Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/cwCecfKt_BvTHD2jxuf9e0-QM1U.roa
File: cwCecfKt_BvTHD2jxuf9e0-QM1U.roa (raw, json)
Hash identifier: VGPDXUzzojX2CQ5FT52WGLESVmy8d6NcOZH7YAreS1E=
Subject key identifier: 73:00:9E:71:F2:AD:FC:1B:D3:1C:3D:A3:C6:E7:FD:7B:4F:90:33:55
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018CC7276F1A00156C143680D91CACFE1A83
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/cwCecfKt_BvTHD2jxuf9e0-QM1U.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206957
IP address blocks: 78.133.237.0/24 maxlen: 24
89.174.109.0/24 maxlen: 24
89.174.117.0/24 maxlen: 24
89.174.116.0/24 maxlen: 24
89.174.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:6f:1a:00:15:6c:14:36:80:d9:1c:ac:fe:1a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73009e71f2adfc1bd31c3da3c6e7fd7b4f903355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:78:0e:2b:e0:fa:17:6c:49:0d:e6:90:e9:
ed:a5:4b:74:c1:f4:87:85:59:b3:4a:94:d4:bd:57:
41:a1:4b:12:25:8e:25:ad:51:9d:9b:0d:c5:f0:8f:
aa:95:a2:16:95:83:79:a3:e3:84:e8:af:bf:6d:87:
2d:33:d8:41:8c:4d:f5:4b:06:42:1f:b2:9d:5f:73:
40:a4:c5:f8:4b:69:c8:1a:ab:5e:d3:0c:4b:1d:91:
2e:10:d7:9f:3b:c7:ed:31:57:fe:9f:10:c0:2a:33:
96:df:5f:ad:2a:18:31:6b:28:7a:bb:81:1b:d3:cc:
a1:a6:03:7f:3d:3f:8c:98:b2:58:a5:b2:4c:a7:95:
8c:59:9e:1a:cd:f7:34:a5:27:cb:aa:be:a0:c3:a9:
ab:f8:be:7f:94:9b:82:50:fc:e3:fb:2d:c3:9b:d0:
1a:4e:b1:4a:99:b5:e1:60:82:36:97:c1:c5:93:77:
36:59:b2:d5:ae:1c:cd:62:94:80:91:1e:ab:a3:67:
c9:60:a3:94:24:36:c6:bc:4b:f3:3f:0c:13:70:d3:
18:e1:c9:cd:af:02:ea:0d:81:0a:5e:ea:13:ce:69:
db:d0:77:93:e0:e2:c0:99:8e:19:26:87:1b:f5:8b:
e0:e8:d1:3a:f4:9c:04:3c:e6:23:3d:e3:55:33:ef:
9d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:00:9E:71:F2:AD:FC:1B:D3:1C:3D:A3:C6:E7:FD:7B:4F:90:33:55
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/cwCecfKt_BvTHD2jxuf9e0-QM1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.237.0/24
89.174.109.0/24
89.174.116.0/23
89.174.228.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c0:ae:19:05:f4:14:e2:99:81:1c:5d:18:d5:80:8b:ca:08:
42:0f:61:be:1d:8b:07:b2:af:68:b4:08:90:98:ea:f1:68:de:
9b:30:33:b8:13:49:e0:a6:2e:f7:e0:06:fb:d1:1f:cc:8d:37:
04:9a:86:61:41:a5:8f:06:31:a6:d9:6d:fe:9e:0c:dd:d5:85:
9c:b2:67:32:13:ec:ca:43:99:30:59:cc:ff:b9:e3:5d:4c:b9:
59:f2:c8:52:83:00:33:51:69:7c:c2:a2:81:0a:4f:49:43:6b:
52:13:e1:19:32:bc:0c:c4:79:49:fb:bb:0a:d0:68:5e:07:48:
f2:1b:b6:99:e0:d5:df:d6:c2:9c:c6:5a:01:bc:2b:71:94:53:
b1:23:89:ff:2e:6b:a7:0c:f0:6b:01:c7:93:f6:2b:56:4e:82:
43:9d:d2:36:36:49:e0:f1:90:14:3a:aa:49:3a:16:61:df:68:
d2:9c:15:c2:41:0d:42:2c:1d:5f:9c:d4:f7:9d:fe:44:be:1e:
6c:e5:c4:54:9c:fb:b9:e4:b9:88:24:c8:fb:4a:99:97:14:95:
b1:28:64:6e:7c:26:89:47:70:98:ae:79:37:63:b7:d5:1d:e1:
cc:c7:d8:82:ec:a9:d6:e1:94:49:5c:45:6f:7d:9f:5a:77:bc:
91:a6:42:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJ28aABVsFDaA2Rys/hqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzAwOWU3MWYyYWRmYzFiZDMxYzNkYTNjNmU3ZmQ3YjRmOTAzMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb94Divg+hdsSQ3mkOntpUt0wfSH
hVmzSpTUvVdBoUsSJY4lrVGdmw3F8I+qlaIWlYN5o+OE6K+/bYctM9hBjE31SwZC
H7KdX3NApMX4S2nIGqte0wxLHZEuENefO8ftMVf+nxDAKjOW31+tKhgxayh6u4Eb
08yhpgN/PT+MmLJYpbJMp5WMWZ4azfc0pSfLqr6gw6mr+L5/lJuCUPzj+y3Dm9Aa
TrFKmbXhYII2l8HFk3c2WbLVrhzNYpSAkR6ro2fJYKOUJDbGvEvzPwwTcNMY4cnN
rwLqDYEKXuoTzmnb0HeT4OLAmY4ZJocb9Yvg6NE69JwEPOYjPeNVM++dAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHMAnnHyrfwb0xw9o8bn/XtPkDNVMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvY3dDZWNmS3RfQnZUSEQyanh1ZjllMC1RTTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAToXtAwQA
Wa5tAwQBWa50AwQAWa7kMA0GCSqGSIb3DQEBCwUAA4IBAQANwK4ZBfQU4pmBHF0Y
1YCLyghCD2G+HYsHsq9otAiQmOrxaN6bMDO4E0ngpi734Ab70R/MjTcEmoZhQaWP
BjGm2W3+ngzd1YWcsmcyE+zKQ5kwWcz/ueNdTLlZ8shSgwAzUWl8wqKBCk9JQ2tS
E+EZMrwMxHlJ+7sK0GheB0jyG7aZ4NXf1sKcxloBvCtxlFOxI4n/LmunDPBrAceT
9itWToJDndI2Nkng8ZAUOqpJOhZh32jSnBXCQQ1CLB1fnNT3nf5Evh5s5cRUnPu5
5LmIJMj7SpmXFJWxKGRufCaJR3CYrnk3Y7fVHeHMx9iC7KnW4ZRJXEVvfZ9ad7yR
pkJ/
-----END CERTIFICATE-----
Generated at Sat May 18 14:25:47 2024 by rpki-client on console-fra.rpki-client.org