Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/wABM6IttrHJouZEg9lRlXIl9bDE.roa
File: wABM6IttrHJouZEg9lRlXIl9bDE.roa (raw, json)
Hash identifier: zxgOB3i4t8Me+izvy0ay4L2P3g0TfyPfC/JtK52i44w=
Subject key identifier: C0:00:4C:E8:8B:6D:AC:72:68:B9:91:20:F6:54:65:5C:89:7D:6C:31
Certificate issuer: /CN=99d35619ed210be0ac29d170a2bb5cd7455693bc
Certificate serial: 018CC94E3AB0764DC405F2D0A903130DFE92
Authority key identifier: 99:D3:56:19:ED:21:0B:E0:AC:29:D1:70:A2:BB:5C:D7:45:56:93:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdNWGe0hC-CsKdFwortc10VWk7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/wABM6IttrHJouZEg9lRlXIl9bDE.roa
Signing time: Tue 02 Jan 2024 08:33:16 +0000
ROA not before: Tue 02 Jan 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60798
IP address blocks: 195.39.202.0/23 maxlen: 24
195.39.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/mdNWGe0hC-CsKdFwortc10VWk7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/mdNWGe0hC-CsKdFwortc10VWk7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdNWGe0hC-CsKdFwortc10VWk7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3a:b0:76:4d:c4:05:f2:d0:a9:03:13:0d:fe:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d35619ed210be0ac29d170a2bb5cd7455693bc
Validity
Not Before: Jan 2 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0004ce88b6dac7268b99120f654655c897d6c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5f:bd:ad:0b:34:10:4a:4b:05:06:a5:39:26:
02:4a:27:dd:17:83:04:78:e3:60:7c:e0:96:ea:6a:
1b:39:bb:83:c3:71:14:08:e3:af:5a:21:f9:1e:fd:
f5:76:d1:a8:a5:b7:dc:e9:79:d7:3f:b5:34:28:d7:
65:1c:41:7c:89:f6:8e:28:ea:63:a2:42:91:57:db:
62:6b:4e:a6:47:ad:11:6d:8e:ca:f1:11:0d:68:b8:
ed:10:ac:c9:b8:29:ec:21:e5:7a:5b:fa:16:77:99:
e0:a0:77:44:b2:56:b1:ba:62:0e:ad:b8:ac:87:4c:
e1:a9:6a:20:0b:e4:9a:59:1c:08:37:d4:b8:12:69:
c2:5f:13:60:d5:16:a5:89:65:58:e3:57:37:f7:d5:
df:f5:1e:e7:92:e2:29:2c:e9:58:4d:05:58:bb:11:
9a:71:90:a4:7f:58:5b:9f:bd:58:83:50:73:7c:e3:
8f:92:ce:7d:2a:05:c8:39:d2:bd:51:1d:e1:bc:48:
5a:7c:52:8c:2a:d8:02:10:63:90:2b:1f:28:b9:86:
05:40:0c:06:d7:47:8a:95:44:f7:c1:f1:91:e6:d3:
0a:c6:07:11:28:c5:51:c7:e3:0b:2e:6e:97:c4:40:
2e:0b:20:09:32:f6:f1:48:79:a5:fd:6b:58:ca:70:
28:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:00:4C:E8:8B:6D:AC:72:68:B9:91:20:F6:54:65:5C:89:7D:6C:31
X509v3 Authority Key Identifier:
keyid:99:D3:56:19:ED:21:0B:E0:AC:29:D1:70:A2:BB:5C:D7:45:56:93:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdNWGe0hC-CsKdFwortc10VWk7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/wABM6IttrHJouZEg9lRlXIl9bDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/mdNWGe0hC-CsKdFwortc10VWk7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.39.194.0/23
195.39.202.0/23
Signature Algorithm: sha256WithRSAEncryption
47:e1:d2:93:e8:16:8a:ae:ee:ee:98:a5:f6:fa:35:7a:50:47:
af:7e:f0:11:fe:3e:bb:3e:6e:3c:5c:e9:f6:45:79:dd:9d:a4:
7f:72:27:b2:bd:28:4c:cb:90:f1:65:2d:8c:f5:aa:4e:5d:3f:
6e:aa:e2:d5:fe:49:ad:7b:e0:1a:99:c8:00:9c:bc:99:e1:f5:
0e:9d:25:32:9f:74:bf:f2:19:b5:be:df:5b:76:0f:7a:00:a7:
b1:28:46:79:81:c6:cf:57:d7:52:3b:eb:0d:cf:77:3d:81:d2:
4b:b4:79:a8:de:d2:08:16:e8:f4:f9:ed:5d:e2:ac:bc:e3:b5:
99:dd:9f:ec:90:8a:8e:d2:e7:f3:0a:a4:83:71:43:6c:26:c4:
c0:ed:55:75:d0:2c:5e:e6:73:06:b0:b7:cb:6f:20:20:bf:cc:
80:54:b2:0a:7f:0b:2f:53:5d:03:bd:f2:41:0d:ed:49:6d:04:
49:51:54:be:ec:99:dc:fc:fa:ad:a8:06:4b:f0:75:1c:90:72:
92:65:c5:e9:f3:ff:a8:16:ba:d8:21:4c:85:93:45:e4:c4:91:
e5:46:ba:7e:9b:7b:f6:fc:94:54:22:4d:02:76:7c:5e:7b:73:
ae:e8:d3:c4:c4:ae:59:82:c7:36:ed:f1:c8:73:73:3e:d3:9b:
73:5f:3d:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTjqwdk3EBfLQqQMTDf6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDM1NjE5ZWQyMTBiZTBhYzI5ZDE3MGEyYmI1Y2Q3NDU1
NjkzYmMwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDAwNGNlODhiNmRhYzcyNjhiOTkxMjBmNjU0NjU1Yzg5N2Q2YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF+9rQs0EEpLBQalOSYCSifdF4ME
eONgfOCW6mobObuDw3EUCOOvWiH5Hv31dtGopbfc6XnXP7U0KNdlHEF8ifaOKOpj
okKRV9tia06mR60RbY7K8RENaLjtEKzJuCnsIeV6W/oWd5ngoHdEslaxumIOrbis
h0zhqWogC+SaWRwIN9S4EmnCXxNg1RaliWVY41c399Xf9R7nkuIpLOlYTQVYuxGa
cZCkf1hbn71Yg1BzfOOPks59KgXIOdK9UR3hvEhafFKMKtgCEGOQKx8ouYYFQAwG
10eKlUT3wfGR5tMKxgcRKMVRx+MLLm6XxEAuCyAJMvbxSHml/WtYynAo4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAATOiLbaxyaLmRIPZUZVyJfWwxMB8GA1UdIwQY
MBaAFJnTVhntIQvgrCnRcKK7XNdFVpO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWROV0dlMGhDLUNzS2RGd29ydGMxMFZXazd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zNGU5MWYtYThhOS00OTM3LTlmYjUt
N2EwMWJkZGQ2NTYwLzEvd0FCTTZJdHRySEpvdVpFZzlsUmxYSWw5YkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zNGU5MWYtYThhOS00OTM3LTlmYjUtN2EwMWJkZGQ2NTYw
LzEvbWROV0dlMGhDLUNzS2RGd29ydGMxMFZXazd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwyfCAwQB
wyfKMA0GCSqGSIb3DQEBCwUAA4IBAQBH4dKT6BaKru7umKX2+jV6UEevfvAR/j67
Pm48XOn2RXndnaR/cieyvShMy5DxZS2M9apOXT9uquLV/kmte+AamcgAnLyZ4fUO
nSUyn3S/8hm1vt9bdg96AKexKEZ5gcbPV9dSO+sNz3c9gdJLtHmo3tIIFuj0+e1d
4qy847WZ3Z/skIqO0ufzCqSDcUNsJsTA7VV10Cxe5nMGsLfLbyAgv8yAVLIKfwsv
U10DvfJBDe1JbQRJUVS+7Jnc/PqtqAZL8HUckHKSZcXp8/+oFrrYIUyFk0XkxJHl
Rrp+m3v2/JRUIk0Cdnxee3Ou6NPExK5Zgsc27fHIc3M+05tzXz3n
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:31 2024 by rpki-client on console-fra.rpki-client.org