Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/nceJdp7QkfSZsTeC0l-WCEZHLrk.roa
File: nceJdp7QkfSZsTeC0l-WCEZHLrk.roa (raw, json)
Hash identifier: 0Y94pwb1ATfkTjU+cfR4PpkNq029RsPlkcFfvPXySSc=
Subject key identifier: 9D:C7:89:76:9E:D0:91:F4:99:B1:37:82:D2:5F:96:08:46:47:2E:B9
Certificate issuer: /CN=397879aff2c4369d06c4f119a6fd7a5a13db8697
Certificate serial: 018CC7267BF333286D939FEAEBB35C8DB70E
Authority key identifier: 39:78:79:AF:F2:C4:36:9D:06:C4:F1:19:A6:FD:7A:5A:13:DB:86:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXh5r_LENp0GxPEZpv16WhPbhpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/nceJdp7QkfSZsTeC0l-WCEZHLrk.roa
Signing time: Mon 01 Jan 2024 22:30:37 +0000
ROA not before: Mon 01 Jan 2024 22:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200697
IP address blocks: 185.98.24.0/24 maxlen: 24
185.98.27.0/24 maxlen: 24
185.98.25.0/24 maxlen: 24
185.98.26.0/24 maxlen: 24
2a04:7800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/OXh5r_LENp0GxPEZpv16WhPbhpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/OXh5r_LENp0GxPEZpv16WhPbhpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXh5r_LENp0GxPEZpv16WhPbhpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:7b:f3:33:28:6d:93:9f:ea:eb:b3:5c:8d:b7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397879aff2c4369d06c4f119a6fd7a5a13db8697
Validity
Not Before: Jan 1 22:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dc789769ed091f499b13782d25f960846472eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:64:1d:16:65:35:1d:aa:ce:83:dd:75:6f:68:
05:cd:c3:9b:93:77:3d:e4:b6:6e:2d:03:28:10:77:
f3:21:b1:49:82:07:90:f1:0f:a1:10:6c:69:a2:54:
39:34:ee:77:3f:09:05:be:6c:4a:9b:68:31:92:9d:
df:f0:5d:85:7b:66:92:93:35:f0:26:b6:a5:5f:d7:
ab:76:ac:69:c4:1e:fa:21:dd:22:9f:3b:dc:02:bd:
62:2e:10:e6:03:b2:6c:0d:4f:cc:13:26:48:9e:c1:
42:d4:f2:16:d2:ef:7c:7b:0e:a6:d0:04:7f:00:83:
9b:b9:56:f1:49:78:cb:5a:9f:cc:b8:e2:1f:8a:c6:
4e:8f:3d:b3:62:62:db:9b:95:7e:e5:c7:d6:49:e7:
6a:2f:4d:7d:96:e9:bb:4c:c8:7b:ab:cb:51:c8:78:
93:38:da:bc:09:90:cb:da:b2:6a:25:ec:35:8c:fd:
c8:f4:3c:9c:84:4c:44:06:3e:8a:58:91:c3:41:b5:
dd:2c:52:04:e6:25:5f:ef:37:c8:18:f1:6f:36:bc:
4c:45:83:21:70:7f:ad:91:cd:aa:56:0b:36:c2:13:
83:c7:32:b2:86:1e:d1:6a:b9:31:7e:0d:89:89:3a:
ce:4c:da:54:fb:9b:93:e9:10:82:c4:f6:ef:0c:69:
25:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C7:89:76:9E:D0:91:F4:99:B1:37:82:D2:5F:96:08:46:47:2E:B9
X509v3 Authority Key Identifier:
keyid:39:78:79:AF:F2:C4:36:9D:06:C4:F1:19:A6:FD:7A:5A:13:DB:86:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXh5r_LENp0GxPEZpv16WhPbhpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/nceJdp7QkfSZsTeC0l-WCEZHLrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/OXh5r_LENp0GxPEZpv16WhPbhpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.24.0/22
IPv6:
2a04:7800::/29
Signature Algorithm: sha256WithRSAEncryption
91:21:3c:b3:15:91:02:5b:c5:99:eb:d8:7f:cb:d4:0b:60:b3:
bd:19:8a:82:11:a0:b6:43:b2:a0:4b:89:20:1f:7a:58:9f:9b:
63:79:d8:ca:4b:e5:14:3a:0d:36:7e:50:52:51:77:94:1a:f7:
4a:57:4e:3e:0a:e3:75:04:0b:63:b8:6c:30:a5:5b:77:b6:40:
e2:b3:0d:c5:fa:ad:ef:e6:23:90:13:4c:5d:94:72:5d:91:53:
76:80:17:8a:67:84:d1:fe:30:6a:8a:11:fb:e9:9c:35:8c:0e:
34:f3:92:cd:b4:0a:b4:82:4d:e2:10:24:32:ad:6b:bd:f8:c1:
c3:e6:05:37:65:db:0b:1d:25:b3:2e:55:c3:b7:c7:0f:68:80:
5d:bd:69:f7:45:54:c4:c8:ba:65:d0:ee:c3:d1:bf:44:fa:c9:
da:a2:1c:be:6b:e5:56:57:e5:ca:27:c5:c4:4b:2b:b6:8b:3b:
66:e6:6b:e6:a1:2e:cc:77:80:78:50:ff:49:aa:66:ca:4a:3b:
32:3a:d5:71:a3:8e:09:1a:70:56:b5:e9:14:ec:d8:1a:97:af:
31:4a:85:69:2e:65:a3:c1:f6:d6:9b:3e:4e:94:9c:34:95:11:
07:a5:83:56:9c:a1:7f:67:d3:50:d5:d0:33:57:aa:d3:ac:d2:
14:cc:98:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJnvzMyhtk5/q67NcjbcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Nzg3OWFmZjJjNDM2OWQwNmM0ZjExOWE2ZmQ3YTVhMTNk
Yjg2OTcwHhcNMjQwMTAxMjIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGM3ODk3NjllZDA5MWY0OTliMTM3ODJkMjVmOTYwODQ2NDcyZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+GQdFmU1HarOg911b2gFzcObk3c9
5LZuLQMoEHfzIbFJggeQ8Q+hEGxpolQ5NO53PwkFvmxKm2gxkp3f8F2Fe2aSkzXw
JralX9erdqxpxB76Id0inzvcAr1iLhDmA7JsDU/MEyZInsFC1PIW0u98ew6m0AR/
AIObuVbxSXjLWp/MuOIfisZOjz2zYmLbm5V+5cfWSedqL019lum7TMh7q8tRyHiT
ONq8CZDL2rJqJew1jP3I9DychExEBj6KWJHDQbXdLFIE5iVf7zfIGPFvNrxMRYMh
cH+tkc2qVgs2whODxzKyhh7Rarkxfg2JiTrOTNpU+5uT6RCCxPbvDGklZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ3HiXae0JH0mbE3gtJflghGRy65MB8GA1UdIwQY
MBaAFDl4ea/yxDadBsTxGab9eloT24aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hoNXJfTEVOcDBHeFBFWnB2MTZXaFBiaHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84NmVkNmQtZTEyNi00Mjc5LWFkOTgt
NjY5MmZjNjE5NTY3LzEvbmNlSmRwN1FrZlNac1RlQzBsLVdDRVpITHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84NmVkNmQtZTEyNi00Mjc5LWFkOTgtNjY5MmZjNjE5NTY3
LzEvT1hoNXJfTEVOcDBHeFBFWnB2MTZXaFBiaHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWIYMA0E
AgACMAcDBQMqBHgAMA0GCSqGSIb3DQEBCwUAA4IBAQCRITyzFZECW8WZ69h/y9QL
YLO9GYqCEaC2Q7KgS4kgH3pYn5tjedjKS+UUOg02flBSUXeUGvdKV04+CuN1BAtj
uGwwpVt3tkDisw3F+q3v5iOQE0xdlHJdkVN2gBeKZ4TR/jBqihH76Zw1jA4085LN
tAq0gk3iECQyrWu9+MHD5gU3ZdsLHSWzLlXDt8cPaIBdvWn3RVTEyLpl0O7D0b9E
+snaohy+a+VWV+XKJ8XESyu2iztm5mvmoS7Md4B4UP9JqmbKSjsyOtVxo44JGnBW
tekU7Ngal68xSoVpLmWjwfbWmz5OlJw0lREHpYNWnKF/Z9NQ1dAzV6rTrNIUzJhK
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:41:29 2024 by rpki-client on console-ams.rpki-client.org