Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/cUFvA56f_emCQOO0ZHgoLv6FL1g.roa
File: cUFvA56f_emCQOO0ZHgoLv6FL1g.roa (raw, json)
Hash identifier: 64wBcfmOcDhVdBownilZBKb25aMaD+8uEqjSHQOSWp4=
Subject key identifier: 71:41:6F:03:9E:9F:FD:E9:82:40:E3:B4:64:78:28:2E:FE:85:2F:58
Certificate issuer: /CN=5b1d228b6acbd1803cff560fa4b42f832d28324f
Certificate serial: 018CC6B793DE2ECEE408B6068E5BCA7C5FFA
Authority key identifier: 5B:1D:22:8B:6A:CB:D1:80:3C:FF:56:0F:A4:B4:2F:83:2D:28:32:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/cUFvA56f_emCQOO0ZHgoLv6FL1g.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 192.54.176.0/24 maxlen: 24
192.54.175.0/24 maxlen: 24
192.54.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:93:de:2e:ce:e4:08:b6:06:8e:5b:ca:7c:5f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b1d228b6acbd1803cff560fa4b42f832d28324f
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71416f039e9ffde98240e3b46478282efe852f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:3e:06:07:4b:15:c8:da:e7:cc:c4:70:ef:
b2:6c:f2:86:1a:aa:a1:95:82:c8:79:ba:6b:1f:0f:
5d:4b:7f:f4:1a:7b:28:11:29:c4:bc:79:7c:f5:32:
ad:c7:37:97:60:88:44:e0:a3:b0:02:70:e5:72:04:
a2:25:7a:48:fb:93:10:ff:3f:7b:2a:60:0a:31:a4:
bb:77:95:9a:02:a2:d8:c0:c4:db:44:2a:a5:0a:89:
86:3d:0d:8b:da:92:42:06:a4:f5:76:90:49:b4:df:
d0:4a:32:75:e6:dd:51:2e:5c:f2:ca:45:07:28:29:
db:69:fa:08:cf:64:fb:32:5f:b7:10:ed:17:79:e0:
c4:c9:50:d9:34:30:1a:93:98:3d:26:a9:9b:68:e3:
3a:49:58:f4:59:48:c4:f0:6b:63:79:1e:f0:80:1d:
d1:87:98:dd:d6:8f:46:46:15:3f:ba:85:02:e3:c3:
9f:c7:4b:ef:78:fd:b1:7b:ae:5b:29:ee:43:b3:b2:
23:52:f1:12:da:ab:64:02:ad:6f:4d:08:14:97:ac:
53:26:ef:58:26:03:70:97:97:27:43:d0:70:9f:87:
39:46:dd:68:5b:6d:1d:79:64:3a:25:2f:c7:db:d5:
e0:2b:43:9f:93:66:88:3c:30:36:58:fb:16:a8:d5:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:41:6F:03:9E:9F:FD:E9:82:40:E3:B4:64:78:28:2E:FE:85:2F:58
X509v3 Authority Key Identifier:
keyid:5B:1D:22:8B:6A:CB:D1:80:3C:FF:56:0F:A4:B4:2F:83:2D:28:32:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/cUFvA56f_emCQOO0ZHgoLv6FL1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.54.174.0-192.54.176.255
Signature Algorithm: sha256WithRSAEncryption
12:c3:db:6f:4b:a3:fe:41:35:a9:5b:18:13:03:a7:2b:82:14:
a6:04:5f:07:01:8a:9c:c9:29:ec:f9:8d:c6:bd:4a:4d:be:dd:
dd:e7:5f:79:f8:3a:01:8b:2b:21:70:ef:bd:b8:7b:cd:da:b1:
13:08:82:0c:0d:fe:a3:57:87:98:9b:fc:09:aa:0e:cc:dc:3e:
af:f2:ff:f7:b9:1f:48:eb:2c:24:f6:68:d4:57:8d:1a:b1:79:
be:13:4a:3c:78:9f:5f:b7:06:55:97:d3:b9:0c:21:89:2c:17:
e1:55:d8:bc:bc:56:a6:94:63:a5:31:db:5c:4a:2b:f6:9d:48:
82:ca:46:b2:83:b8:06:9b:b6:e0:e9:2f:ab:b0:ef:88:0f:89:
ab:af:76:20:48:85:d2:55:3a:ad:19:30:e5:6b:f5:55:f3:7e:
28:d6:02:37:d3:37:88:0d:7a:8f:86:10:e2:fe:2f:72:d5:01:
10:cf:c4:bd:05:fe:7e:1f:fa:34:d7:28:1e:1b:58:27:b5:34:
65:82:34:b3:e1:e0:62:63:1a:19:27:e3:11:6b:a2:f2:84:7a:
b7:c9:0b:5e:7d:59:51:72:63:7d:9f:f9:fe:92:e1:68:c5:dc:
99:d2:9e:6f:e5:21:10:92:0f:fe:2c:7e:ab:e7:93:db:c5:b6:
c1:39:63:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGt5PeLs7kCLYGjlvKfF/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMWQyMjhiNmFjYmQxODAzY2ZmNTYwZmE0YjQyZjgzMmQy
ODMyNGYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQxNmYwMzllOWZmZGU5ODI0MGUzYjQ2NDc4MjgyZWZlODUyZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJw+BgdLFcja58zEcO+ybPKGGqqh
lYLIebprHw9dS3/0GnsoESnEvHl89TKtxzeXYIhE4KOwAnDlcgSiJXpI+5MQ/z97
KmAKMaS7d5WaAqLYwMTbRCqlComGPQ2L2pJCBqT1dpBJtN/QSjJ15t1RLlzyykUH
KCnbafoIz2T7Ml+3EO0XeeDEyVDZNDAak5g9JqmbaOM6SVj0WUjE8GtjeR7wgB3R
h5jd1o9GRhU/uoUC48Ofx0vveP2xe65bKe5Ds7IjUvES2qtkAq1vTQgUl6xTJu9Y
JgNwl5cnQ9Bwn4c5Rt1oW20deWQ6JS/H29XgK0Ofk2aIPDA2WPsWqNXAQwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHFBbwOen/3pgkDjtGR4KC7+hS9YMB8GA1UdIwQY
MBaAFFsdIotqy9GAPP9WD6S0L4MtKDJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3gwaWkyckwwWUE4XzFZUHBMUXZneTBvTWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZWVkMDUtMTQ3Ny00ZjA1LThhZTMt
NjE4ZTg5YjEyYzQxLzEvY1VGdkE1NmZfZW1DUU9PMFpIZ29MdjZGTDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZWVkMDUtMTQ3Ny00ZjA1LThhZTMtNjE4ZTg5YjEyYzQx
LzEvV3gwaWkyckwwWUE4XzFZUHBMUXZneTBvTWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHANq4D
BADANrAwDQYJKoZIhvcNAQELBQADggEBABLD229Lo/5BNalbGBMDpyuCFKYEXwcB
ipzJKez5jca9Sk2+3d3nX3n4OgGLKyFw7724e83asRMIggwN/qNXh5ib/AmqDszc
Pq/y//e5H0jrLCT2aNRXjRqxeb4TSjx4n1+3BlWX07kMIYksF+FV2Ly8VqaUY6Ux
21xKK/adSILKRrKDuAabtuDpL6uw74gPiauvdiBIhdJVOq0ZMOVr9VXzfijWAjfT
N4gNeo+GEOL+L3LVARDPxL0F/n4f+jTXKB4bWCe1NGWCNLPh4GJjGhkn4xFrovKE
erfJC159WVFyY32f+f6S4WjF3JnSnm/lIRCSD/4sfqvnk9vFtsE5Y2s=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:05:17 2024 by rpki-client on console-ams.rpki-client.org