Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/wCcTjDuqoN-DJ1sYunMef5Qaa78.roa
File: wCcTjDuqoN-DJ1sYunMef5Qaa78.roa (raw, json)
Hash identifier: ZPfrcuOtSZLTNj06rQvS/LKuC0YzTSeizUqEqYZMsVI=
Subject key identifier: C0:27:13:8C:3B:AA:A0:DF:83:27:5B:18:BA:73:1E:7F:94:1A:6B:BF
Certificate issuer: /CN=0c1e6d5e72daf4108cf60bd47e936df1a1e97226
Certificate serial: 018CC2DAB50434945134F728DC5739BD3D8D
Authority key identifier: 0C:1E:6D:5E:72:DA:F4:10:8C:F6:0B:D4:7E:93:6D:F1:A1:E9:72:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/wCcTjDuqoN-DJ1sYunMef5Qaa78.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206211
IP address blocks: 185.247.240.0/24 maxlen: 24
185.247.243.0/24 maxlen: 24
2a0d:d180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/DB5tXnLa9BCM9gvUfpNt8aHpciY.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/DB5tXnLa9BCM9gvUfpNt8aHpciY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 13:02:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b5:04:34:94:51:34:f7:28:dc:57:39:bd:3d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1e6d5e72daf4108cf60bd47e936df1a1e97226
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c027138c3baaa0df83275b18ba731e7f941a6bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:72:fc:f8:0b:74:ce:7f:04:f6:55:34:e4:b2:
0d:e9:97:74:2c:20:e5:54:3c:3d:2d:e8:8c:3c:f6:
de:98:9a:ff:2b:8f:65:ff:0c:34:a2:6f:85:e6:13:
a8:fe:36:86:11:87:e3:1e:3b:e9:86:8c:74:45:0c:
7d:03:f8:b1:e6:f0:a0:ed:e7:3b:53:2c:6a:66:1e:
df:d7:ec:2c:ae:99:37:8c:07:f0:58:92:be:27:09:
01:5b:b6:e5:a6:cf:c1:62:05:0f:5e:9b:2f:c5:df:
5d:5b:af:76:af:5a:84:d0:ab:55:7d:a1:81:ee:bd:
50:2a:66:eb:25:58:b7:6b:56:47:3d:97:96:c4:e9:
9e:3a:b4:d6:16:46:b1:72:07:28:f7:2a:18:57:0a:
98:33:05:ab:d0:7c:34:e1:59:e6:80:aa:a2:b4:98:
58:13:00:69:96:1f:ad:3e:bf:06:01:02:ed:bf:2b:
0c:3f:16:d5:8a:20:04:e3:e0:80:56:68:89:c0:6d:
bf:7d:89:6c:61:8a:59:e5:e6:33:eb:71:ea:02:71:
2d:4c:68:20:25:76:d0:4d:f2:79:a0:5c:3f:86:1c:
63:6c:e9:0f:a4:5d:34:e7:1b:31:62:c5:a2:d3:34:
c8:7e:f1:b5:97:86:4d:81:50:dc:e2:3a:e5:a1:d4:
0a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:27:13:8C:3B:AA:A0:DF:83:27:5B:18:BA:73:1E:7F:94:1A:6B:BF
X509v3 Authority Key Identifier:
keyid:0C:1E:6D:5E:72:DA:F4:10:8C:F6:0B:D4:7E:93:6D:F1:A1:E9:72:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/wCcTjDuqoN-DJ1sYunMef5Qaa78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/DB5tXnLa9BCM9gvUfpNt8aHpciY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.240.0/24
185.247.243.0/24
IPv6:
2a0d:d180::/29
Signature Algorithm: sha256WithRSAEncryption
b6:5c:14:5e:4c:f0:9a:c7:53:be:ce:96:4b:f4:bf:f2:1d:d2:
18:99:5f:5f:85:15:51:61:a3:fc:a0:56:9c:4b:69:dc:3d:8c:
4d:21:e6:08:a3:89:7c:e7:10:30:3e:8f:bc:d8:2d:a3:99:22:
ba:52:b0:97:8b:77:4f:57:14:a5:ab:dd:df:47:21:0c:62:2a:
f4:0b:6a:c9:f3:59:3e:24:02:76:78:76:56:e1:75:57:eb:69:
07:9e:5e:8e:61:94:27:da:48:82:bd:55:7e:44:d7:24:1b:05:
a0:d3:43:22:72:ff:45:05:73:f1:c5:cd:2e:bb:7e:76:2d:20:
93:5f:ef:a5:ac:a2:cc:d8:9c:ff:57:64:19:a7:9d:fe:37:92:
1b:b6:0d:19:7d:65:9d:af:c5:1e:3a:b0:1e:f9:15:27:26:5b:
76:d2:8e:d2:8a:fc:58:ce:c1:cb:a5:91:69:d9:3f:a7:e3:09:
8e:bc:c2:ef:86:66:56:55:5c:11:4a:fa:d2:15:19:c0:2b:3c:
0c:49:9f:00:90:0a:77:bf:b6:f5:46:b0:bc:da:a7:d8:67:b2:
42:0e:46:27:4a:d7:75:5f:7f:ce:6e:8d:25:54:c2:9c:84:71:
b1:45:c2:4d:5e:e1:a3:80:94:7b:ac:eb:81:9b:ea:03:1b:65:
6b:44:8f:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2rUENJRRNPco3Fc5vT2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMWU2ZDVlNzJkYWY0MTA4Y2Y2MGJkNDdlOTM2ZGYxYTFl
OTcyMjYwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI3MTM4YzNiYWFhMGRmODMyNzViMThiYTczMWU3Zjk0MWE2YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3L8+At0zn8E9lU05LIN6Zd0LCDl
VDw9LeiMPPbemJr/K49l/ww0om+F5hOo/jaGEYfjHjvphox0RQx9A/ix5vCg7ec7
UyxqZh7f1+wsrpk3jAfwWJK+JwkBW7blps/BYgUPXpsvxd9dW692r1qE0KtVfaGB
7r1QKmbrJVi3a1ZHPZeWxOmeOrTWFkaxcgco9yoYVwqYMwWr0Hw04VnmgKqitJhY
EwBplh+tPr8GAQLtvysMPxbViiAE4+CAVmiJwG2/fYlsYYpZ5eYz63HqAnEtTGgg
JXbQTfJ5oFw/hhxjbOkPpF005xsxYsWi0zTIfvG1l4ZNgVDc4jrlodQKQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMAnE4w7qqDfgydbGLpzHn+UGmu/MB8GA1UdIwQY
MBaAFAwebV5y2vQQjPYL1H6TbfGh6XImMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREI1dFhuTGE5QkNNOWd2VWZwTnQ4YUhwY2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zZGM3MmUtMDg2MS00MzE2LWE0YmUt
YTI5NTgxM2YxZjgyLzEvd0NjVGpEdXFvTi1ESjFzWXVuTWVmNVFhYTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zZGM3MmUtMDg2MS00MzE2LWE0YmUtYTI5NTgxM2YxZjgy
LzEvREI1dFhuTGE5QkNNOWd2VWZwTnQ4YUhwY2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuffwAwQA
uffzMA0EAgACMAcDBQMqDdGAMA0GCSqGSIb3DQEBCwUAA4IBAQC2XBReTPCax1O+
zpZL9L/yHdIYmV9fhRVRYaP8oFacS2ncPYxNIeYIo4l85xAwPo+82C2jmSK6UrCX
i3dPVxSlq93fRyEMYir0C2rJ81k+JAJ2eHZW4XVX62kHnl6OYZQn2kiCvVV+RNck
GwWg00Micv9FBXPxxc0uu352LSCTX++lrKLM2Jz/V2QZp53+N5Ibtg0ZfWWdr8Ue
OrAe+RUnJlt20o7SivxYzsHLpZFp2T+n4wmOvMLvhmZWVVwRSvrSFRnAKzwMSZ8A
kAp3v7b1RrC82qfYZ7JCDkYnStd1X3/Obo0lVMKchHGxRcJNXuGjgJR7rOuBm+oD
G2VrRI9P
-----END CERTIFICATE-----
Generated at Tue May 28 21:17:28 2024 by rpki-client on console-ams.rpki-client.org