Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/pMbzYXKVQxRJfdNrHKWcgD58U9w.roa
File: pMbzYXKVQxRJfdNrHKWcgD58U9w.roa (raw, json)
Hash identifier: FNwjnLZ1Xt1WXvA61oRxEBREa01Cy1Wq+7VBQ5dvk1c=
Subject key identifier: A4:C6:F3:61:72:95:43:14:49:7D:D3:6B:1C:A5:9C:80:3E:7C:53:DC
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 018CCA2B819071AD3BD3CF81D36BFECD4D0E
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/pMbzYXKVQxRJfdNrHKWcgD58U9w.roa
Signing time: Tue 02 Jan 2024 12:34:57 +0000
ROA not before: Tue 02 Jan 2024 12:34:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56765
IP address blocks: 194.225.24.0/21 maxlen: 24
94.184.112.0/21 maxlen: 24
2001:14e8:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:81:90:71:ad:3b:d3:cf:81:d3:6b:fe:cd:4d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 12:34:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4c6f36172954314497dd36b1ca59c803e7c53dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:93:21:48:28:ec:84:40:2d:f6:ac:58:9a:55:
48:ab:aa:c6:9f:46:e7:2e:c4:38:56:b1:64:bb:99:
e7:1d:0c:4f:f5:3f:29:94:a8:9f:ca:77:2e:28:20:
84:0b:9c:dd:f1:96:62:bc:68:41:0e:80:87:b9:60:
cd:32:5b:41:4c:f1:5f:58:93:69:de:d8:93:d0:1a:
bb:5b:2a:08:8a:eb:06:b1:b2:44:6d:d2:13:0f:ab:
18:7c:e7:13:cf:3b:7a:d1:f6:04:3b:30:1b:cc:43:
0b:ec:2e:30:7e:d7:55:c8:7f:d8:69:50:cd:ae:83:
38:db:02:38:fd:fd:01:7b:05:70:b4:35:da:ac:31:
1b:3a:92:a4:cc:d4:fc:49:b5:15:9f:fc:61:26:19:
d2:68:1d:67:1b:f7:31:8f:1f:eb:cd:1f:21:25:7c:
0e:65:53:e4:5f:61:39:38:c8:29:f2:6c:4e:5d:ec:
d6:2d:a4:e1:2d:2c:c3:6d:9c:bf:f5:11:a2:cf:b8:
2a:f3:8a:d3:d5:12:26:63:5d:48:12:55:5a:ae:ae:
46:f4:50:ae:51:f2:e2:f3:bf:f3:39:c4:f7:14:05:
39:98:71:d5:b0:23:3c:7d:ff:cd:5b:af:88:5c:db:
cf:23:b4:88:1b:8a:48:e1:54:5a:fb:86:c2:db:a4:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C6:F3:61:72:95:43:14:49:7D:D3:6B:1C:A5:9C:80:3E:7C:53:DC
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/pMbzYXKVQxRJfdNrHKWcgD58U9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.112.0/21
194.225.24.0/21
IPv6:
2001:14e8:5::/48
Signature Algorithm: sha256WithRSAEncryption
5c:25:f8:d3:54:5a:b9:27:db:43:56:b2:5a:fc:6e:2a:6f:4d:
3b:db:d8:cf:b6:e9:e7:1f:e5:5d:e1:60:12:a6:f6:6e:bd:29:
1f:34:8b:c4:84:97:6b:6d:17:32:81:58:96:a8:30:7c:7f:a1:
2d:fb:10:80:03:4f:15:69:be:ff:12:e2:16:86:8d:ff:77:5d:
7d:ca:11:14:ce:89:29:96:82:a6:5d:dc:75:3f:b0:3f:ca:5b:
83:d8:e6:4a:f3:78:28:4f:52:ac:87:ae:a2:f5:0f:d2:72:d1:
c3:01:4f:d9:a5:c0:de:9a:43:0f:21:f4:6a:a9:10:4a:af:42:
ba:73:ad:67:65:74:b6:de:e7:6d:63:1e:3c:e9:1b:d6:63:cf:
61:e2:e9:d4:fa:d8:94:c6:b0:2d:0d:cb:54:1c:0b:09:0a:1a:
62:39:fd:45:27:d8:db:37:cb:78:f9:c6:e9:57:64:30:db:1e:
71:c2:1b:6a:bf:28:82:59:c5:0f:74:76:da:30:51:5d:35:b6:
29:bb:9c:c9:3f:18:d9:81:53:ba:9d:be:2f:59:6c:c7:fa:79:
21:7e:a7:37:09:0b:5c:52:f3:a9:47:76:39:2b:f0:34:d1:8a:
40:97:89:7d:9b:c8:d7:92:4f:78:da:e0:7d:c4:5f:69:59:a0:
0a:e0:5e:eb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK4GQca0708+B02v+zU0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjQwMTAyMTIzNDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM2ZjM2MTcyOTU0MzE0NDk3ZGQzNmIxY2E1OWM4MDNlN2M1M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5MhSCjshEAt9qxYmlVIq6rGn0bn
LsQ4VrFku5nnHQxP9T8plKifyncuKCCEC5zd8ZZivGhBDoCHuWDNMltBTPFfWJNp
3tiT0Bq7WyoIiusGsbJEbdITD6sYfOcTzzt60fYEOzAbzEML7C4wftdVyH/YaVDN
roM42wI4/f0BewVwtDXarDEbOpKkzNT8SbUVn/xhJhnSaB1nG/cxjx/rzR8hJXwO
ZVPkX2E5OMgp8mxOXezWLaThLSzDbZy/9RGiz7gq84rT1RImY11IElVarq5G9FCu
UfLi87/zOcT3FAU5mHHVsCM8ff/NW6+IXNvPI7SIG4pI4VRa+4bC26SbtQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKTG82FylUMUSX3TaxylnIA+fFPcMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvcE1iellYS1ZReFJKZmROckhLV2NnRDU4VTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDXrhwAwQD
wuEYMA8EAgACMAkDBwAgARToAAUwDQYJKoZIhvcNAQELBQADggEBAFwl+NNUWrkn
20NWslr8bipvTTvb2M+26ecf5V3hYBKm9m69KR80i8SEl2ttFzKBWJaoMHx/oS37
EIADTxVpvv8S4haGjf93XX3KERTOiSmWgqZd3HU/sD/KW4PY5krzeChPUqyHrqL1
D9Jy0cMBT9mlwN6aQw8h9GqpEEqvQrpzrWdldLbe521jHjzpG9Zjz2Hi6dT62JTG
sC0Ny1QcCwkKGmI5/UUn2Ns3y3j5xulXZDDbHnHCG2q/KIJZxQ90dtowUV01tim7
nMk/GNmBU7qdvi9ZbMf6eSF+pzcJC1xS86lHdjkr8DTRikCXiX2byNeST3ja4H3E
X2lZoArgXus=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:47 2024 by rpki-client on console-ams.rpki-client.org