2a:cc:4a:e3:e8:
75:6e:f3:53:ff:79:ac:80:b2:90:3d:45:79:69:c0:71:59:50:
82:c9:87:88:6d:03:ca:56:42:8c:ef:1d:c2:19:f1:72:f2:ad:
13:72:15:4d:7e:21:9f:37:72:b4:6e:4e:2c:61:24:64:63:0c:
16:0e:cd:1d:26:4e:78:71:23:b8:a8:a0:1e:ce:71:0e:fb:2d:
dc:95:01:b8:1d:65:9d:ed:da:58:35:72:11:50:50:5e:29:33:
93:40:d3:01:c1:5c:24:de:e5:d9:dd:49:c8:05:f6:b8:49:c3:
66:8c:94:2c:b1:df:e1:ae:1e:0b:9f:a9:6f:7d:f2:e1:ec:b0:
a1:51:7f:b0:80:4c:2a:a4:c3:ef:b3:75:ea:8d:c3:9c:30:51:
61:06:f2:6a:69:6c:98:50:8c:9e:d2:82:cd:68:c7:bf:55:39:
10:25:f9:8e:97:65:24:d0:b2:78:c4:5c:d8:bc:75:ad:a0:cd:
40:67:f9:87:ff:75:73:be:a5:1c:10:18:08:76:bc:55:f4:c9:
dd:a4:0e:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC22QfsHMcT5Prc1L0khsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOWNjMzMxODJlNDRkODk3ZjRlYWNmMTQyMTM0NjdlZjg4
NzExZDQwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmU5ZDQ3NGRjMjNkYWQ5MzhlMjg1YzZkMDc5ZTUyZmNlMDE1MjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt0TFhyoKxIZoya0pFfKge2eMNLv
99T/gKljCGF+0lYAnYscBc3I8f/a8tG2jtErUpjWYK+zyRkyZ18elo3MW+5TZoI2
cmMEfVnVZitKB1946h2COPYRvB9nxaBl4PDw1z5t4+fvTLwEaZ4JfJx5cYqgBhKP
PAwLloAvY8Hg8fSSmhwU+JS0Nz8EOXdfkqf4kQU9IG8C9rhYPdJNDGuOSrGGUWVh
XVqMAmOgk3nBfrjxJcWifz3X7F1iHCztzhfcFFC/riajPDOCHU2DHrQseRa9wvFV
mtwfxzI60l9E4b+FEtl24VHiUxiyl05JR5aL6AU2RlyWLU8orj0ENSln9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAvp1HTcI9rZOOKFxtB55S/OAVKMMB8GA1UdIwQY
MBaAFM+cwzGC5E2Jf06s8UITRn74hxHUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejV6RE1ZTGtUWWxfVHF6eFFoTkdmdmlIRWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85MjgzMWUtYjBmZC00MzEyLWE0NmIt
MjRhMGQ4MmNlYTllLzEvQy1uVWROd2oydGs0NG9YRzBIbmxMODRCVW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85MjgzMWUtYjBmZC00MzEyLWE0NmItMjRhMGQ4MmNlYTll
LzEvejV6RE1ZTGtUWWxfVHF6eFFoTkdmdmlIRWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9H1AwQA
wcirMA0GCSqGSIb3DQEBCwUAA4IBAQAUtWHXiHVOm8FlWZYUEWCXobKFiCm2/rsd
F/JeRYyioLIjCI7quKUWdtw8iukwsgR2KsxK4+h1bvNT/3msgLKQPUV5acBxWVCC
yYeIbQPKVkKM7x3CGfFy8q0TchVNfiGfN3K0bk4sYSRkYwwWDs0dJk54cSO4qKAe
znEO+y3clQG4HWWd7dpYNXIRUFBeKTOTQNMBwVwk3uXZ3UnIBfa4ScNmjJQssd/h
rh4Ln6lvffLh7LChUX+wgEwqpMPvs3XqjcOcMFFhBvJqaWyYUIye0oLNaMe/VTkQ
JfmOl2Uk0LJ4xFzYvHWtoM1AZ/mH/3VzvqUcEBgIdrxV9MndpA7f
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:00 2024 by rpki-client on console-fra.rpki-client.org