Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/cKWNuXQo7vKmcn3wZWNk7KWO5Ig.roa
File: cKWNuXQo7vKmcn3wZWNk7KWO5Ig.roa (raw, json)
Hash identifier: f0ceNAmLDzLHSgNp7/SZyLnSwDgECdgch9ZAzQsM2Wo=
Subject key identifier: 70:A5:8D:B9:74:28:EE:F2:A6:72:7D:F0:65:63:64:EC:A5:8E:E4:88
Certificate issuer: /CN=d547cf9f27767477120b1d3b26cc57a61099a724
Certificate serial: 01912E72DB2C9BBBAAA0D5D6DD3E6C756848
Authority key identifier: D5:47:CF:9F:27:76:74:77:12:0B:1D:3B:26:CC:57:A6:10:99:A7:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/cKWNuXQo7vKmcn3wZWNk7KWO5Ig.roa
Signing time: Wed 07 Aug 2024 20:06:04 +0000
ROA not before: Wed 07 Aug 2024 20:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47705
IP address blocks: 109.197.166.0/23 maxlen: 23
176.97.56.0/21 maxlen: 21
192.162.208.0/22 maxlen: 22
192.162.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2e:72:db:2c:9b:bb:aa:a0:d5:d6:dd:3e:6c:75:68:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d547cf9f27767477120b1d3b26cc57a61099a724
Validity
Not Before: Aug 7 20:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70a58db97428eef2a6727df0656364eca58ee488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:66:ac:a7:ad:e4:64:44:c1:58:c1:d5:c4:
7c:a7:d1:c9:83:1e:7f:e5:ba:e7:02:d5:00:ac:66:
48:05:ed:84:d8:2f:7a:60:67:2a:14:65:22:9f:35:
b1:7c:35:05:bf:3c:d0:b3:3b:0e:f9:08:d4:2d:0d:
75:9b:f2:a6:b6:cd:2e:f1:3b:96:08:b2:b2:f0:0e:
8a:c0:03:40:35:19:45:72:22:c8:f4:b7:64:9d:91:
a4:08:84:93:eb:f5:e7:9f:92:9c:77:f4:f7:cb:7d:
22:66:12:7c:6a:f3:6e:5e:29:c9:23:b6:df:20:fc:
da:2c:c9:26:99:2e:7c:1e:d0:bf:b7:6f:87:06:9e:
aa:4b:5f:a8:6e:a5:e3:90:0c:66:4c:65:49:d0:21:
df:9c:87:e7:d9:f7:08:4c:1a:bd:77:1a:13:80:a4:
78:a0:b7:b2:9c:05:2e:96:67:b6:d5:77:bc:37:97:
2e:79:f3:41:32:56:83:8c:6d:1e:a6:e4:b7:f2:98:
7e:95:27:02:c9:51:aa:37:77:e1:dd:68:81:7a:78:
f3:c5:65:7d:70:c2:3f:e5:03:4c:3e:7b:ed:a4:73:
3d:e3:8c:57:24:03:eb:4f:77:ab:b0:3c:08:76:32:
e3:0a:78:5f:f9:37:14:84:19:31:f9:84:d0:d1:84:
da:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A5:8D:B9:74:28:EE:F2:A6:72:7D:F0:65:63:64:EC:A5:8E:E4:88
X509v3 Authority Key Identifier:
keyid:D5:47:CF:9F:27:76:74:77:12:0B:1D:3B:26:CC:57:A6:10:99:A7:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/cKWNuXQo7vKmcn3wZWNk7KWO5Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.166.0/23
176.97.56.0/21
192.162.208.0/22
Signature Algorithm: sha256WithRSAEncryption
49:a3:a9:53:91:bc:06:80:7d:2d:8a:04:fc:55:8e:43:ee:9d:
34:53:96:d9:2d:33:5a:99:e6:2e:fe:45:35:1d:18:d9:7b:2b:
ea:fa:f7:d5:ef:b4:05:6e:4e:3b:67:9b:b8:0a:d8:ca:e3:95:
6c:f5:d9:e9:40:ce:8d:7d:9f:c7:49:4a:46:92:0d:8d:8a:53:
1f:ea:a2:2e:b4:3f:ae:03:57:cf:2b:10:75:a6:1c:a5:9a:42:
9c:f7:e7:9b:29:63:5a:02:5a:a2:68:66:91:c3:f0:0e:e9:87:
eb:3c:9d:65:8a:97:ea:56:fb:0a:c6:46:c0:8e:cf:2c:0c:9d:
72:05:21:c6:7f:33:5e:5d:3f:cb:6e:64:a3:26:f5:b1:60:37:
8d:b7:da:11:1c:b2:49:01:62:8f:21:79:fa:91:d1:30:b5:d6:
1d:d0:e5:4e:ae:85:76:cf:86:32:25:1f:81:e0:71:f5:14:c8:
93:9e:3a:28:c2:9f:e9:32:d9:a0:d8:01:e7:b9:ee:d6:30:7c:
be:a7:a3:cd:09:7b:cb:97:a4:a6:2a:2e:4f:c3:c9:89:ec:a8:
f8:f8:09:89:63:6e:8a:82:e7:9e:59:56:9a:d7:08:38:51:cd:
d2:f3:0c:cc:00:ad:23:37:a7:0b:5b:c8:99:1e:ef:61:96:26:
52:36:ff:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEuctssm7uqoNXW3T5sdWhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NDdjZjlmMjc3Njc0NzcxMjBiMWQzYjI2Y2M1N2E2MTA5
OWE3MjQwHhcNMjQwODA3MjAwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE1OGRiOTc0MjhlZWYyYTY3MjdkZjA2NTYzNjRlY2E1OGVlNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUFmrKet5GREwVjB1cR8p9HJgx5/
5brnAtUArGZIBe2E2C96YGcqFGUinzWxfDUFvzzQszsO+QjULQ11m/Kmts0u8TuW
CLKy8A6KwANANRlFciLI9LdknZGkCIST6/Xnn5Kcd/T3y30iZhJ8avNuXinJI7bf
IPzaLMkmmS58HtC/t2+HBp6qS1+obqXjkAxmTGVJ0CHfnIfn2fcITBq9dxoTgKR4
oLeynAUulme21Xe8N5cuefNBMlaDjG0epuS38ph+lScCyVGqN3fh3WiBenjzxWV9
cMI/5QNMPnvtpHM944xXJAPrT3ersDwIdjLjCnhf+TcUhBkx+YTQ0YTa4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHCljbl0KO7ypnJ98GVjZOyljuSIMB8GA1UdIwQY
MBaAFNVHz58ndnR3EgsdOybMV6YQmackMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVVmUG55ZDJkSGNTQ3gwN0pzeFhwaENacHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wNjNlNTktOWU5NC00ZTkxLThiN2Ut
NmY0ZGUwMjBhYWU2LzEvY0tXTnVYUW83dkttY24zd1pXTms3S1dPNUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wNjNlNTktOWU5NC00ZTkxLThiN2UtNmY0ZGUwMjBhYWU2
LzEvMVVmUG55ZDJkSGNTQ3gwN0pzeFhwaENacHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbcWmAwQD
sGE4AwQCwKLQMA0GCSqGSIb3DQEBCwUAA4IBAQBJo6lTkbwGgH0tigT8VY5D7p00
U5bZLTNameYu/kU1HRjZeyvq+vfV77QFbk47Z5u4CtjK45Vs9dnpQM6NfZ/HSUpG
kg2NilMf6qIutD+uA1fPKxB1phylmkKc9+ebKWNaAlqiaGaRw/AO6YfrPJ1lipfq
VvsKxkbAjs8sDJ1yBSHGfzNeXT/LbmSjJvWxYDeNt9oRHLJJAWKPIXn6kdEwtdYd
0OVOroV2z4YyJR+B4HH1FMiTnjoowp/pMtmg2AHnue7WMHy+p6PNCXvLl6SmKi5P
w8mJ7Kj4+AmJY26KgueeWVaa1wg4Uc3S8wzMAK0jN6cLW8iZHu9hliZSNv/H
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:08 2024 by rpki-client on console-fra.rpki-client.org