Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/97914b-eb62-46d1-a9d4-05bf81b4298b/1/1lWhM1PJbqO6i8iT434YfCnETJ4.roa
File: 1lWhM1PJbqO6i8iT434YfCnETJ4.roa (raw, json)
Hash identifier: wXO3Pp/7dJCV+b5cIm54vsaghYjOgQsYhYzysQEfhUc=
Subject key identifier: D6:55:A1:33:53:C9:6E:A3:BA:8B:C8:93:E3:7E:18:7C:29:C4:4C:9E
Certificate issuer: /CN=93656fb5860c9d3cfcb35658540c7230a0ba1e8d
Certificate serial: 018CC8DF40639A59790DDD2AF242B5079C97
Authority key identifier: 93:65:6F:B5:86:0C:9D:3C:FC:B3:56:58:54:0C:72:30:A0:BA:1E:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2VvtYYMnTz8s1ZYVAxyMKC6Ho0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/97914b-eb62-46d1-a9d4-05bf81b4298b/1/1lWhM1PJbqO6i8iT434YfCnETJ4.roa
Signing time: Tue 02 Jan 2024 06:32:03 +0000
ROA not before: Tue 02 Jan 2024 06:32:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51342
IP address blocks: 195.128.166.0/23 maxlen: 24
176.124.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/97914b-eb62-46d1-a9d4-05bf81b4298b/1/k2VvtYYMnTz8s1ZYVAxyMKC6Ho0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/97914b-eb62-46d1-a9d4-05bf81b4298b/1/k2VvtYYMnTz8s1ZYVAxyMKC6Ho0.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2VvtYYMnTz8s1ZYVAxyMKC6Ho0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:40:63:9a:59:79:0d:dd:2a:f2:42:b5:07:9c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93656fb5860c9d3cfcb35658540c7230a0ba1e8d
Validity
Not Before: Jan 2 06:32:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d655a13353c96ea3ba8bc893e37e187c29c44c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:73:95:d7:e1:78:7e:64:c6:0f:74:5a:06:fc:
ab:d9:ca:3f:cb:c8:61:b4:dd:1d:d0:db:02:35:76:
da:55:cf:d0:29:e3:5e:3e:b3:2c:1a:13:3d:3b:1c:
4f:29:cd:6c:2e:57:a1:b1:c4:39:e5:c3:8b:3c:36:
92:a8:dd:1a:c1:9f:bd:a1:e7:5c:d6:27:ae:b0:f7:
f9:aa:59:4a:3d:53:38:65:6c:50:19:27:d3:aa:53:
91:89:e8:47:5e:0f:07:7f:78:c4:02:2a:88:36:19:
20:c8:03:41:85:f7:4d:6f:a4:4a:c8:dd:07:32:85:
61:3c:f4:34:90:c1:bc:0b:c7:1f:23:53:3d:9a:3e:
30:0e:2e:7e:c2:39:69:9e:40:23:1c:5c:dd:08:b9:
f9:74:a2:1f:6c:61:b4:28:b0:08:e0:73:82:9d:c0:
b1:f2:da:95:8e:04:49:c3:b9:42:40:c2:50:b3:38:
d4:db:19:01:91:06:6e:5d:4e:b9:a9:63:6a:d2:e0:
ef:b1:8d:3f:28:3f:b4:26:7d:32:27:da:9e:8d:0b:
eb:7a:95:02:3d:ca:26:00:b0:72:6d:37:59:89:4e:
89:78:c3:47:11:38:8c:61:52:d6:36:4f:85:a5:b7:
51:1d:38:60:aa:8a:71:52:7c:e7:e4:07:1b:6f:f1:
fd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:55:A1:33:53:C9:6E:A3:BA:8B:C8:93:E3:7E:18:7C:29:C4:4C:9E
X509v3 Authority Key Identifier:
keyid:93:65:6F:B5:86:0C:9D:3C:FC:B3:56:58:54:0C:72:30:A0:BA:1E:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2VvtYYMnTz8s1ZYVAxyMKC6Ho0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/97914b-eb62-46d1-a9d4-05bf81b4298b/1/1lWhM1PJbqO6i8iT434YfCnETJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/97914b-eb62-46d1-a9d4-05bf81b4298b/1/k2VvtYYMnTz8s1ZYVAxyMKC6Ho0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.96.0/21
195.128.166.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:5f:a4:70:3b:e5:fc:79:51:66:e3:84:3c:7b:cd:fb:42:c8:
14:c0:68:6a:c4:2c:fd:2b:08:ff:29:da:6f:06:bb:c0:a3:6a:
4e:a0:7c:07:81:8e:23:ba:da:5d:05:87:21:44:54:27:ba:cf:
80:60:31:3f:83:28:7c:06:ea:23:9f:2a:31:34:0e:61:01:bc:
40:18:45:1b:41:28:38:b5:74:67:cb:57:34:ad:07:77:df:4a:
5c:3f:8f:20:bc:14:8b:e1:53:95:7d:f3:c6:e7:2b:2c:4c:11:
5c:29:62:26:94:69:0b:46:37:75:77:68:68:6b:b6:51:18:5e:
0c:ef:57:dd:01:cf:3f:da:01:c0:d3:52:0c:5f:68:08:c1:86:
52:eb:b5:0c:c7:f1:36:5d:cf:09:42:28:21:a2:4c:e8:c4:62:
b9:72:c2:be:3f:7f:47:b3:0f:f7:38:00:3b:67:ce:7a:94:41:
91:6f:4e:7b:55:6f:38:43:56:08:3e:41:33:1f:5a:6f:1a:cf:
5a:f7:a0:c5:6b:94:e2:3f:43:45:82:a4:45:46:1f:e5:cb:b2:
7d:a8:50:88:b9:8a:31:29:37:09:8f:aa:3b:8c:70:5e:d8:65:
59:b4:4a:c1:68:f6:2f:8e:3b:44:d3:ba:b0:b7:12:f2:57:05:
18:a7:fc:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI30Bjmll5Dd0q8kK1B5yXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjU2ZmI1ODYwYzlkM2NmY2IzNTY1ODU0MGM3MjMwYTBi
YTFlOGQwHhcNMjQwMTAyMDYzMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU1YTEzMzUzYzk2ZWEzYmE4YmM4OTNlMzdlMTg3YzI5YzQ0YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnOV1+F4fmTGD3RaBvyr2co/y8hh
tN0d0NsCNXbaVc/QKeNePrMsGhM9OxxPKc1sLlehscQ55cOLPDaSqN0awZ+9oedc
1ieusPf5qllKPVM4ZWxQGSfTqlORiehHXg8Hf3jEAiqINhkgyANBhfdNb6RKyN0H
MoVhPPQ0kMG8C8cfI1M9mj4wDi5+wjlpnkAjHFzdCLn5dKIfbGG0KLAI4HOCncCx
8tqVjgRJw7lCQMJQszjU2xkBkQZuXU65qWNq0uDvsY0/KD+0Jn0yJ9qejQvrepUC
PcomALBybTdZiU6JeMNHETiMYVLWNk+FpbdRHThgqopxUnzn5Acbb/H9bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZVoTNTyW6juovIk+N+GHwpxEyeMB8GA1UdIwQY
MBaAFJNlb7WGDJ08/LNWWFQMcjCguh6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJWdnRZWU1uVHo4czFaWVZBeHlNS0M2SG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My85NzkxNGItZWI2Mi00NmQxLWE5ZDQt
MDViZjgxYjQyOThiLzEvMWxXaE0xUEpicU82aThpVDQzNFlmQ25FVEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My85NzkxNGItZWI2Mi00NmQxLWE5ZDQtMDViZjgxYjQyOThi
LzEvazJWdnRZWU1uVHo4czFaWVZBeHlNS0M2SG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHxgAwQB
w4CmMA0GCSqGSIb3DQEBCwUAA4IBAQCcX6RwO+X8eVFm44Q8e837QsgUwGhqxCz9
Kwj/KdpvBrvAo2pOoHwHgY4jutpdBYchRFQnus+AYDE/gyh8BuojnyoxNA5hAbxA
GEUbQSg4tXRny1c0rQd330pcP48gvBSL4VOVffPG5yssTBFcKWImlGkLRjd1d2ho
a7ZRGF4M71fdAc8/2gHA01IMX2gIwYZS67UMx/E2Xc8JQighokzoxGK5csK+P39H
sw/3OAA7Z856lEGRb057VW84Q1YIPkEzH1pvGs9a96DFa5TiP0NFgqRFRh/ly7J9
qFCIuYoxKTcJj6o7jHBe2GVZtErBaPYvjjtE07qwtxLyVwUYp/zT
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:29 2024 by rpki-client on console-ams.rpki-client.org