Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/dL0XWuMWe_2-McofnGQYe3IpEEY.roa
File: dL0XWuMWe_2-McofnGQYe3IpEEY.roa (raw, json)
Hash identifier: qG37sZz9RReQrTdvUDPZTM4LSjg11839PWfzjmfw/Cg=
Subject key identifier: 74:BD:17:5A:E3:16:7B:FD:BE:31:CA:1F:9C:64:18:7B:72:29:10:46
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018CC94CC802C82AA24FE9DE7889877863B9
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/dL0XWuMWe_2-McofnGQYe3IpEEY.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 92.63.203.0/24 maxlen: 24
185.176.25.0/24 maxlen: 24
92.63.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c8:02:c8:2a:a2:4f:e9:de:78:89:87:78:63:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74bd175ae3167bfdbe31ca1f9c64187b72291046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d9:9f:aa:a8:e2:18:83:49:35:07:f3:77:7b:
a9:ec:c2:84:5b:05:01:44:c9:95:34:dc:92:da:06:
66:da:8e:22:80:07:d2:05:09:55:2e:da:7e:3e:4e:
98:3a:b2:1d:e6:51:14:63:e2:5f:d6:b9:9f:5d:1f:
f7:a2:ca:6d:d8:26:83:21:e9:b1:f4:a9:f5:c9:a0:
9d:91:df:90:f8:e7:5f:67:70:bb:d5:1b:e3:96:09:
98:91:62:ad:fe:f6:5d:68:4e:e0:00:b9:31:d8:f1:
59:d8:7a:2b:4f:01:f3:e1:a9:99:89:08:82:6c:ad:
c8:55:ac:83:eb:09:df:0e:f4:ed:5f:99:51:ce:23:
4e:56:5a:56:33:69:e3:91:0e:46:e2:4a:aa:41:1e:
8f:c1:fc:8a:0d:c4:6d:6d:05:0a:1c:93:d0:bc:0c:
cd:66:eb:25:c0:ad:6e:51:cb:c7:73:17:22:ee:8c:
a7:ca:7d:02:fe:ac:e6:9f:29:be:9c:e8:09:bf:1d:
d4:6e:b9:de:16:d5:3c:74:16:1c:96:a9:a7:da:f2:
83:b9:ef:a9:6b:86:a5:99:fe:25:bf:a4:d0:61:a6:
0a:9e:18:ec:f5:84:37:65:fb:80:9d:cd:c5:fd:27:
50:36:20:ae:c4:82:25:74:73:4e:b2:82:99:1d:99:
e4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BD:17:5A:E3:16:7B:FD:BE:31:CA:1F:9C:64:18:7B:72:29:10:46
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/dL0XWuMWe_2-McofnGQYe3IpEEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.199.0/24
92.63.203.0/24
185.176.25.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f6:28:bd:10:a4:d2:81:58:cb:71:d8:6d:f0:51:a9:9b:d8:
9c:f8:a4:64:33:22:eb:16:8b:a4:73:51:c4:28:1c:ae:a6:ab:
9b:5b:51:ab:a9:b4:13:e8:3c:c8:62:de:1a:6b:75:ff:7c:0c:
1e:b7:18:a4:e4:de:ca:96:c6:94:0e:3e:82:5e:50:33:6c:7b:
14:e2:f5:7f:4f:ba:f3:45:05:09:dc:14:63:ee:68:96:4f:54:
e5:f5:93:b7:cf:cb:9e:0b:fb:2d:87:fa:9c:88:07:0a:a0:17:
9a:2d:2d:14:33:9c:3d:7d:06:fb:d9:a3:1e:17:a2:f7:cb:84:
02:b1:41:e3:27:1a:84:25:43:d0:c6:07:db:b9:21:b2:61:f6:
4a:6f:93:59:eb:e0:ff:22:75:7e:b1:2c:35:9d:4c:0d:b0:67:
22:55:2d:83:d5:a3:7c:6a:cf:fd:bb:9c:20:90:74:4a:d9:1b:
a1:33:2c:e8:50:8f:f5:b6:61:28:46:5c:a9:5f:43:ab:78:bf:
06:bf:39:0a:fd:fd:59:55:07:83:47:e3:c3:0a:a3:ac:c7:23:
53:f8:48:04:6c:b2:61:6e:af:4c:b9:3c:85:73:0f:e0:21:c8:
06:24:93:1a:92:e0:73:46:76:90:ff:45:f5:4f:ae:72:55:12:
94:4b:a5:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTMgCyCqiT+neeImHeGO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJkMTc1YWUzMTY3YmZkYmUzMWNhMWY5YzY0MTg3YjcyMjkxMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdmfqqjiGINJNQfzd3up7MKEWwUB
RMmVNNyS2gZm2o4igAfSBQlVLtp+Pk6YOrId5lEUY+Jf1rmfXR/3ospt2CaDIemx
9Kn1yaCdkd+Q+OdfZ3C71RvjlgmYkWKt/vZdaE7gALkx2PFZ2HorTwHz4amZiQiC
bK3IVayD6wnfDvTtX5lRziNOVlpWM2njkQ5G4kqqQR6PwfyKDcRtbQUKHJPQvAzN
ZuslwK1uUcvHcxci7oynyn0C/qzmnym+nOgJvx3UbrneFtU8dBYclqmn2vKDue+p
a4almf4lv6TQYaYKnhjs9YQ3ZfuAnc3F/SdQNiCuxIIldHNOsoKZHZnkKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHS9F1rjFnv9vjHKH5xkGHtyKRBGMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvZEwwWFd1TVdlXzItTWNvZm5HUVllM0lwRUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXD/HAwQA
XD/LAwQAubAZMA0GCSqGSIb3DQEBCwUAA4IBAQAh9ii9EKTSgVjLcdht8FGpm9ic
+KRkMyLrFoukc1HEKByupqubW1GrqbQT6DzIYt4aa3X/fAwetxik5N7KlsaUDj6C
XlAzbHsU4vV/T7rzRQUJ3BRj7miWT1Tl9ZO3z8ueC/sth/qciAcKoBeaLS0UM5w9
fQb72aMeF6L3y4QCsUHjJxqEJUPQxgfbuSGyYfZKb5NZ6+D/InV+sSw1nUwNsGci
VS2D1aN8as/9u5wgkHRK2RuhMyzoUI/1tmEoRlypX0OreL8GvzkK/f1ZVQeDR+PD
CqOsxyNT+EgEbLJhbq9MuTyFcw/gIcgGJJMakuBzRnaQ/0X1T65yVRKUS6VT
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:55:48 2024 by rpki-client on console-fra.rpki-client.org