Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/wtBPp3mWWDTkSglu-lhKIxCI1iU.roa
File: wtBPp3mWWDTkSglu-lhKIxCI1iU.roa (raw, json)
Hash identifier: o2Bs9DbvEimatjjxab8w7z5Tl8RnRAFDiBY1A3wn7hs=
Subject key identifier: C2:D0:4F:A7:79:96:58:34:E4:4A:09:6E:FA:58:4A:23:10:88:D6:25
Certificate issuer: /CN=24504c74c7127090a4cff85001f443149e128e60
Certificate serial: 018CC42540BD211A8D375FCDD3D22BA289A9
Authority key identifier: 24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/wtBPp3mWWDTkSglu-lhKIxCI1iU.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39737
IP address blocks: 193.142.241.0/24 maxlen: 24
195.64.169.0/24 maxlen: 24
195.64.168.0/24 maxlen: 24
193.142.205.0/24 maxlen: 24
193.142.223.0/24 maxlen: 24
195.64.152.0/23 maxlen: 23
193.142.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:40:bd:21:1a:8d:37:5f:cd:d3:d2:2b:a2:89:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24504c74c7127090a4cff85001f443149e128e60
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2d04fa779965834e44a096efa584a231088d625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:3b:bd:7e:5f:ba:42:55:40:1d:41:e6:4d:
35:a5:a4:82:fe:d1:f6:87:62:91:24:cf:09:b5:d3:
11:5f:58:21:86:50:82:e8:82:bf:f3:fb:30:bc:72:
25:f9:82:83:2d:09:8b:a9:4d:e3:f9:6b:a5:bd:97:
f3:ef:ae:bf:db:a4:48:50:9e:10:9e:1c:7e:23:10:
f1:e7:a7:22:23:b1:71:39:68:45:3b:84:85:8d:28:
1a:1d:ad:84:4c:94:e8:d8:97:0e:42:4c:02:9c:f7:
ed:fb:ca:01:01:5d:38:3c:83:7c:85:21:05:0c:b7:
99:84:08:56:3a:3f:c1:9a:f0:ee:f6:39:9f:0c:da:
87:fb:10:04:8c:c6:45:86:90:72:5f:98:5a:e8:f3:
ab:b0:b7:54:c8:df:12:03:c5:cd:7f:df:25:e5:c4:
98:0d:4d:16:db:cb:e1:98:82:3e:96:13:73:f0:50:
71:bf:2d:88:57:b1:0d:be:28:a3:0e:b1:8e:5a:27:
0b:9c:ad:66:5b:27:97:6a:74:a5:4f:1e:3b:06:7b:
de:d4:b6:a1:23:d3:9f:f5:42:9a:97:45:a2:f7:d8:
da:fb:ea:c0:ca:2c:51:f2:fc:3b:9b:5b:16:8b:d1:
53:85:97:4e:6b:f8:54:04:e4:e0:a8:91:9d:a5:5a:
2c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D0:4F:A7:79:96:58:34:E4:4A:09:6E:FA:58:4A:23:10:88:D6:25
X509v3 Authority Key Identifier:
keyid:24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/wtBPp3mWWDTkSglu-lhKIxCI1iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.205.0/24
193.142.223.0/24
193.142.234.0/24
193.142.241.0/24
195.64.152.0/23
195.64.168.0/23
Signature Algorithm: sha256WithRSAEncryption
86:42:43:d3:c0:33:16:8d:4f:78:f0:bc:72:5c:b0:54:42:50:
84:06:a7:9e:ca:29:bc:0e:c8:66:a1:5f:31:9e:0d:64:3e:64:
a7:3e:17:e8:d6:c5:78:b7:fc:c6:d1:bf:23:b3:ce:53:45:a1:
6c:6b:b0:1e:b6:c7:83:94:30:1a:5e:ae:02:09:31:e3:37:04:
e9:d9:36:2e:52:1f:74:c2:35:10:b9:1b:b1:6d:3a:ff:b1:36:
a6:c5:94:fe:87:d2:fe:52:12:ee:5f:66:27:a0:48:fc:77:a7:
4d:29:3d:31:3c:3a:10:c4:4b:d0:a1:be:8c:04:56:e2:55:7c:
31:1f:60:f9:d3:cd:a1:1d:fa:66:d8:aa:7f:d0:81:a6:68:4d:
08:67:56:28:eb:07:1b:79:8a:95:3a:e0:07:cf:98:ce:94:d1:
09:2a:9e:3d:d9:1a:a7:7e:07:d1:01:10:60:c9:ab:d3:98:8a:
d6:09:6b:11:b1:6b:62:ce:ad:ff:78:b6:1a:2b:4a:52:22:dc:
d6:b7:46:0b:2b:98:6d:f0:23:e1:74:ce:18:8c:04:77:81:1f:
82:7f:5e:4f:42:94:88:13:a2:6b:0b:4d:77:74:2e:45:2d:6b:
d3:2b:ad:fd:29:d4:27:57:59:88:87:b1:29:cb:1f:a9:78:27:
b4:08:0a:e5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJUC9IRqNN1/N09IroompMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTA0Yzc0YzcxMjcwOTBhNGNmZjg1MDAxZjQ0MzE0OWUx
MjhlNjAwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQwNGZhNzc5OTY1ODM0ZTQ0YTA5NmVmYTU4NGEyMzEwODhkNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRE7vX5fukJVQB1B5k01paSC/tH2
h2KRJM8JtdMRX1ghhlCC6IK/8/swvHIl+YKDLQmLqU3j+WulvZfz766/26RIUJ4Q
nhx+IxDx56ciI7FxOWhFO4SFjSgaHa2ETJTo2JcOQkwCnPft+8oBAV04PIN8hSEF
DLeZhAhWOj/BmvDu9jmfDNqH+xAEjMZFhpByX5ha6POrsLdUyN8SA8XNf98l5cSY
DU0W28vhmII+lhNz8FBxvy2IV7ENviijDrGOWicLnK1mWyeXanSlTx47Bnve1Lah
I9Of9UKal0Wi99ja++rAyixR8vw7m1sWi9FThZdOa/hUBOTgqJGdpVosEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMLQT6d5llg05EoJbvpYSiMQiNYlMB8GA1UdIwQY
MBaAFCRQTHTHEnCQpM/4UAH0QxSeEo5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQt
ZDA2MjJjNGNkNDhkLzEvd3RCUHAzbVdXRFRrU2dsdS1saEtJeENJMWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQtZDA2MjJjNGNkNDhk
LzEvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwY7NAwQA
wY7fAwQAwY7qAwQAwY7xAwQBw0CYAwQBw0CoMA0GCSqGSIb3DQEBCwUAA4IBAQCG
QkPTwDMWjU948LxyXLBUQlCEBqeeyim8DshmoV8xng1kPmSnPhfo1sV4t/zG0b8j
s85TRaFsa7AetseDlDAaXq4CCTHjNwTp2TYuUh90wjUQuRuxbTr/sTamxZT+h9L+
UhLuX2YnoEj8d6dNKT0xPDoQxEvQob6MBFbiVXwxH2D5082hHfpm2Kp/0IGmaE0I
Z1Yo6wcbeYqVOuAHz5jOlNEJKp492RqnfgfRARBgyavTmIrWCWsRsWtizq3/eLYa
K0pSItzWt0YLK5ht8CPhdM4YjAR3gR+Cf15PQpSIE6JrC013dC5FLWvTK639KdQn
V1mIh7Epyx+peCe0CArl
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:09 2024 by rpki-client on console-ams.rpki-client.org