Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/CliSfF1Lk74J61-IPpZDTTZStoU.roa
File: CliSfF1Lk74J61-IPpZDTTZStoU.roa (raw, json)
Hash identifier: f4uLAGYlsJO0oevdpCBtgxXsB1xVZy6sTUKYqWZrEBo=
Subject key identifier: 0A:58:92:7C:5D:4B:93:BE:09:EB:5F:88:3E:96:43:4D:36:52:B6:85
Certificate issuer: /CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Certificate serial: 018CC8DF80F6CC56E23857B0A8722BFAC20A
Authority key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/CliSfF1Lk74J61-IPpZDTTZStoU.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.111.200.0/24 maxlen: 24
109.224.233.0/24 maxlen: 24
195.74.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:80:f6:cc:56:e2:38:57:b0:a8:72:2b:fa:c2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a58927c5d4b93be09eb5f883e96434d3652b685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:23:95:c2:cd:54:26:25:68:0b:9f:df:39:9b:
46:09:b8:0c:e0:44:f7:43:80:8c:3d:c5:19:b4:0b:
da:43:13:46:7f:9f:8e:5c:73:6d:e7:a6:71:d9:ee:
03:fa:ab:fd:02:55:6f:3a:2b:2e:4c:5f:f2:61:b0:
5d:55:be:e6:d9:2d:e0:f2:4a:de:a3:45:87:6e:17:
fb:4b:c0:3f:a5:74:4a:3a:78:0b:b8:22:c4:aa:32:
ea:cc:af:3a:f6:17:a0:5e:58:ba:5b:18:f5:f9:c7:
56:6d:8f:75:42:2e:be:4f:9e:d8:7e:0a:5f:d2:38:
e5:dc:b1:87:50:9b:c2:ed:8f:77:0f:bf:1b:72:65:
ce:56:65:8a:18:da:91:86:be:df:5b:56:e0:58:fb:
f0:4c:00:2a:a2:81:c1:f8:90:fc:0f:8b:ad:b9:78:
f4:88:23:5f:f9:49:70:da:be:e6:a6:86:f6:b2:4a:
7c:6a:d3:a5:44:1c:21:27:f6:19:6c:9d:bd:58:0d:
25:a1:be:4b:6e:bd:bf:c0:91:03:16:be:be:25:79:
ce:02:aa:42:3e:cd:63:a5:58:97:79:69:b1:f2:98:
27:86:96:8c:90:62:c9:d8:fa:d3:92:0f:b2:fa:24:
01:9e:c5:03:46:fa:80:95:7f:87:84:45:8c:45:16:
00:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:58:92:7C:5D:4B:93:BE:09:EB:5F:88:3E:96:43:4D:36:52:B6:85
X509v3 Authority Key Identifier:
keyid:02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/CliSfF1Lk74J61-IPpZDTTZStoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.233.0/24
193.111.200.0/24
195.74.60.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:2d:26:2b:11:d0:11:94:f5:c0:03:f4:b7:b3:7a:14:6a:df:
3b:64:48:a4:a5:1a:58:46:d5:54:b6:ef:c5:5f:61:c8:60:25:
c4:9a:31:f6:3d:d4:dd:b6:1a:2b:39:71:cd:09:ff:9c:8b:44:
6b:4d:c9:7f:e4:82:b1:5e:d2:59:94:bc:9b:f2:0e:84:1f:c4:
de:6e:62:ce:83:44:fe:88:02:20:04:59:f1:a8:cc:6a:f1:6c:
9c:6d:f0:19:b9:70:36:cd:b8:ab:0e:22:62:71:60:00:cc:b7:
47:74:ce:66:c0:8c:95:8d:91:43:51:62:d5:b9:11:b6:38:26:
28:c8:7a:18:8c:c5:06:f0:ad:5b:4b:b5:bb:76:48:c5:69:3c:
d4:ff:0f:77:f0:36:19:c4:f2:4e:72:e6:08:01:68:4b:08:71:
98:dc:10:0c:b3:b2:f6:28:f9:00:23:6c:0e:b8:ab:cb:86:a6:
c7:49:e5:67:46:5e:b1:1c:97:fd:86:ec:a4:64:ac:45:a8:f5:
7f:70:52:27:3c:44:e3:f2:b1:50:96:9f:69:26:f1:e3:af:bd:
7d:d5:df:ec:6a:ad:4f:55:22:d7:08:7f:6c:9f:27:89:59:8c:
25:ba:46:b4:8d:d5:14:e6:f7:e6:94:5e:d5:c6:a8:01:00:7d:
03:d6:6d:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI34D2zFbiOFewqHIr+sIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjk4MGMxMGQ3MTEwZjkxZmZmOWUwZWNlYjYzOWQ5ZTc1
YjM1ZTIwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU4OTI3YzVkNGI5M2JlMDllYjVmODgzZTk2NDM0ZDM2NTJiNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yOVws1UJiVoC5/fOZtGCbgM4ET3
Q4CMPcUZtAvaQxNGf5+OXHNt56Zx2e4D+qv9AlVvOisuTF/yYbBdVb7m2S3g8kre
o0WHbhf7S8A/pXRKOngLuCLEqjLqzK869hegXli6Wxj1+cdWbY91Qi6+T57Yfgpf
0jjl3LGHUJvC7Y93D78bcmXOVmWKGNqRhr7fW1bgWPvwTAAqooHB+JD8D4utuXj0
iCNf+Ulw2r7mpob2skp8atOlRBwhJ/YZbJ29WA0lob5Lbr2/wJEDFr6+JXnOAqpC
Ps1jpViXeWmx8pgnhpaMkGLJ2PrTkg+y+iQBnsUDRvqAlX+HhEWMRRYAEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFApYknxdS5O+CetfiD6WQ002UraFMB8GA1UdIwQY
MBaAFAK5gMENcRD5H/+eDs62OdnnWzXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUt
NzBjMGE1MDZkNzk3LzEvQ2xpU2ZGMUxrNzRKNjEtSVBwWkRUVFpTdG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUtNzBjMGE1MDZkNzk3
LzEvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDpAwQA
wW/IAwQAw0o8MA0GCSqGSIb3DQEBCwUAA4IBAQCyLSYrEdARlPXAA/S3s3oUat87
ZEikpRpYRtVUtu/FX2HIYCXEmjH2PdTdthorOXHNCf+ci0RrTcl/5IKxXtJZlLyb
8g6EH8TebmLOg0T+iAIgBFnxqMxq8WycbfAZuXA2zbirDiJicWAAzLdHdM5mwIyV
jZFDUWLVuRG2OCYoyHoYjMUG8K1bS7W7dkjFaTzU/w938DYZxPJOcuYIAWhLCHGY
3BAMs7L2KPkAI2wOuKvLhqbHSeVnRl6xHJf9huykZKxFqPV/cFInPETj8rFQlp9p
JvHjr7191d/saq1PVSLXCH9snyeJWYwluka0jdUU5vfmlF7VxqgBAH0D1m0D
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:03 2024 by rpki-client on console-fra.rpki-client.org