Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-wkmYpdFW4BGbMpAFs6RmORlTYM.roa
File: 1-wkmYpdFW4BGbMpAFs6RmORlTYM.roa (raw, json)
Hash identifier: v0fyheD7aNmQnG3hMJei8Q6zh6CV6q4HVRVIr1SXzd8=
Subject key identifier: FB:09:26:62:97:45:5B:80:46:6C:CA:40:16:CE:91:98:E4:65:4D:83
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DDC34ED1D837BCAED6688E9F08C1E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-wkmYpdFW4BGbMpAFs6RmORlTYM.roa
Signing time: Mon 01 Jan 2024 14:29:20 +0000
ROA not before: Mon 01 Jan 2024 14:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3168
IP address blocks: 178.176.132.0/24 maxlen: 24
62.89.197.0/24 maxlen: 24
178.176.129.0/24 maxlen: 24
62.89.206.0/24 maxlen: 24
62.89.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:dc:34:ed:1d:83:7b:ca:ed:66:88:e9:f0:8c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb09266297455b80466cca4016ce9198e4654d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:e2:ae:8a:8f:a9:5f:b5:11:9a:f1:fe:eb:
84:d0:b1:c4:e8:01:9d:4b:47:a0:df:df:23:47:95:
f7:78:b9:6d:88:5c:36:ce:17:d5:47:ff:fb:66:fe:
c4:8b:90:cc:67:78:94:d3:36:c1:1f:2a:0a:59:d0:
d7:48:a9:d1:f7:61:35:f8:c4:6c:ef:f6:a3:8b:6c:
75:81:af:8f:5b:bd:66:a6:31:49:d8:aa:28:1d:b9:
8c:03:8c:f1:ec:58:e9:5b:3f:cf:cb:70:26:d5:50:
64:01:96:9b:db:f8:c0:f2:4b:1e:ca:d3:69:92:c3:
ae:b3:fd:61:71:01:7b:e8:43:1e:47:11:ed:f5:38:
cd:70:6d:e4:8b:b5:15:7d:32:9c:98:b8:e9:a3:51:
aa:f3:67:71:c1:61:a9:68:b7:9e:4d:bd:e3:a3:95:
c7:dc:f4:1b:68:76:98:84:16:62:41:cb:6e:ed:ab:
9c:d3:6a:3c:6a:61:6e:dd:2b:fd:ca:dc:30:22:e1:
2e:8d:03:5c:67:e2:3a:ee:60:16:40:fa:26:f5:03:
ac:8e:bf:b0:36:ee:27:a6:71:43:df:1e:bb:8d:4a:
66:ca:be:ec:71:a0:b3:d9:25:2b:08:69:4a:5d:b7:
63:c0:72:54:13:dd:c1:9c:80:ba:a6:14:71:22:82:
a6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:09:26:62:97:45:5B:80:46:6C:CA:40:16:CE:91:98:E4:65:4D:83
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-wkmYpdFW4BGbMpAFs6RmORlTYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.89.197.0/24
62.89.206.0/23
178.176.129.0/24
178.176.132.0/24
Signature Algorithm: sha256WithRSAEncryption
84:c3:0e:a9:56:31:e4:af:11:5d:b8:b3:27:7c:fe:ed:45:88:
0c:aa:90:c6:95:e2:3e:57:a2:0f:6e:33:ae:62:0e:58:58:c9:
9f:76:a3:00:ef:10:e7:bf:1e:29:f4:bb:b6:72:06:46:30:8f:
b8:e3:4a:ce:80:6e:e6:ab:72:fe:c6:ba:f6:df:67:54:c0:e9:
41:04:ae:13:31:6f:71:2f:6a:41:46:7e:64:5d:69:57:ed:b3:
27:ce:b2:e5:38:04:45:ad:8a:4b:d8:fa:a6:20:0c:9d:e7:cb:
9a:60:98:7a:46:b6:f2:cc:7b:bc:2f:16:fb:d9:97:9c:31:0c:
c9:2a:2f:1e:f7:1a:8f:88:5b:f2:f7:65:c2:12:ea:bc:61:b7:
28:8c:f6:ac:26:f5:47:c5:60:05:5d:fa:42:2e:a2:d1:4f:55:
eb:16:32:d9:f0:f2:c1:5a:79:41:40:55:ce:4a:3f:53:c3:e8:
94:9e:10:73:33:b2:a1:28:65:51:48:d0:99:a3:bb:c3:58:9d:
d4:1e:6d:b2:37:84:46:bd:88:06:f6:19:1f:7c:0b:67:db:34:
10:de:f4:0b:f1:b6:e5:4d:c1:13:9a:93:37:04:2d:0c:15:73:
51:48:f3:92:d6:1b:c0:8a:de:76:3c:3c:f4:c0:6f:aa:7e:52:
71:85:97:48
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzFbdw07R2De8rtZojp8IweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA5MjY2Mjk3NDU1YjgwNDY2Y2NhNDAxNmNlOTE5OGU0NjU0ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+/iroqPqV+1EZrx/uuE0LHE6AGd
S0eg398jR5X3eLltiFw2zhfVR//7Zv7Ei5DMZ3iU0zbBHyoKWdDXSKnR92E1+MRs
7/aji2x1ga+PW71mpjFJ2KooHbmMA4zx7FjpWz/Py3Am1VBkAZab2/jA8kseytNp
ksOus/1hcQF76EMeRxHt9TjNcG3ki7UVfTKcmLjpo1Gq82dxwWGpaLeeTb3jo5XH
3PQbaHaYhBZiQctu7auc02o8amFu3Sv9ytwwIuEujQNcZ+I67mAWQPom9QOsjr+w
Nu4npnFD3x67jUpmyr7scaCz2SUrCGlKXbdjwHJUE93BnIC6phRxIoKmTwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPsJJmKXRVuARmzKQBbOkZjkZU2DMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMS13a21ZcGRGVzRCR2JNcEFGczZSbU9SbFRZTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFk
MC8xL2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAD5ZxQME
AT5ZzgMEALKwgQMEALKwhDANBgkqhkiG9w0BAQsFAAOCAQEAhMMOqVYx5K8RXbiz
J3z+7UWIDKqQxpXiPleiD24zrmIOWFjJn3ajAO8Q578eKfS7tnIGRjCPuONKzoBu
5qty/sa69t9nVMDpQQSuEzFvcS9qQUZ+ZF1pV+2zJ86y5TgERa2KS9j6piAMnefL
mmCYeka28sx7vC8W+9mXnDEMySovHvcaj4hb8vdlwhLqvGG3KIz2rCb1R8VgBV36
Qi6i0U9V6xYy2fDywVp5QUBVzko/U8PolJ4QczOyoShlUUjQmaO7w1id1B5tsjeE
Rr2IBvYZH3wLZ9s0EN70C/G25U3BE5qTNwQtDBVzUUjzktYbwIredjw89MBvqn5S
cYWXSA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:51:57 2024 by rpki-client on console-ams.rpki-client.org