Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/9S0KluhkA4suc2q5q8aZqh8-54o.roa
File: 9S0KluhkA4suc2q5q8aZqh8-54o.roa (raw, json)
Hash identifier: 05J6si/mUDI9ShpMFPZepFBm4OcmzoREAKkg7mZG5FI=
Subject key identifier: F5:2D:0A:96:E8:64:03:8B:2E:73:6A:B9:AB:C6:99:AA:1F:3E:E7:8A
Certificate issuer: /CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Certificate serial: 018CC9BBDC64C3090FB8229FDB13E58B747B
Authority key identifier: E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/9S0KluhkA4suc2q5q8aZqh8-54o.roa
Signing time: Tue 02 Jan 2024 10:33:01 +0000
ROA not before: Tue 02 Jan 2024 10:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202423
IP address blocks: 193.0.178.0/24 maxlen: 24
193.0.179.0/24 maxlen: 24
185.149.194.0/24 maxlen: 24
2a0b:9080:2::/48 maxlen: 48
2a0b:9080::/48 maxlen: 48
2a0b:9080:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:dc:64:c3:09:0f:b8:22:9f:db:13:e5:8b:74:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Validity
Not Before: Jan 2 10:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f52d0a96e864038b2e736ab9abc699aa1f3ee78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:62:78:a6:a8:c1:a2:94:e8:a9:62:03:c5:8c:
af:d5:f9:e2:2d:78:23:be:33:46:85:a7:7d:ef:3c:
1d:44:25:2a:9a:f8:47:49:42:17:15:5b:f4:d9:99:
5c:45:75:01:ec:48:84:c6:1e:e2:21:a7:90:0c:53:
16:38:46:9f:5f:7e:f1:e7:d9:15:a4:e6:a1:db:ec:
0a:45:7d:6c:b5:f4:a4:48:5f:48:25:f0:3e:c9:60:
f3:0d:40:44:9b:f4:33:55:fd:bc:2f:2e:35:5f:df:
d3:64:ab:84:7e:d8:ab:8e:b4:2e:9a:e2:9a:36:93:
80:5c:7f:17:6e:e4:37:9d:49:53:a4:9d:e4:be:c4:
4b:3e:06:f8:92:ef:c4:1f:b3:94:74:27:b5:fa:28:
19:d2:45:db:fc:9c:02:df:5f:aa:67:d0:42:de:82:
8a:dc:d2:43:a5:39:4f:44:70:c3:28:31:33:38:1f:
d5:6d:ef:d9:6a:81:8c:09:53:d9:75:46:f1:2f:c9:
b3:5a:6a:1d:31:7b:53:e2:7d:b8:26:c6:6f:56:c7:
d5:39:b3:3f:07:f5:3d:b4:5d:2f:7e:a8:48:2d:b5:
2b:4e:8b:5c:11:a4:eb:b6:78:05:88:6c:c4:56:50:
c5:ad:49:0f:17:99:cb:8a:06:78:1a:2d:a1:c1:04:
8d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2D:0A:96:E8:64:03:8B:2E:73:6A:B9:AB:C6:99:AA:1F:3E:E7:8A
X509v3 Authority Key Identifier:
keyid:E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/9S0KluhkA4suc2q5q8aZqh8-54o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.194.0/24
193.0.178.0/23
IPv6:
2a0b:9080::-2a0b:9080:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:a7:38:63:f8:1f:ae:b9:5b:70:48:e7:49:eb:7c:2b:c2:25:
55:57:87:22:f1:8b:c8:4c:c0:74:22:3c:c5:86:5a:8b:7f:ca:
1c:2a:f3:3b:95:f6:7d:d7:52:c0:ff:df:bd:9a:99:4f:4e:97:
3d:31:25:14:08:4c:dd:fe:bc:f9:cf:31:98:15:7a:60:53:b0:
76:c8:29:d4:19:ec:ee:62:b6:19:8a:95:c9:31:97:60:e9:dd:
1f:cb:1f:29:3e:69:04:20:22:77:fa:69:d9:02:b0:11:0f:ba:
36:5f:dc:9d:d6:31:4b:81:06:4b:57:4d:a1:a3:ed:3d:43:4f:
40:8c:e1:79:af:d1:e1:3d:98:23:90:b9:7f:99:98:ec:5a:68:
46:6c:32:29:1b:5f:e8:90:8d:3a:62:9a:17:2b:72:12:7a:50:
f1:63:1d:cb:94:9a:2d:7a:47:47:90:29:c9:8a:37:30:87:3f:
9e:ef:5c:10:d3:39:ec:2a:7a:92:de:6f:77:6b:35:a8:6d:75:
b7:71:b6:e0:49:ea:3d:12:9a:cc:73:39:e0:62:da:ec:c3:95:
73:3d:23:65:ea:24:75:eb:07:04:e5:50:75:90:d3:9c:db:dd:
d1:f7:e8:fc:de:de:73:0f:d1:a8:9b:2b:7e:90:4b:3a:8c:69:
4e:c6:65:da
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzJu9xkwwkPuCKf2xPli3R7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Y2M3NmUzYjU0NzdmZmQ0MmEwZmU0YjhjNzgzYWFkMmY5
NmZlNzAwHhcNMjQwMTAyMTAzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJkMGE5NmU4NjQwMzhiMmU3MzZhYjlhYmM2OTlhYTFmM2VlNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22J4pqjBopToqWIDxYyv1fniLXgj
vjNGhad97zwdRCUqmvhHSUIXFVv02ZlcRXUB7EiExh7iIaeQDFMWOEafX37x59kV
pOah2+wKRX1stfSkSF9IJfA+yWDzDUBEm/QzVf28Ly41X9/TZKuEftirjrQumuKa
NpOAXH8XbuQ3nUlTpJ3kvsRLPgb4ku/EH7OUdCe1+igZ0kXb/JwC31+qZ9BC3oKK
3NJDpTlPRHDDKDEzOB/Vbe/ZaoGMCVPZdUbxL8mzWmodMXtT4n24JsZvVsfVObM/
B/U9tF0vfqhILbUrTotcEaTrtngFiGzEVlDFrUkPF5nLigZ4Gi2hwQSNLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPUtCpboZAOLLnNquavGmaofPueKMB8GA1UdIwQY
MBaAFOTMduO1R3/9QqD+S4x4Oq0vlv5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDkt
MTE2NWQxZDE1NjRmLzEvOVMwS2x1aGtBNHN1YzJxNXE4YVpxaDgtNTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDktMTE2NWQxZDE1NjRm
LzEvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuZXCAwQB
wQCyMBgEAgACMBIwEAMFByoLkIADBwAqC5CAAAIwDQYJKoZIhvcNAQELBQADggEB
ACanOGP4H665W3BI50nrfCvCJVVXhyLxi8hMwHQiPMWGWot/yhwq8zuV9n3XUsD/
372amU9Olz0xJRQITN3+vPnPMZgVemBTsHbIKdQZ7O5ithmKlckxl2Dp3R/LHyk+
aQQgInf6adkCsBEPujZf3J3WMUuBBktXTaGj7T1DT0CM4Xmv0eE9mCOQuX+ZmOxa
aEZsMikbX+iQjTpimhcrchJ6UPFjHcuUmi16R0eQKcmKNzCHP57vXBDTOewqepLe
b3drNahtdbdxtuBJ6j0SmsxzOeBi2uzDlXM9I2XqJHXrBwTlUHWQ05zb3dH36Pze
3nMP0aibK36QSzqMaU7GZdo=
-----END CERTIFICATE-----
Generated at Sat May 18 02:16:31 2024 by rpki-client on console-fra.rpki-client.org