Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/M0Ca0E9YV2tG55MiPml9k2nYMHM.roa
File: M0Ca0E9YV2tG55MiPml9k2nYMHM.roa (raw, json)
Hash identifier: A3S2hZ1lc0rxaolddu+lgtFXMqx15HkWrXClbANq0Fw=
Subject key identifier: 33:40:9A:D0:4F:58:57:6B:46:E7:93:22:3E:69:7D:93:69:D8:30:73
Certificate issuer: /CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Certificate serial: 018CC6B886AE0C6C12776D7940B9DCF52CEE
Authority key identifier: 5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/M0Ca0E9YV2tG55MiPml9k2nYMHM.roa
Signing time: Mon 01 Jan 2024 20:30:30 +0000
ROA not before: Mon 01 Jan 2024 20:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 195.225.127.0/24 maxlen: 24
91.211.232.0/24 maxlen: 24
185.108.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/W8mmyFynpWV7noroCGXRLvgWagM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/W8mmyFynpWV7noroCGXRLvgWagM.mft
rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:86:ae:0c:6c:12:77:6d:79:40:b9:dc:f5:2c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Validity
Not Before: Jan 1 20:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33409ad04f58576b46e793223e697d9369d83073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:88:e1:45:2c:a9:5c:a2:7f:e9:48:52:b3:84:
60:76:04:9b:14:34:74:4e:79:d2:e3:8c:d2:82:52:
d3:ec:bc:8d:c8:0a:f3:46:06:a9:c8:8d:f1:de:9f:
3e:a6:34:13:c2:1a:a0:7c:8c:3b:7a:b3:20:43:7c:
7a:76:61:78:7b:47:3f:7c:7f:8c:06:09:24:b2:9c:
8a:3c:83:9b:93:3b:e5:45:87:1b:8f:f9:44:b5:67:
3f:06:1e:bb:10:be:e7:d4:17:2d:2f:71:a3:e1:c9:
44:52:18:4d:ec:5b:c4:30:41:db:88:33:09:15:58:
ba:a0:10:93:00:82:62:76:f1:b1:70:0d:ef:f7:a4:
9a:da:d0:9f:ca:da:7e:4f:9e:74:8a:94:2b:36:98:
3b:c9:d8:f8:00:43:06:ca:f7:f2:4f:71:10:18:73:
7c:8d:71:14:cc:cb:1b:bc:50:bb:2c:0b:a9:2f:c8:
fc:fc:78:16:49:88:7c:b1:6d:ea:72:dd:c6:a7:44:
40:4f:e4:72:b1:90:af:cc:b7:d3:1c:0b:30:c7:4c:
30:29:2a:5d:8c:06:26:cb:42:76:2e:e2:45:b3:d9:
1e:cc:c1:13:ea:4c:14:4b:9a:91:ea:f3:5d:ed:5b:
82:78:7e:b0:6d:3a:d2:29:be:ba:5d:bc:1b:dd:2a:
b0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:40:9A:D0:4F:58:57:6B:46:E7:93:22:3E:69:7D:93:69:D8:30:73
X509v3 Authority Key Identifier:
keyid:5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/M0Ca0E9YV2tG55MiPml9k2nYMHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/W8mmyFynpWV7noroCGXRLvgWagM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.232.0/24
185.108.188.0/24
195.225.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:9c:27:cf:02:cc:f3:69:f1:6f:ef:31:9f:c6:e3:c6:2e:cc:
2f:54:ac:9b:ba:41:3e:2f:12:64:20:26:54:75:f4:46:b3:b6:
f2:d4:23:f7:76:70:74:d2:44:9e:1c:9c:ee:9b:6e:28:f4:35:
1f:84:e1:48:6e:46:7c:f2:8e:d3:3a:42:97:35:59:9c:ac:06:
20:79:b5:17:13:f5:ff:31:51:91:c2:1a:06:58:00:f0:06:c0:
42:8c:df:83:5d:9f:43:3d:ca:47:14:e5:6c:88:fc:a2:77:ac:
9f:5e:8b:1d:f4:e7:7c:c1:b6:81:8b:15:a2:da:2b:53:49:9f:
52:d1:9c:83:54:31:a1:21:5b:34:e9:b0:c6:66:a4:23:26:d2:
5a:ee:fa:9c:92:cd:b1:fa:52:d3:c1:e1:4a:ff:0d:3b:de:23:
d8:b4:12:91:0f:bb:94:6f:d8:e6:a7:51:cf:62:76:56:20:b1:
6f:ba:59:b1:71:08:05:f7:fe:23:6a:ad:93:d7:50:ff:5c:c9:
ee:99:ee:57:f1:f8:c3:ae:90:3d:f9:17:b2:db:b9:d2:67:f1:
9d:80:88:eb:43:4f:7f:79:54:c0:cc:cf:06:94:e4:b9:7b:d2:
0b:e2:9f:37:b9:73:f0:d4:c1:e7:ab:0a:4d:84:fa:66:73:ae:
70:e7:51:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuIauDGwSd215QLnc9SzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYzlhNmM4NWNhN2E1NjU3YjllOGFlODA4NjVkMTJlZjgx
NjZhMDMwHhcNMjQwMTAxMjAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQwOWFkMDRmNTg1NzZiNDZlNzkzMjIzZTY5N2Q5MzY5ZDgzMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIjhRSypXKJ/6UhSs4RgdgSbFDR0
TnnS44zSglLT7LyNyArzRgapyI3x3p8+pjQTwhqgfIw7erMgQ3x6dmF4e0c/fH+M
BgkkspyKPIObkzvlRYcbj/lEtWc/Bh67EL7n1BctL3Gj4clEUhhN7FvEMEHbiDMJ
FVi6oBCTAIJidvGxcA3v96Sa2tCfytp+T550ipQrNpg7ydj4AEMGyvfyT3EQGHN8
jXEUzMsbvFC7LAupL8j8/HgWSYh8sW3qct3Gp0RAT+RysZCvzLfTHAswx0wwKSpd
jAYmy0J2LuJFs9kezMET6kwUS5qR6vNd7VuCeH6wbTrSKb66Xbwb3SqwvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDNAmtBPWFdrRueTIj5pfZNp2DBzMB8GA1UdIwQY
MBaAFFvJpshcp6Vle56K6Ahl0S74FmoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAt
NDhmNzdlZTg1YWI5LzEvTTBDYTBFOVlWMnRHNTVNaVBtbDlrMm5ZTUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAtNDhmNzdlZTg1YWI5
LzEvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9PoAwQA
uWy8AwQAw+F/MA0GCSqGSIb3DQEBCwUAA4IBAQAcnCfPAszzafFv7zGfxuPGLswv
VKybukE+LxJkICZUdfRGs7by1CP3dnB00kSeHJzum24o9DUfhOFIbkZ88o7TOkKX
NVmcrAYgebUXE/X/MVGRwhoGWADwBsBCjN+DXZ9DPcpHFOVsiPyid6yfXosd9Od8
wbaBixWi2itTSZ9S0ZyDVDGhIVs06bDGZqQjJtJa7vqcks2x+lLTweFK/w073iPY
tBKRD7uUb9jmp1HPYnZWILFvulmxcQgF9/4jaq2T11D/XMnume5X8fjDrpA9+Rey
27nSZ/GdgIjrQ09/eVTAzM8GlOS5e9IL4p83uXPw1MHnqwpNhPpmc65w51FB
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:27:50 2024 by rpki-client on console-ams.rpki-client.org