Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/_cCbmMhIBo-nTmyNbrp2iiKmAJM.roa
File: _cCbmMhIBo-nTmyNbrp2iiKmAJM.roa (raw, json)
Hash identifier: tXucB6McOPG7XrvAHkgkD79uDeNyFaSaVC3Bp/dJ24M=
Subject key identifier: FD:C0:9B:98:C8:48:06:8F:A7:4E:6C:8D:6E:BA:76:8A:22:A6:00:93
Certificate issuer: /CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Certificate serial: 018CC56E2BB1E88DC84D2941F73FC61471FB
Authority key identifier: F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/_cCbmMhIBo-nTmyNbrp2iiKmAJM.roa
Signing time: Mon 01 Jan 2024 14:29:40 +0000
ROA not before: Mon 01 Jan 2024 14:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47156
IP address blocks: 176.103.96.0/20 maxlen: 20
91.203.196.0/22 maxlen: 22
213.5.24.0/21 maxlen: 21
185.27.208.0/22 maxlen: 22
83.136.234.0/24 maxlen: 24
83.136.238.0/24 maxlen: 24
83.136.239.0/24 maxlen: 24
83.136.236.0/24 maxlen: 24
93.188.204.0/24 maxlen: 24
2a04:34c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9NavTeibuoEYlTzO6_s59FqO0bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9NavTeibuoEYlTzO6_s59FqO0bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2b:b1:e8:8d:c8:4d:29:41:f7:3f:c6:14:71:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Validity
Not Before: Jan 1 14:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdc09b98c848068fa74e6c8d6eba768a22a60093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:51:08:5a:58:93:92:08:cf:d4:d4:33:41:
16:b8:07:e3:1d:fb:6f:9e:3d:82:27:e8:ab:ba:7d:
be:d3:a1:db:4f:fd:78:ad:5c:7f:9a:e1:c3:1e:2c:
b2:45:a1:63:ec:84:ce:33:5d:d3:ec:34:fe:05:b2:
c0:99:a4:d5:c1:5b:e2:46:80:5d:ff:4a:84:1b:75:
2e:e2:3e:eb:ca:bf:b0:40:78:21:e4:65:94:9c:07:
b2:09:d3:6e:1c:97:d6:c6:5c:43:ff:73:0c:a7:a4:
29:24:54:dd:98:46:c5:53:ed:78:fa:c1:36:8f:19:
1f:d1:fe:44:b0:c0:cd:4f:bb:cd:43:f0:ce:f8:46:
6c:e3:ac:b7:4b:f0:c4:2a:fe:ee:76:31:03:64:3e:
a8:90:5a:84:dc:46:1b:d4:a8:24:fe:b6:8c:5d:40:
96:84:a8:ac:12:e6:ee:7a:21:c4:c2:39:b2:52:a9:
ac:6b:a2:b6:85:69:9f:da:50:56:19:70:55:e2:da:
1d:88:d4:d4:31:a2:8c:ac:1f:4e:6f:ae:80:17:85:
0d:7b:13:b3:61:32:0e:0c:2d:c5:41:10:ff:a5:ce:
a8:a1:c8:ca:b7:99:d1:73:8a:22:79:2f:f6:21:a0:
6a:15:20:82:d4:0e:26:19:a4:7d:9a:53:92:44:a7:
83:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C0:9B:98:C8:48:06:8F:A7:4E:6C:8D:6E:BA:76:8A:22:A6:00:93
X509v3 Authority Key Identifier:
keyid:F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/_cCbmMhIBo-nTmyNbrp2iiKmAJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9NavTeibuoEYlTzO6_s59FqO0bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.234.0/24
83.136.236.0/24
83.136.238.0/23
91.203.196.0/22
93.188.204.0/24
176.103.96.0/20
185.27.208.0/22
213.5.24.0/21
IPv6:
2a04:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:92:78:82:bb:22:dd:69:34:c0:e5:6a:b0:60:d9:9c:ec:66:
48:82:ab:e2:cd:81:65:4c:18:4d:00:0d:bc:ba:8e:08:19:37:
9b:48:80:f4:14:49:6c:af:51:6b:31:44:35:72:2d:71:8f:bf:
ea:a4:d6:85:9f:8a:e9:58:91:65:73:d5:ac:61:b9:84:5a:82:
54:35:d7:4f:29:ec:df:63:16:0d:66:81:cc:fb:71:c3:13:ee:
99:fc:20:b4:9d:b7:ab:b0:84:09:b8:2c:c9:6c:e1:b8:8e:6f:
0f:e6:39:56:00:8d:d9:f3:8d:0f:6e:e2:36:ad:6a:81:d8:e9:
f7:d1:34:0a:86:a2:0f:98:95:1d:a7:40:07:c4:d1:be:ed:c7:
26:1c:6f:2d:54:a4:a4:b3:69:fe:2e:89:2b:14:91:8e:ce:29:
2b:71:c8:7a:84:f4:c1:f1:eb:28:d5:01:fb:ce:94:02:9d:bb:
eb:ec:e1:3e:9c:41:c9:70:f7:41:c0:ff:0c:94:d4:55:71:f6:
7e:b8:56:f1:64:21:29:d4:4e:08:4b:4f:02:a0:e0:ad:06:8c:
15:7b:c7:ca:5b:af:a9:6b:15:a3:94:f6:4a:b1:2d:a6:4e:1c:
f0:40:73:b2:0e:bf:b9:3d:3e:bb:1f:f1:2e:9c:f2:0f:4e:ac:
e4:e2:c8:ba
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFbiux6I3ITSlB9z/GFHH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDZhZjRkZTg5YmJhODExODk1M2NjZWViZmIzOWY0NWE4
ZWQxYmMwHhcNMjQwMTAxMTQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGMwOWI5OGM4NDgwNjhmYTc0ZTZjOGQ2ZWJhNzY4YTIyYTYwMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoNRCFpYk5IIz9TUM0EWuAfjHftv
nj2CJ+irun2+06HbT/14rVx/muHDHiyyRaFj7ITOM13T7DT+BbLAmaTVwVviRoBd
/0qEG3Uu4j7ryr+wQHgh5GWUnAeyCdNuHJfWxlxD/3MMp6QpJFTdmEbFU+14+sE2
jxkf0f5EsMDNT7vNQ/DO+EZs46y3S/DEKv7udjEDZD6okFqE3EYb1Kgk/raMXUCW
hKisEubueiHEwjmyUqmsa6K2hWmf2lBWGXBV4todiNTUMaKMrB9Ob66AF4UNexOz
YTIODC3FQRD/pc6oocjKt5nRc4oieS/2IaBqFSCC1A4mGaR9mlOSRKeDkwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFP3Am5jISAaPp05sjW66dooipgCTMB8GA1UdIwQY
MBaAFPTWr03om7qBGJU8zuv7OfRajtG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEt
ZDhkZjhlNGM2NWZlLzEvX2NDYm1NaElCby1uVG15TmJycDJpaUttQUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEtZDhkZjhlNGM2NWZl
LzEvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAU4jqAwQA
U4jsAwQBU4juAwQCW8vEAwQAXbzMAwQEsGdgAwQCuRvQAwQD1QUYMA0EAgACMAcD
BQMqBDTAMA0GCSqGSIb3DQEBCwUAA4IBAQBnkniCuyLdaTTA5WqwYNmc7GZIgqvi
zYFlTBhNAA28uo4IGTebSID0FElsr1FrMUQ1ci1xj7/qpNaFn4rpWJFlc9WsYbmE
WoJUNddPKezfYxYNZoHM+3HDE+6Z/CC0nbersIQJuCzJbOG4jm8P5jlWAI3Z840P
buI2rWqB2On30TQKhqIPmJUdp0AHxNG+7ccmHG8tVKSks2n+LokrFJGOzikrcch6
hPTB8eso1QH7zpQCnbvr7OE+nEHJcPdBwP8MlNRVcfZ+uFbxZCEp1E4IS08CoOCt
BowVe8fKW6+paxWjlPZKsS2mThzwQHOyDr+5PT67H/EunPIPTqzk4si6
-----END CERTIFICATE-----
Generated at Wed May 22 11:37:28 2024 by rpki-client on console-ams.rpki-client.org