Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2oNElnURzlrwUjkySyDxpYxoKtQ.roa
File: 2oNElnURzlrwUjkySyDxpYxoKtQ.roa (raw, json)
Hash identifier: 1tLfi5mxmx6YPWfWJaQc/CgMNM29xjDE/IFrjTvd+No=
Subject key identifier: DA:83:44:96:75:11:CE:5A:F0:52:39:32:4B:20:F1:A5:8C:68:2A:D4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018CC9BA95323A43CB28BB5D5337864EB38D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2oNElnURzlrwUjkySyDxpYxoKtQ.roa
Signing time: Tue 02 Jan 2024 10:31:37 +0000
ROA not before: Tue 02 Jan 2024 10:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16200
IP address blocks: 91.186.192.0/24 maxlen: 24
83.147.192.0/24 maxlen: 24
83.147.193.0/24 maxlen: 24
83.147.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:95:32:3a:43:cb:28:bb:5d:53:37:86:4e:b3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 10:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da8344967511ce5af05239324b20f1a58c682ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:02:26:aa:86:f8:6f:78:15:71:d6:94:62:9e:
24:e7:65:14:76:52:c5:ef:00:8e:5e:b0:1a:5e:48:
e4:a5:fd:ba:2d:1a:9d:f7:7b:0d:1b:7d:7b:a6:1e:
48:4d:c9:15:11:ec:8a:b3:96:71:58:24:29:d2:1b:
63:52:15:46:ac:44:77:a3:97:9f:c0:ee:95:ac:bf:
01:4a:ae:9a:9f:71:59:f0:79:f9:f3:62:5b:08:97:
99:64:8a:7c:bd:1f:2e:fb:74:87:ef:59:8d:39:b5:
93:8d:bf:52:92:ad:87:dc:29:c3:f3:ca:79:4d:bd:
30:7b:4c:c5:ba:14:fd:94:9a:1f:bc:d4:9b:64:da:
6a:8c:ee:1e:cb:f5:af:08:27:20:38:2e:fe:94:57:
cb:9f:13:7c:ae:aa:90:6d:38:db:49:cc:05:98:44:
f0:04:95:2f:92:a2:82:4d:27:13:4b:9b:3d:78:db:
b2:8f:89:92:3d:98:f2:4c:01:f1:6a:3a:b3:9a:c5:
29:0c:6e:7c:bb:22:7a:ef:5c:3e:a2:5a:ed:43:ff:
f4:7e:9f:5e:ae:62:35:d7:0e:9c:36:a3:52:95:7d:
b8:cc:bd:d7:d0:46:00:22:c2:f1:b2:2a:16:60:18:
e6:f6:e0:04:1a:40:5c:d8:ff:c2:4c:fe:a3:c7:74:
d1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:83:44:96:75:11:CE:5A:F0:52:39:32:4B:20:F1:A5:8C:68:2A:D4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2oNElnURzlrwUjkySyDxpYxoKtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0-83.147.194.255
91.186.192.0/24
Signature Algorithm: sha256WithRSAEncryption
35:92:30:47:d0:b0:14:0a:da:d9:ea:2d:5b:20:d1:2f:ae:8b:
99:99:c7:6a:47:b2:49:01:7f:14:56:55:a7:6d:01:7b:da:46:
c7:d4:be:c1:64:0b:e2:82:80:54:6b:1d:bc:77:43:50:c7:c8:
bf:c4:dc:57:85:24:b3:80:2b:bf:c0:dc:79:12:e9:a2:a9:ee:
f3:24:40:56:11:5d:a4:60:a2:af:d9:7a:ca:96:d4:62:e0:2f:
06:ca:a0:4d:a3:5d:11:eb:ae:48:c8:3a:94:d1:99:04:64:83:
b4:81:f3:97:b3:79:43:3f:70:40:de:79:8e:8a:ca:b9:4c:4c:
56:b2:a2:21:32:50:d6:db:42:7b:d6:10:2e:14:18:66:4a:f5:
a5:ac:be:8a:5c:91:4f:78:5d:f3:fb:91:33:0a:52:04:c0:a8:
ff:10:78:c4:6c:09:03:96:40:f1:ce:d4:a0:94:e1:d8:8a:d9:
8a:47:13:97:22:81:61:1e:8f:3b:11:e1:b8:8d:b5:af:3e:76:
82:3f:8c:b2:b3:5d:19:e5:af:8d:1d:71:7f:ba:9f:13:a2:fa:
4f:56:e2:06:85:c4:e1:8b:f6:ea:f0:12:7d:7d:54:af:b4:83:
c9:cc:ba:1b:a9:31:7c:79:f6:36:df:2a:25:85:92:b9:4f:4a:
60:5f:3f:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJupUyOkPLKLtdUzeGTrONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTAyMTAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTgzNDQ5Njc1MTFjZTVhZjA1MjM5MzI0YjIwZjFhNThjNjgyYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowImqob4b3gVcdaUYp4k52UUdlLF
7wCOXrAaXkjkpf26LRqd93sNG317ph5ITckVEeyKs5ZxWCQp0htjUhVGrER3o5ef
wO6VrL8BSq6an3FZ8Hn582JbCJeZZIp8vR8u+3SH71mNObWTjb9Skq2H3CnD88p5
Tb0we0zFuhT9lJofvNSbZNpqjO4ey/WvCCcgOC7+lFfLnxN8rqqQbTjbScwFmETw
BJUvkqKCTScTS5s9eNuyj4mSPZjyTAHxajqzmsUpDG58uyJ671w+olrtQ//0fp9e
rmI11w6cNqNSlX24zL3X0EYAIsLxsioWYBjm9uAEGkBc2P/CTP6jx3TRzQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNqDRJZ1Ec5a8FI5Mksg8aWMaCrUMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMm9ORWxuVVJ6bHJ3VWpreVN5RHhwWXhvS3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZTk8AD
BABTk8IDBABbusAwDQYJKoZIhvcNAQELBQADggEBADWSMEfQsBQK2tnqLVsg0S+u
i5mZx2pHskkBfxRWVadtAXvaRsfUvsFkC+KCgFRrHbx3Q1DHyL/E3FeFJLOAK7/A
3HkS6aKp7vMkQFYRXaRgoq/ZesqW1GLgLwbKoE2jXRHrrkjIOpTRmQRkg7SB85ez
eUM/cEDeeY6KyrlMTFayoiEyUNbbQnvWEC4UGGZK9aWsvopckU94XfP7kTMKUgTA
qP8QeMRsCQOWQPHO1KCU4diK2YpHE5cigWEejzsR4biNta8+doI/jLKzXRnlr40d
cX+6nxOi+k9W4gaFxOGL9urwEn19VK+0g8nMuhupMXx59jbfKiWFkrlPSmBfP/w=
-----END CERTIFICATE-----
Generated at Sat Apr 27 18:51:25 2024 by rpki-client on console-ams.rpki-client.org