Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/0KSPuj7l6tfKnK0WkpREg2PPxL8.roa
File: 0KSPuj7l6tfKnK0WkpREg2PPxL8.roa (raw, json)
Hash identifier: RZQSsvJM6rqBassT4MHscCjrhxKmnrfE0U/iJ2OGcso=
Subject key identifier: D0:A4:8F:BA:3E:E5:EA:D7:CA:9C:AD:16:92:94:44:83:63:CF:C4:BF
Certificate issuer: /CN=cf1bb1aa0c93b7918c2fd2433b41c21d79d44daa
Certificate serial: 018CC802FEB454A0DA736CA7A79603842AB9
Authority key identifier: CF:1B:B1:AA:0C:93:B7:91:8C:2F:D2:43:3B:41:C2:1D:79:D4:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxuxqgyTt5GML9JDO0HCHXnUTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/0KSPuj7l6tfKnK0WkpREg2PPxL8.roa
Signing time: Tue 02 Jan 2024 02:31:28 +0000
ROA not before: Tue 02 Jan 2024 02:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25141
IP address blocks: 93.157.9.0/24 maxlen: 24
93.157.11.0/24 maxlen: 24
93.157.8.0/24 maxlen: 24
93.157.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/zxuxqgyTt5GML9JDO0HCHXnUTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/zxuxqgyTt5GML9JDO0HCHXnUTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zxuxqgyTt5GML9JDO0HCHXnUTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 13:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fe:b4:54:a0:da:73:6c:a7:a7:96:03:84:2a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1bb1aa0c93b7918c2fd2433b41c21d79d44daa
Validity
Not Before: Jan 2 02:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0a48fba3ee5ead7ca9cad169294448363cfc4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:67:19:27:0b:4c:e5:83:9e:75:dd:b9:ab:5d:
77:81:06:08:1a:16:02:6b:53:0f:ad:5f:1e:31:27:
6b:79:f6:e0:39:05:ae:94:f1:5b:2c:ea:ea:26:e0:
ba:9f:9e:5c:92:c0:a8:e0:bb:b7:cb:f5:f9:9e:a4:
00:69:bc:1d:47:10:75:03:bd:26:20:6d:fc:df:36:
05:f8:48:8f:04:f7:1a:d4:3c:e4:43:70:ce:31:e6:
f1:45:b0:6f:45:c3:a1:78:98:9a:d2:c1:62:b1:2c:
6c:eb:eb:b0:86:d8:0b:04:9f:72:73:61:aa:ce:3f:
f3:64:ba:63:2b:13:92:a9:e4:9f:02:83:a9:26:32:
10:43:60:37:ce:82:06:35:ba:18:c3:68:81:b9:94:
a9:6a:8e:b2:c0:84:6d:63:47:f1:70:90:23:ab:79:
b4:41:d5:26:ad:d8:35:23:94:7a:9a:59:6b:5c:7e:
27:12:84:99:41:e2:64:d4:51:19:c2:d5:27:da:04:
71:fd:27:83:b3:20:6b:82:b6:fb:33:1a:82:59:46:
80:15:02:0f:a2:f3:02:bf:77:22:aa:c1:62:1b:70:
03:76:30:21:a9:9d:10:39:df:80:d5:f7:b0:71:3f:
47:7c:28:95:36:19:54:02:0f:96:8c:5c:d8:ac:3a:
4c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A4:8F:BA:3E:E5:EA:D7:CA:9C:AD:16:92:94:44:83:63:CF:C4:BF
X509v3 Authority Key Identifier:
keyid:CF:1B:B1:AA:0C:93:B7:91:8C:2F:D2:43:3B:41:C2:1D:79:D4:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxuxqgyTt5GML9JDO0HCHXnUTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/0KSPuj7l6tfKnK0WkpREg2PPxL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f2f26a-1547-43f3-a239-c9f09af729cf/1/zxuxqgyTt5GML9JDO0HCHXnUTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.8.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:cd:5b:40:69:8d:4d:2d:9c:39:54:ff:29:39:e7:55:d7:5c:
53:d1:e1:b0:4a:d3:be:f1:d9:e0:26:75:42:e3:76:48:12:92:
f5:41:c7:50:c6:03:35:4d:6a:a0:85:b6:aa:a1:62:77:a5:79:
a3:c8:8c:0b:a3:85:01:b1:47:cf:f9:1f:e2:e7:31:78:fd:40:
d5:54:8a:53:47:71:25:df:3c:9c:e6:0c:56:fe:5f:40:c6:eb:
d9:9d:08:af:92:6f:0a:b4:f4:f2:66:81:96:6d:1d:9c:62:f8:
90:4d:61:3d:4d:64:1d:3a:cf:d8:44:47:e4:59:18:f1:60:4d:
bc:20:18:9b:1c:46:0e:89:5e:2a:e3:36:46:8f:5b:d9:10:a9:
3f:bf:2c:06:4e:13:d0:b3:25:c7:50:b5:c7:15:6d:90:c4:da:
9a:9a:dd:79:6a:62:78:f8:14:c0:a1:89:a7:5a:7b:06:9d:8b:
a6:e3:18:28:2c:50:47:1b:c6:37:ca:bd:16:fb:b9:4e:9c:8b:
1b:75:a5:8c:a3:9f:fd:dc:a8:f5:05:8d:9c:60:0b:74:30:01:
16:e9:b0:87:a8:03:d4:01:d4:3a:cb:66:a4:af:9c:25:87:53:
82:16:13:27:0c:23:f4:90:d4:cf:8c:b0:a5:42:07:53:37:1d:
10:90:a6:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAv60VKDac2ynp5YDhCq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWJiMWFhMGM5M2I3OTE4YzJmZDI0MzNiNDFjMjFkNzlk
NDRkYWEwHhcNMjQwMTAyMDIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE0OGZiYTNlZTVlYWQ3Y2E5Y2FkMTY5Mjk0NDQ4MzYzY2ZjNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGcZJwtM5YOedd25q113gQYIGhYC
a1MPrV8eMSdrefbgOQWulPFbLOrqJuC6n55cksCo4Lu3y/X5nqQAabwdRxB1A70m
IG383zYF+EiPBPca1DzkQ3DOMebxRbBvRcOheJia0sFisSxs6+uwhtgLBJ9yc2Gq
zj/zZLpjKxOSqeSfAoOpJjIQQ2A3zoIGNboYw2iBuZSpao6ywIRtY0fxcJAjq3m0
QdUmrdg1I5R6mllrXH4nEoSZQeJk1FEZwtUn2gRx/SeDsyBrgrb7MxqCWUaAFQIP
ovMCv3ciqsFiG3ADdjAhqZ0QOd+A1fewcT9HfCiVNhlUAg+WjFzYrDpMRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCkj7o+5erXypytFpKURINjz8S/MB8GA1UdIwQY
MBaAFM8bsaoMk7eRjC/SQztBwh151E2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenh1eHFneVR0NUdNTDlKRE8wSENIWG5VVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMmYyNmEtMTU0Ny00M2YzLWEyMzkt
YzlmMDlhZjcyOWNmLzEvMEtTUHVqN2w2dGZLbkswV2twUkVnMlBQeEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMmYyNmEtMTU0Ny00M2YzLWEyMzktYzlmMDlhZjcyOWNm
LzEvenh1eHFneVR0NUdNTDlKRE8wSENIWG5VVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXZ0IMA0G
CSqGSIb3DQEBCwUAA4IBAQCOzVtAaY1NLZw5VP8pOedV11xT0eGwStO+8dngJnVC
43ZIEpL1QcdQxgM1TWqghbaqoWJ3pXmjyIwLo4UBsUfP+R/i5zF4/UDVVIpTR3El
3zyc5gxW/l9AxuvZnQivkm8KtPTyZoGWbR2cYviQTWE9TWQdOs/YREfkWRjxYE28
IBibHEYOiV4q4zZGj1vZEKk/vywGThPQsyXHULXHFW2QxNqamt15amJ4+BTAoYmn
WnsGnYum4xgoLFBHG8Y3yr0W+7lOnIsbdaWMo5/93Kj1BY2cYAt0MAEW6bCHqAPU
AdQ6y2akr5wlh1OCFhMnDCP0kNTPjLClQgdTNx0QkKY2
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:38:09 2024 by rpki-client on console-ams.rpki-client.org