Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/aDrbGQx9gzP2tsTjLCblnFQw8jg.roa
File: aDrbGQx9gzP2tsTjLCblnFQw8jg.roa (raw, json)
Hash identifier: Xm6ugMLizNF6qINyGJES9+e+fFun482jECSNkFJaANQ=
Subject key identifier: 68:3A:DB:19:0C:7D:83:33:F6:B6:C4:E3:2C:26:E5:9C:54:30:F2:38
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F81B9AF636B2A33DE91D455EA337
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/aDrbGQx9gzP2tsTjLCblnFQw8jg.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9069
IP address blocks: 195.130.96.0/20 maxlen: 20
195.251.64.0/19 maxlen: 19
83.212.64.0/22 maxlen: 22
2001:648:2330::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f8:1b:9a:f6:36:b2:a3:3d:e9:1d:45:5e:a3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=683adb190c7d8333f6b6c4e32c26e59c5430f238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:01:ad:86:eb:a7:55:61:04:fe:46:ad:3b:7e:
73:57:44:c3:09:b9:4c:f1:10:da:83:fc:ce:f0:52:
eb:f3:50:d4:e0:16:78:a1:d8:50:ad:19:b3:2b:f7:
07:03:fc:52:51:62:1c:be:21:69:74:df:9e:01:94:
70:40:42:54:1d:72:f8:de:ec:b1:93:fb:ee:7b:bd:
61:26:aa:73:f5:93:87:eb:cb:b3:e8:2d:c5:76:fc:
a3:46:b0:a3:53:b9:3b:81:1a:0b:db:c4:ff:24:78:
99:f6:c9:dc:87:e3:c4:15:c2:31:07:00:99:0f:30:
a6:9e:46:6a:a2:58:f6:4b:30:9e:b9:67:d7:8d:b3:
a8:b8:7f:92:2a:77:ea:d3:25:c4:ea:91:73:f8:ec:
40:91:f5:41:68:62:78:d2:13:29:5a:59:86:34:fa:
7c:37:0a:36:da:cb:d9:4f:7d:c2:3f:07:65:b5:8f:
a2:1d:4a:e0:70:35:28:d8:93:6b:02:06:9f:94:08:
00:48:f7:c3:d3:d2:e5:dd:e6:66:b1:92:78:25:13:
97:06:19:c5:aa:8e:50:42:b0:29:3d:3e:10:81:fb:
d2:fb:32:9d:2f:fc:e7:ca:df:d1:4f:01:76:e4:b3:
48:36:ed:4c:cc:b1:a0:e3:3d:86:14:80:e8:7c:4c:
5d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3A:DB:19:0C:7D:83:33:F6:B6:C4:E3:2C:26:E5:9C:54:30:F2:38
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/aDrbGQx9gzP2tsTjLCblnFQw8jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.64.0/22
195.130.96.0/20
195.251.64.0/19
IPv6:
2001:648:2330::/48
Signature Algorithm: sha256WithRSAEncryption
ab:a4:f7:39:96:13:fa:b5:45:ce:14:c9:4d:9b:37:9b:b2:1c:
b5:80:6f:19:d5:80:14:74:b5:43:1e:0c:01:5e:37:19:59:44:
0d:07:10:25:ef:97:76:98:76:f8:5e:29:a6:63:11:1c:33:de:
17:c0:4f:57:b7:ea:93:6a:90:4f:f4:68:fa:32:c1:7b:f9:7f:
b7:0c:bc:3b:51:18:64:9f:6e:93:78:5d:60:e0:0d:5a:82:4b:
9b:c6:e4:47:bd:f2:96:a7:9c:3f:bd:17:2c:70:9e:6a:98:7d:
13:6a:4e:92:9d:84:13:b5:62:47:62:bd:49:20:42:e0:69:76:
9c:0c:5c:88:35:21:19:78:bc:29:cc:89:1a:19:4d:eb:29:02:
67:a8:6f:df:31:ed:75:4c:04:3e:eb:32:cc:e2:65:6c:c9:95:
69:ca:3f:9d:db:d6:04:3f:32:da:fb:f4:1b:f9:82:90:b1:f1:
95:1a:14:5b:ef:58:88:30:50:07:42:ac:0c:c7:16:65:71:75:
36:b1:18:11:a9:76:2a:e9:bd:aa:3c:17:d5:df:d3:a8:0b:70:
2c:e3:7b:12:cb:a3:bb:34:39:fe:d7:c2:0b:f4:9a:59:bd:ff:
40:87:4f:2f:b9:f6:20:fa:6d:7b:0e:7f:c4:9d:c2:dc:4e:95:
bb:71:ca:87
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDSPgbmvY2sqM96R1FXqM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNhZGIxOTBjN2Q4MzMzZjZiNmM0ZTMyYzI2ZTU5YzU0MzBmMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQGthuunVWEE/katO35zV0TDCblM
8RDag/zO8FLr81DU4BZ4odhQrRmzK/cHA/xSUWIcviFpdN+eAZRwQEJUHXL43uyx
k/vue71hJqpz9ZOH68uz6C3FdvyjRrCjU7k7gRoL28T/JHiZ9snch+PEFcIxBwCZ
DzCmnkZqolj2SzCeuWfXjbOouH+SKnfq0yXE6pFz+OxAkfVBaGJ40hMpWlmGNPp8
Nwo22svZT33CPwdltY+iHUrgcDUo2JNrAgaflAgASPfD09Ll3eZmsZJ4JROXBhnF
qo5QQrApPT4QgfvS+zKdL/znyt/RTwF25LNINu1MzLGg4z2GFIDofExdTQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGg62xkMfYMz9rbE4ywm5ZxUMPI4MB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvYURyYkdReDlnelAydHNUakxDYmxuRlF3OGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCU9RAAwQE
w4JgAwQFw/tAMA8EAgACMAkDBwAgAQZIIzAwDQYJKoZIhvcNAQELBQADggEBAKuk
9zmWE/q1Rc4UyU2bN5uyHLWAbxnVgBR0tUMeDAFeNxlZRA0HECXvl3aYdvheKaZj
ERwz3hfAT1e36pNqkE/0aPoywXv5f7cMvDtRGGSfbpN4XWDgDVqCS5vG5Ee98pan
nD+9FyxwnmqYfRNqTpKdhBO1YkdivUkgQuBpdpwMXIg1IRl4vCnMiRoZTespAmeo
b98x7XVMBD7rMsziZWzJlWnKP53b1gQ/Mtr79Bv5gpCx8ZUaFFvvWIgwUAdCrAzH
FmVxdTaxGBGpdirpvao8F9Xf06gLcCzjexLLo7s0Of7Xwgv0mlm9/0CHTy+59iD6
bXsOf8SdwtxOlbtxyoc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:33 2024 by rpki-client on console-ams.rpki-client.org