Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/055c8b-04a4-412b-8bda-1f5d6f56cf72/1/ccRHiH9EVWGO3e6k1qk3dIKpNGw.roa
File: ccRHiH9EVWGO3e6k1qk3dIKpNGw.roa (raw, json)
Hash identifier: LMal4uqE4sl0WthxJ9DMALt41uiCc1+eeqqGvHt9F1g=
Subject key identifier: 71:C4:47:88:7F:44:55:61:8E:DD:EE:A4:D6:A9:37:74:82:A9:34:6C
Certificate issuer: /CN=4c60fd0941f3d2f7a29c3561e563186ef775a1e5
Certificate serial: 018D6AD7AE63085EE7A7E986AAF0AA8CA4A4
Authority key identifier: 4C:60:FD:09:41:F3:D2:F7:A2:9C:35:61:E5:63:18:6E:F7:75:A1:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGD9CUHz0veinDVh5WMYbvd1oeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/055c8b-04a4-412b-8bda-1f5d6f56cf72/1/ccRHiH9EVWGO3e6k1qk3dIKpNGw.roa
Signing time: Fri 02 Feb 2024 17:22:16 +0000
ROA not before: Fri 02 Feb 2024 17:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32806
IP address blocks: 92.39.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/055c8b-04a4-412b-8bda-1f5d6f56cf72/1/TGD9CUHz0veinDVh5WMYbvd1oeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/055c8b-04a4-412b-8bda-1f5d6f56cf72/1/TGD9CUHz0veinDVh5WMYbvd1oeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TGD9CUHz0veinDVh5WMYbvd1oeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:d7:ae:63:08:5e:e7:a7:e9:86:aa:f0:aa:8c:a4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c60fd0941f3d2f7a29c3561e563186ef775a1e5
Validity
Not Before: Feb 2 17:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71c447887f4455618eddeea4d6a9377482a9346c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:17:b6:89:42:76:06:c6:e0:1a:e5:68:dd:a3:
de:6e:45:4b:ad:67:b5:99:53:9a:4a:18:eb:b1:6b:
4e:e0:e8:6c:29:57:9c:81:29:95:ba:1e:29:b4:2e:
f5:54:8d:b2:5d:2a:9d:9b:a8:4d:81:9e:b0:00:4d:
63:22:aa:7d:96:a7:ee:44:fb:1a:24:58:9a:65:05:
45:e1:d4:cd:6e:b5:cb:6e:85:bf:72:97:d4:12:de:
96:76:ea:c3:0f:17:2d:9a:20:28:aa:db:28:1f:60:
9d:da:a0:d9:f8:de:19:fa:54:32:d6:f4:ab:b1:40:
de:3c:c6:ff:d6:d2:13:41:12:b6:0d:2f:97:2e:51:
5a:90:f7:a0:33:37:6d:18:3f:43:7c:fa:22:3e:c6:
c9:77:ac:e1:8e:2d:a2:60:e3:67:2f:c1:d4:78:26:
b2:8d:9a:5e:1d:11:c1:12:3b:02:b5:34:9a:94:97:
ce:e7:ed:68:d0:04:27:87:a5:e0:99:fa:aa:a2:46:
a9:4b:70:cd:b1:48:f3:7c:39:20:57:9f:93:e7:61:
9a:8e:f9:52:ad:4a:53:4e:0d:a7:57:22:01:9c:a2:
67:16:d3:63:e5:25:e6:04:cb:10:bd:f3:37:11:90:
8c:fe:b4:56:15:07:b2:86:fd:5a:64:8a:e6:00:3c:
fb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C4:47:88:7F:44:55:61:8E:DD:EE:A4:D6:A9:37:74:82:A9:34:6C
X509v3 Authority Key Identifier:
keyid:4C:60:FD:09:41:F3:D2:F7:A2:9C:35:61:E5:63:18:6E:F7:75:A1:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGD9CUHz0veinDVh5WMYbvd1oeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/055c8b-04a4-412b-8bda-1f5d6f56cf72/1/ccRHiH9EVWGO3e6k1qk3dIKpNGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/055c8b-04a4-412b-8bda-1f5d6f56cf72/1/TGD9CUHz0veinDVh5WMYbvd1oeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.114.0/24
Signature Algorithm: sha256WithRSAEncryption
71:89:39:17:51:c0:9d:8f:63:e7:91:4c:13:ec:f3:12:b6:24:
6d:0d:9d:d8:3b:13:56:45:aa:79:57:ca:53:77:94:58:21:eb:
5b:01:de:d5:f4:1e:ec:7c:5e:63:17:31:f5:72:5b:27:4b:fd:
08:4b:61:dc:ea:ca:37:e3:96:da:03:8d:16:18:7e:26:d0:86:
c8:35:88:34:22:b3:bb:f1:6a:8d:a4:b4:02:37:61:5a:6d:7c:
3f:1e:86:cd:a2:bd:d5:bf:7d:1a:67:18:12:ef:19:2e:86:7c:
83:86:a7:1d:d2:d9:fb:8d:1d:70:29:70:79:92:40:0d:4e:09:
ee:7a:28:10:ff:34:fb:e0:9c:94:53:48:10:9b:ab:bc:8e:dd:
9d:f0:d6:98:d4:02:2a:1e:8c:49:4e:c2:59:8d:4f:a0:c4:19:
0c:c8:87:24:40:5e:01:20:ff:7c:97:47:6f:38:9c:ff:36:80:
ab:da:c0:66:f9:f9:c4:0f:49:97:e0:b5:8a:92:aa:c3:6a:58:
eb:a7:d9:cd:9e:80:18:16:9c:b7:63:42:bd:c6:e1:65:13:8a:
81:2f:66:f3:56:7d:88:ee:57:12:4a:e4:43:6f:4a:22:cc:a9:
35:25:50:f9:9b:23:c4:ca:04:eb:59:56:79:d3:2b:1a:c0:a0:
40:9f:96:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1q165jCF7np+mGqvCqjKSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNjBmZDA5NDFmM2QyZjdhMjljMzU2MWU1NjMxODZlZjc3
NWExZTUwHhcNMjQwMjAyMTcyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWM0NDc4ODdmNDQ1NTYxOGVkZGVlYTRkNmE5Mzc3NDgyYTkzNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBe2iUJ2BsbgGuVo3aPebkVLrWe1
mVOaShjrsWtO4OhsKVecgSmVuh4ptC71VI2yXSqdm6hNgZ6wAE1jIqp9lqfuRPsa
JFiaZQVF4dTNbrXLboW/cpfUEt6WdurDDxctmiAoqtsoH2Cd2qDZ+N4Z+lQy1vSr
sUDePMb/1tITQRK2DS+XLlFakPegMzdtGD9DfPoiPsbJd6zhji2iYONnL8HUeCay
jZpeHRHBEjsCtTSalJfO5+1o0AQnh6XgmfqqokapS3DNsUjzfDkgV5+T52GajvlS
rUpTTg2nVyIBnKJnFtNj5SXmBMsQvfM3EZCM/rRWFQeyhv1aZIrmADz78wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHER4h/RFVhjt3upNapN3SCqTRsMB8GA1UdIwQY
MBaAFExg/QlB89L3opw1YeVjGG73daHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEdEOUNVSHowdmVpbkRWaDVXTVlidmQxb2VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wNTVjOGItMDRhNC00MTJiLThiZGEt
MWY1ZDZmNTZjZjcyLzEvY2NSSGlIOUVWV0dPM2U2azFxazNkSUtwTkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wNTVjOGItMDRhNC00MTJiLThiZGEtMWY1ZDZmNTZjZjcy
LzEvVEdEOUNVSHowdmVpbkRWaDVXTVlidmQxb2VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCdyMA0G
CSqGSIb3DQEBCwUAA4IBAQBxiTkXUcCdj2PnkUwT7PMStiRtDZ3YOxNWRap5V8pT
d5RYIetbAd7V9B7sfF5jFzH1clsnS/0IS2Hc6so345baA40WGH4m0IbINYg0IrO7
8WqNpLQCN2FabXw/HobNor3Vv30aZxgS7xkuhnyDhqcd0tn7jR1wKXB5kkANTgnu
eigQ/zT74JyUU0gQm6u8jt2d8NaY1AIqHoxJTsJZjU+gxBkMyIckQF4BIP98l0dv
OJz/NoCr2sBm+fnED0mX4LWKkqrDaljrp9nNnoAYFpy3Y0K9xuFlE4qBL2bzVn2I
7lcSSuRDb0oizKk1JVD5myPEygTrWVZ50ysawKBAn5Yl
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:57 2024 by rpki-client on console-ams.rpki-client.org