Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/9uIqdgswibvO-wpT5yR5FhXom7A.roa
File: 9uIqdgswibvO-wpT5yR5FhXom7A.roa (raw, json)
Hash identifier: L5AuZErIyq+TNm55LAH5yH+iR0JKrLvoH1k/D1UsKyo=
Subject key identifier: F6:E2:2A:76:0B:30:89:BB:CE:FB:0A:53:E7:24:79:16:15:E8:9B:B0
Certificate issuer: /CN=ee0581767af4579e44da977b1082d94b3c7b9298
Certificate serial: 018CC349197E2ADC3934FC62C3461C519609
Authority key identifier: EE:05:81:76:7A:F4:57:9E:44:DA:97:7B:10:82:D9:4B:3C:7B:92:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/9uIqdgswibvO-wpT5yR5FhXom7A.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59771
IP address blocks: 193.105.119.0/24 maxlen: 24
195.85.224.0/24 maxlen: 24
2001:678:39c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:19:7e:2a:dc:39:34:fc:62:c3:46:1c:51:96:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0581767af4579e44da977b1082d94b3c7b9298
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6e22a760b3089bbcefb0a53e724791615e89bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:20:4e:7e:ba:49:f3:df:71:52:31:c8:23:3c:
10:92:b1:59:aa:08:6e:29:b0:6e:97:67:1f:cb:26:
76:2c:e8:8b:11:19:fb:75:1c:ab:f6:26:e6:04:12:
0d:de:b0:22:5d:af:03:4f:3e:ac:07:f3:fe:78:71:
1e:66:84:f9:32:fc:12:1c:a0:4e:94:4b:10:54:f9:
e2:41:e9:0e:a6:4d:de:7f:31:53:b7:ab:a5:c6:23:
e2:e8:2c:e5:e7:0a:e8:6a:04:02:91:c9:7e:83:03:
7d:c4:bd:cb:86:f0:10:6e:f1:bb:a6:43:fe:38:8e:
7e:ed:c7:34:f9:e0:b2:42:3d:cb:5c:54:1e:a8:58:
c2:f4:8f:aa:f3:78:50:fd:f8:03:3e:39:f8:56:05:
9b:54:3b:5a:be:a7:19:f3:1f:99:a8:3e:74:23:b5:
08:a4:8a:77:85:e0:8b:df:a3:ea:c0:71:ee:8e:a1:
d3:02:bf:d4:9d:e6:06:fd:7a:7f:54:db:d4:04:75:
c2:6e:dc:13:b6:ad:71:9d:eb:ac:2f:e0:5c:11:fd:
ef:6a:9b:d1:e7:85:0d:1b:1f:ea:14:ba:28:9c:0b:
69:39:7a:ed:f5:69:88:d3:8d:5d:a7:71:57:ee:f8:
e9:98:a6:33:58:11:b8:80:e1:4d:18:aa:b8:53:fe:
85:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E2:2A:76:0B:30:89:BB:CE:FB:0A:53:E7:24:79:16:15:E8:9B:B0
X509v3 Authority Key Identifier:
keyid:EE:05:81:76:7A:F4:57:9E:44:DA:97:7B:10:82:D9:4B:3C:7B:92:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/9uIqdgswibvO-wpT5yR5FhXom7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.119.0/24
195.85.224.0/24
IPv6:
2001:678:39c::/48
Signature Algorithm: sha256WithRSAEncryption
a5:1e:a2:e4:1d:e0:5b:a0:80:d8:4b:e2:c3:44:2f:be:d4:f4:
d4:c4:de:cb:06:62:9b:5a:9a:46:60:1f:f2:18:fc:13:51:af:
2d:74:bf:60:84:67:89:c4:42:8f:7e:a9:c2:61:b1:3f:46:f2:
79:70:b5:52:05:f7:e3:bb:f8:bd:82:16:40:00:29:b2:9e:bf:
9b:a6:cf:e3:1a:c6:e1:c5:5b:db:eb:c9:d2:70:77:ce:c2:da:
e0:dc:b1:2d:38:35:81:78:eb:50:e8:76:ae:5a:5c:8e:d3:92:
ff:f3:b9:60:9d:be:ea:d4:63:1c:da:1a:58:ff:b6:7c:a8:ff:
ed:fc:25:47:5c:c1:91:04:05:8d:2f:18:69:b0:ec:fb:83:d1:
70:05:d0:ac:c0:cc:97:48:d9:35:b9:88:8f:c1:f3:f7:f0:2e:
84:7f:56:e0:2b:b6:1d:d9:cd:71:4d:c4:a0:0e:e0:d9:b8:93:
ab:63:3b:b2:20:07:31:b9:15:4f:2b:f6:62:05:39:44:e4:99:
b6:2d:52:50:ef:0e:8e:74:54:1c:1c:62:5e:8f:2f:b6:02:da:
39:ac:0a:b9:27:66:3b:43:e3:11:1f:32:13:18:1e:b3:74:45:
2c:6b:44:9b:de:30:55:7e:4a:a6:61:27:b9:5b:21:30:11:54:
f5:b2:e1:67
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSRl+Ktw5NPxiw0YcUZYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDU4MTc2N2FmNDU3OWU0NGRhOTc3YjEwODJkOTRiM2M3
YjkyOTgwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmUyMmE3NjBiMzA4OWJiY2VmYjBhNTNlNzI0NzkxNjE1ZTg5YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiBOfrpJ899xUjHIIzwQkrFZqghu
KbBul2cfyyZ2LOiLERn7dRyr9ibmBBIN3rAiXa8DTz6sB/P+eHEeZoT5MvwSHKBO
lEsQVPniQekOpk3efzFTt6ulxiPi6Czl5wroagQCkcl+gwN9xL3LhvAQbvG7pkP+
OI5+7cc0+eCyQj3LXFQeqFjC9I+q83hQ/fgDPjn4VgWbVDtavqcZ8x+ZqD50I7UI
pIp3heCL36PqwHHujqHTAr/UneYG/Xp/VNvUBHXCbtwTtq1xneusL+BcEf3vapvR
54UNGx/qFLoonAtpOXrt9WmI041dp3FX7vjpmKYzWBG4gOFNGKq4U/6FEQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPbiKnYLMIm7zvsKU+ckeRYV6JuwMB8GA1UdIwQY
MBaAFO4FgXZ69FeeRNqXexCC2Us8e5KYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dXQmRucjBWNTVFMnBkN0VJTFpTeng3a3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wYjhmMTEtYTAxMS00NzY0LWJjZjMt
NmRiYmEyYjFkY2E3LzEvOXVJcWRnc3dpYnZPLXdwVDV5UjVGaFhvbTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wYjhmMTEtYTAxMS00NzY0LWJjZjMtNmRiYmEyYjFkY2E3
LzEvN2dXQmRucjBWNTVFMnBkN0VJTFpTeng3a3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWl3AwQA
w1XgMA8EAgACMAkDBwAgAQZ4A5wwDQYJKoZIhvcNAQELBQADggEBAKUeouQd4Fug
gNhL4sNEL77U9NTE3ssGYptamkZgH/IY/BNRry10v2CEZ4nEQo9+qcJhsT9G8nlw
tVIF9+O7+L2CFkAAKbKev5umz+MaxuHFW9vrydJwd87C2uDcsS04NYF461Dodq5a
XI7Tkv/zuWCdvurUYxzaGlj/tnyo/+38JUdcwZEEBY0vGGmw7PuD0XAF0KzAzJdI
2TW5iI/B8/fwLoR/VuArth3ZzXFNxKAO4Nm4k6tjO7IgBzG5FU8r9mIFOUTkmbYt
UlDvDo50VBwcYl6PL7YC2jmsCrknZjtD4xEfMhMYHrN0RSxrRJveMFV+SqZhJ7lb
ITARVPWy4Wc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:34:29 2024 by rpki-client on console-ams.rpki-client.org