Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/_wFugI9tKrJA4B13Om6PuIWrQj4.roa
File: _wFugI9tKrJA4B13Om6PuIWrQj4.roa (raw, json)
Hash identifier: TwUqjPlnM6ec9PNrA6EAyHXabKb0j7iBc0p5/nMFoUs=
Subject key identifier: FF:01:6E:80:8F:6D:2A:B2:40:E0:1D:77:3A:6E:8F:B8:85:AB:42:3E
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 018CC56E4386A004E50F8BC56DE65FF5FC8D
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/_wFugI9tKrJA4B13Om6PuIWrQj4.roa
Signing time: Mon 01 Jan 2024 14:29:46 +0000
ROA not before: Mon 01 Jan 2024 14:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42381
IP address blocks: 212.237.195.0/24 maxlen: 24
212.237.194.0/24 maxlen: 24
212.237.194.0/23 maxlen: 24
2a01:3f6::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:43:86:a0:04:e5:0f:8b:c5:6d:e6:5f:f5:fc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 1 14:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff016e808f6d2ab240e01d773a6e8fb885ab423e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:18:2d:bf:7d:34:d6:87:a5:07:a0:2e:c1:9b:
9f:fd:b5:77:fe:36:46:2d:9a:f3:80:d2:cd:8b:df:
60:c3:93:c5:60:af:ce:36:ce:79:a2:a1:2c:e8:87:
24:20:99:21:c0:6e:45:c0:fe:70:6a:03:c0:bf:37:
12:8e:a6:1e:57:d4:c5:b1:bf:29:e3:0c:7a:26:16:
68:27:de:ce:93:c7:80:2d:af:a9:75:b0:e6:cb:e0:
dc:d6:f3:38:30:cd:64:4b:fa:66:dd:28:81:91:34:
a9:f8:b7:52:af:f3:92:5a:20:08:9a:69:36:64:25:
ad:7d:a0:32:a1:98:3a:62:fe:31:69:08:b7:3f:9b:
e9:35:97:c7:35:59:d6:54:aa:08:6c:df:13:25:2f:
c9:f1:2f:48:39:22:ea:55:99:bd:dd:1a:58:78:a2:
4f:14:a3:18:66:2b:d5:24:22:e1:ef:55:d2:6c:c4:
ab:f7:33:44:7d:af:12:e0:54:84:fc:80:c6:8d:0b:
4f:a5:48:16:77:af:1d:e4:39:77:18:e9:ac:1c:2a:
31:fb:bf:d3:48:0c:a7:8d:8a:dd:e3:5f:e7:b5:b3:
78:b0:c3:70:52:6a:58:ba:68:9a:59:eb:6b:43:cb:
29:b1:9f:1b:5d:c6:ac:b1:8d:20:9c:f2:ef:26:f4:
66:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:01:6E:80:8F:6D:2A:B2:40:E0:1D:77:3A:6E:8F:B8:85:AB:42:3E
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/_wFugI9tKrJA4B13Om6PuIWrQj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.237.194.0/23
IPv6:
2a01:3f6::/32
Signature Algorithm: sha256WithRSAEncryption
01:f1:0d:cf:a5:2b:e8:44:50:51:56:70:a1:ae:8f:61:00:16:
15:06:5a:f0:ba:7e:dd:a3:78:40:91:76:dd:30:fc:7c:14:6a:
1f:a5:b2:08:d8:fc:a8:45:db:18:71:27:6a:ee:f5:2f:38:b7:
16:72:6c:ae:34:1a:a2:49:61:13:10:56:22:2f:59:70:43:70:
18:ef:c5:9f:49:5a:b4:fd:3c:b7:2a:f1:0c:4a:b1:66:e6:08:
b7:03:93:6f:c8:61:87:e2:2e:bf:03:68:a0:b4:0b:98:eb:e0:
65:53:10:2a:a8:59:1d:df:ae:e0:f6:a6:76:c7:86:e0:8e:1f:
aa:c7:0a:50:88:89:1f:63:ab:89:8f:2b:91:88:89:22:4f:4a:
3c:e4:94:2d:56:e0:df:7f:51:61:d3:69:69:d7:6b:11:c8:8a:
2c:7a:85:4c:aa:85:9b:98:69:ad:91:8d:fb:81:bc:af:e7:c7:
73:77:3a:58:92:d9:ad:e9:24:60:b6:6b:a0:d1:c0:8e:19:86:
ac:ef:3a:82:d1:bf:39:d8:92:0f:05:53:20:a9:f2:36:26:56:
6f:7e:56:92:a7:55:e0:67:a6:46:17:41:4c:1d:11:39:47:e6:
fb:ee:e2:27:09:e0:2e:44:cb:50:7a:9d:db:ef:8f:3b:46:83:
d5:2e:bd:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbkOGoATlD4vFbeZf9fyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjAxNmU4MDhmNmQyYWIyNDBlMDFkNzczYTZlOGZiODg1YWI0MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxgtv3001oelB6AuwZuf/bV3/jZG
LZrzgNLNi99gw5PFYK/ONs55oqEs6IckIJkhwG5FwP5wagPAvzcSjqYeV9TFsb8p
4wx6JhZoJ97Ok8eALa+pdbDmy+Dc1vM4MM1kS/pm3SiBkTSp+LdSr/OSWiAImmk2
ZCWtfaAyoZg6Yv4xaQi3P5vpNZfHNVnWVKoIbN8TJS/J8S9IOSLqVZm93RpYeKJP
FKMYZivVJCLh71XSbMSr9zNEfa8S4FSE/IDGjQtPpUgWd68d5Dl3GOmsHCox+7/T
SAynjYrd41/ntbN4sMNwUmpYumiaWetrQ8spsZ8bXcassY0gnPLvJvRm7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP8BboCPbSqyQOAddzpuj7iFq0I+MB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvX3dGdWdJOXRLckpBNEIxM09tNlB1SVdyUWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1O3CMA0E
AgACMAcDBQAqAQP2MA0GCSqGSIb3DQEBCwUAA4IBAQAB8Q3PpSvoRFBRVnChro9h
ABYVBlrwun7do3hAkXbdMPx8FGofpbII2PyoRdsYcSdq7vUvOLcWcmyuNBqiSWET
EFYiL1lwQ3AY78WfSVq0/Ty3KvEMSrFm5gi3A5NvyGGH4i6/A2igtAuY6+BlUxAq
qFkd367g9qZ2x4bgjh+qxwpQiIkfY6uJjyuRiIkiT0o85JQtVuDff1Fh02lp12sR
yIoseoVMqoWbmGmtkY37gbyv58dzdzpYktmt6SRgtmug0cCOGYas7zqC0b852JIP
BVMgqfI2JlZvflaSp1XgZ6ZGF0FMHRE5R+b77uInCeAuRMtQep3b7487RoPVLr1+
-----END CERTIFICATE-----
Generated at Sun May 19 21:26:30 2024 by rpki-client on console-ams.rpki-client.org