Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/WEqDCxa2emjk_Cwu9ZqceluqyLQ.roa
File: WEqDCxa2emjk_Cwu9ZqceluqyLQ.roa (raw, json)
Hash identifier: 3bKUEZNS5F1yx+tSbA8a/h984N512z7i+yCjKeKLDKI=
Subject key identifier: 58:4A:83:0B:16:B6:7A:68:E4:FC:2C:2E:F5:9A:9C:7A:5B:AA:C8:B4
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 018CC42531F3DF541AAE42D367C01AD11EDD
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/WEqDCxa2emjk_Cwu9ZqceluqyLQ.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207503
IP address blocks: 85.199.112.0/22 maxlen: 22
82.193.248.0/24 maxlen: 24
82.193.254.0/24 maxlen: 24
156.67.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:31:f3:df:54:1a:ae:42:d3:67:c0:1a:d1:1e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=584a830b16b67a68e4fc2c2ef59a9c7a5baac8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:dc:9e:97:69:8b:01:40:65:af:ff:90:d0:f1:
e7:71:a2:3e:ea:06:a7:71:b7:23:5a:c1:f1:12:46:
f9:c7:c8:61:66:fc:fd:0e:96:a8:5a:64:d1:f5:0b:
1d:0a:8b:e6:c5:ab:f6:0a:d1:f2:3f:31:f5:f5:02:
d2:05:3d:e9:eb:37:68:d5:ce:a6:ec:83:94:ac:20:
38:11:7e:fc:84:d6:32:71:33:8a:27:0f:a5:49:55:
1a:d2:31:33:c3:43:92:55:f1:68:7b:c3:e4:99:cf:
e1:31:f6:4c:c6:18:26:97:36:5b:40:a8:6c:f7:fd:
80:92:21:3d:15:de:7a:d1:75:cf:23:e9:ce:b9:65:
d7:49:1c:c9:2e:b5:e6:43:ed:e0:2f:c9:30:b1:fb:
46:41:bc:ce:b6:52:bd:ad:22:49:12:db:9a:8e:f4:
c8:27:e5:19:af:9e:37:4b:da:98:87:c2:ce:27:14:
9c:0c:22:5a:2c:fe:2f:0c:cc:2c:14:fa:8c:07:e1:
5f:8c:f5:d0:da:11:8e:62:a5:28:1c:da:98:51:28:
dc:ce:73:01:2e:53:e2:0d:18:f2:bf:ff:ff:f6:14:
83:ce:55:39:13:09:e3:db:6a:04:a9:a7:49:73:3e:
c4:89:71:53:28:10:1d:c9:bd:f7:8c:09:11:b9:3f:
ea:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4A:83:0B:16:B6:7A:68:E4:FC:2C:2E:F5:9A:9C:7A:5B:AA:C8:B4
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/WEqDCxa2emjk_Cwu9ZqceluqyLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.248.0/24
82.193.254.0/24
85.199.112.0/22
156.67.144.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:ee:86:68:77:96:fe:8c:22:86:04:ec:d3:52:94:f9:f1:e7:
1f:ae:a7:76:65:68:d6:b2:bb:d2:01:66:ed:eb:69:fd:fe:18:
28:9a:60:ec:ea:f5:c9:36:f3:19:e5:be:be:de:b3:45:ab:b5:
7c:48:0b:6e:ed:c0:29:94:24:af:2e:47:b5:77:b9:aa:1c:d2:
c2:be:ff:54:19:22:f0:f6:b9:cd:e7:86:7a:c8:7a:aa:1b:95:
b7:cf:3c:ce:3f:1a:33:fc:e6:5f:97:c4:c8:cc:c8:5e:0f:b6:
3f:ff:4d:94:cb:d4:49:ec:93:c5:fe:2e:5b:66:13:53:87:be:
16:db:9b:93:27:c1:af:75:17:5d:af:f9:46:20:f7:6a:3e:2d:
d3:96:d1:6b:b8:81:cb:4e:ac:f1:54:3a:39:47:b7:a2:0a:8b:
47:2f:d2:d4:8d:aa:65:b0:eb:60:2f:9a:94:ec:5b:16:9e:32:
87:f1:90:27:5b:6e:bf:7f:82:8c:2f:b9:f5:82:74:bb:65:93:
83:05:4a:dc:81:0f:e3:28:19:4d:58:b5:3d:52:7a:cc:e7:d1:
e0:8e:77:eb:f7:7f:d8:42:e3:9a:ab:dc:32:59:26:fd:70:22:
4d:6c:2c:39:42:8e:4e:3f:d9:cd:13:7c:51:45:64:93:d0:9a:
87:4d:6a:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJTHz31QarkLTZ8Aa0R7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjMzY5Yzk0NTY5MTRhMTJlMDJkZmZjOGRkNzk5NzRl
YjFlZjgwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRhODMwYjE2YjY3YTY4ZTRmYzJjMmVmNTlhOWM3YTViYWFjOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdyel2mLAUBlr/+Q0PHncaI+6gan
cbcjWsHxEkb5x8hhZvz9DpaoWmTR9QsdCovmxav2CtHyPzH19QLSBT3p6zdo1c6m
7IOUrCA4EX78hNYycTOKJw+lSVUa0jEzw0OSVfFoe8Pkmc/hMfZMxhgmlzZbQKhs
9/2AkiE9Fd560XXPI+nOuWXXSRzJLrXmQ+3gL8kwsftGQbzOtlK9rSJJEtuajvTI
J+UZr543S9qYh8LOJxScDCJaLP4vDMwsFPqMB+FfjPXQ2hGOYqUoHNqYUSjcznMB
LlPiDRjyv///9hSDzlU5Ewnj22oEqadJcz7EiXFTKBAdyb33jAkRuT/qSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFhKgwsWtnpo5PwsLvWanHpbqsi0MB8GA1UdIwQY
MBaAFJ4aw2nJRWkUoS4C3/yN15l06x74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTct
ZDY4YzU3ZGI0Y2FlLzEvV0VxREN4YTJlbWprX0N3dTlacWNlbHVxeUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTctZDY4YzU3ZGI0Y2Fl
LzEvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUsH4AwQA
UsH+AwQCVcdwAwQEnEOQMA0GCSqGSIb3DQEBCwUAA4IBAQCb7oZod5b+jCKGBOzT
UpT58ecfrqd2ZWjWsrvSAWbt62n9/hgommDs6vXJNvMZ5b6+3rNFq7V8SAtu7cAp
lCSvLke1d7mqHNLCvv9UGSLw9rnN54Z6yHqqG5W3zzzOPxoz/OZfl8TIzMheD7Y/
/02Uy9RJ7JPF/i5bZhNTh74W25uTJ8GvdRddr/lGIPdqPi3TltFruIHLTqzxVDo5
R7eiCotHL9LUjaplsOtgL5qU7FsWnjKH8ZAnW26/f4KML7n1gnS7ZZODBUrcgQ/j
KBlNWLU9UnrM59Hgjnfr93/YQuOaq9wyWSb9cCJNbCw5Qo5OP9nNE3xRRWST0JqH
TWog
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:04:13 2024 by rpki-client on console-fra.rpki-client.org