Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/Exx3AquM3OM9B8GbmjMrv5gy_60.roa
File: Exx3AquM3OM9B8GbmjMrv5gy_60.roa (raw, json)
Hash identifier: NLPJwg9AXPApSntZpbhM0BvTmz5yLycdq/XGaRlgUgI=
Subject key identifier: 13:1C:77:02:AB:8C:DC:E3:3D:07:C1:9B:9A:33:2B:BF:98:32:FF:AD
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 018CC56EF7DCCFCB50F4552643AEB08AFCE0
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/Exx3AquM3OM9B8GbmjMrv5gy_60.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205250
IP address blocks: 192.103.92.0/24 maxlen: 24
192.103.105.0/24 maxlen: 24
192.103.111.0/24 maxlen: 24
192.103.110.0/24 maxlen: 24
192.103.106.0/24 maxlen: 24
192.103.116.0/24 maxlen: 24
192.103.85.0/24 maxlen: 24
192.103.86.0/24 maxlen: 24
192.103.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f7:dc:cf:cb:50:f4:55:26:43:ae:b0:8a:fc:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=131c7702ab8cdce33d07c19b9a332bbf9832ffad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fc:a1:65:21:4b:c1:de:39:1d:f4:f3:0a:94:
ce:6a:40:cc:d9:93:38:2d:0d:c8:b8:c7:ed:95:4b:
62:ea:c8:e2:3f:b1:2b:d3:3b:32:2c:14:cb:43:8a:
2b:a1:7c:17:10:69:e3:20:ec:8e:33:95:b0:b1:72:
b6:30:f8:99:9d:69:4b:b0:44:62:1c:6c:21:7d:9f:
a1:0f:ff:8a:28:a5:44:f2:c7:a6:ad:af:04:ba:b3:
90:4b:13:2d:d9:51:fe:a4:c9:4d:f1:df:48:20:5b:
4d:f7:2b:11:b8:cb:fe:86:db:ce:e0:19:7e:b8:a2:
62:3b:da:5f:e0:d3:62:15:3e:95:9b:19:70:c7:8a:
61:2c:db:38:28:49:85:e6:00:25:44:20:23:04:a0:
6b:af:71:a0:15:37:df:d9:60:12:fb:88:e9:5e:ed:
69:fa:53:b9:20:91:62:67:73:59:05:ba:0a:b6:dc:
54:7c:21:e8:59:55:ba:46:5a:d7:ac:d3:b0:d5:91:
17:7a:87:b0:63:68:b3:96:66:aa:3f:6f:a1:17:f4:
33:59:cd:fe:c3:27:b1:ec:6b:16:0e:09:10:22:09:
12:04:47:f9:df:b2:ed:8f:6b:b6:cc:2a:ee:9a:d5:
91:68:23:15:8c:e5:a4:ff:01:9a:0e:c8:cb:a4:5b:
66:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1C:77:02:AB:8C:DC:E3:3D:07:C1:9B:9A:33:2B:BF:98:32:FF:AD
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/Exx3AquM3OM9B8GbmjMrv5gy_60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.103.85.0-192.103.86.255
192.103.91.0-192.103.92.255
192.103.105.0-192.103.106.255
192.103.110.0/23
192.103.116.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:17:e8:5f:83:fe:90:50:83:56:60:e9:05:c0:4e:f9:38:08:
33:88:95:34:40:66:97:b5:0c:f3:15:d2:51:06:0d:06:90:d0:
aa:96:33:65:1c:af:60:00:ca:1f:18:0a:5c:5f:51:79:bb:b3:
2e:d1:97:56:fd:4e:20:88:cb:22:18:0f:06:8e:5b:66:bc:86:
21:f1:b0:e8:2b:9d:ef:75:fc:83:b3:cc:33:72:fe:c6:5e:91:
f4:37:66:a0:b1:f8:ac:7b:66:75:90:9f:b3:e1:3d:d8:15:0e:
b3:86:b9:56:bd:22:98:74:b4:a4:5d:63:0e:6c:5c:e6:d3:e4:
fa:28:7f:60:69:17:69:04:e4:41:2e:7e:69:36:0d:72:a7:ac:
9e:6c:f4:d1:31:58:ef:88:58:14:00:fc:e0:75:76:9f:76:cc:
8d:f3:b5:41:43:48:04:b7:90:b3:2f:5c:02:f3:aa:7f:b5:d2:
71:f7:fc:38:1a:cd:25:c5:be:75:b4:06:a3:8a:6d:48:db:19:
f1:ec:a1:c5:95:58:80:e0:38:f6:2b:57:c9:28:ed:32:80:7a:
60:68:30:f4:ef:ca:2a:39:78:6e:10:25:b4:09:c7:81:e8:8d:
32:ab:c2:d8:0d:dd:09:2f:47:93:98:ed:37:3e:68:d9:54:66:
30:a7:58:36
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFbvfcz8tQ9FUmQ66wivzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzFjNzcwMmFiOGNkY2UzM2QwN2MxOWI5YTMzMmJiZjk4MzJmZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfyhZSFLwd45HfTzCpTOakDM2ZM4
LQ3IuMftlUti6sjiP7Er0zsyLBTLQ4oroXwXEGnjIOyOM5WwsXK2MPiZnWlLsERi
HGwhfZ+hD/+KKKVE8semra8EurOQSxMt2VH+pMlN8d9IIFtN9ysRuMv+htvO4Bl+
uKJiO9pf4NNiFT6Vmxlwx4phLNs4KEmF5gAlRCAjBKBrr3GgFTff2WAS+4jpXu1p
+lO5IJFiZ3NZBboKttxUfCHoWVW6RlrXrNOw1ZEXeoewY2izlmaqP2+hF/QzWc3+
wyex7GsWDgkQIgkSBEf537Ltj2u2zCrumtWRaCMVjOWk/wGaDsjLpFtmEQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBMcdwKrjNzjPQfBm5ozK7+YMv+tMB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvRXh4M0FxdU0zT005QjhHYm1qTXJ2NWd5XzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBADAZ1UD
BADAZ1YwDAMEAMBnWwMEAMBnXDAMAwQAwGdpAwQAwGdqAwQBwGduAwQAwGd0MA0G
CSqGSIb3DQEBCwUAA4IBAQA7F+hfg/6QUINWYOkFwE75OAgziJU0QGaXtQzzFdJR
Bg0GkNCqljNlHK9gAMofGApcX1F5u7Mu0ZdW/U4giMsiGA8GjltmvIYh8bDoK53v
dfyDs8wzcv7GXpH0N2agsfise2Z1kJ+z4T3YFQ6zhrlWvSKYdLSkXWMObFzm0+T6
KH9gaRdpBORBLn5pNg1yp6yebPTRMVjviFgUAPzgdXafdsyN87VBQ0gEt5CzL1wC
86p/tdJx9/w4Gs0lxb51tAajim1I2xnx7KHFlViA4Dj2K1fJKO0ygHpgaDD078oq
OXhuECW0CceB6I0yq8LYDd0JL0eTmO03PmjZVGYwp1g2
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:10:29 2024 by rpki-client on console-ams.rpki-client.org