Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/nWvWK7k5fcpe4OiGPZnR_qmp6Gs.roa
File: nWvWK7k5fcpe4OiGPZnR_qmp6Gs.roa (raw, json)
Hash identifier: 2h3PjLiEh22QMbf+FTRREeb4jya367qlMZBeE8osTvk=
Subject key identifier: 9D:6B:D6:2B:B9:39:7D:CA:5E:E0:E8:86:3D:99:D1:FE:A9:A9:E8:6B
Certificate issuer: /CN=cd698f55b40959b178f7cecbc20c35e9c1379344
Certificate serial: 018CC2DAFD196E1C47A0C069770695DAEA70
Authority key identifier: CD:69:8F:55:B4:09:59:B1:78:F7:CE:CB:C2:0C:35:E9:C1:37:93:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/nWvWK7k5fcpe4OiGPZnR_qmp6Gs.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 185.26.88.0/22 maxlen: 22
2a00:88a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fd:19:6e:1c:47:a0:c0:69:77:06:95:da:ea:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd698f55b40959b178f7cecbc20c35e9c1379344
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d6bd62bb9397dca5ee0e8863d99d1fea9a9e86b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:33:23:40:25:0b:68:13:71:cb:43:a0:56:79:
8a:d6:52:93:9b:4d:71:20:1b:b1:d5:6e:f4:0d:3c:
b8:31:db:44:a5:9e:e2:45:44:76:a5:77:8f:a5:c4:
7b:2e:08:1a:ea:e6:c0:b0:30:91:6f:2f:40:a8:74:
2c:96:44:a3:0c:1c:c6:90:89:d1:44:2d:25:7b:84:
ae:46:e2:fa:21:aa:ca:bd:c4:35:84:eb:d7:87:82:
74:2d:02:4b:a1:71:be:44:eb:c8:e5:27:23:a3:47:
3d:61:dc:e9:28:0f:98:4b:5b:d9:8d:17:0a:37:14:
99:e5:ca:3d:28:85:6c:65:25:e1:f0:7c:80:97:8c:
f9:d2:d6:e0:51:84:3f:89:1a:03:94:04:ad:fa:84:
b1:09:d6:81:73:22:bc:52:e4:41:d9:de:c9:ac:fa:
23:8c:e1:a8:14:f9:74:2c:4a:84:b2:07:24:1c:0b:
54:c1:16:94:6c:c2:94:06:31:9a:dc:6a:c7:8c:30:
f2:5a:ec:a3:7d:39:f2:63:d7:11:6b:b8:f6:15:45:
b3:86:e3:b4:b9:7d:a5:60:25:0c:58:a3:64:2f:23:
56:41:ed:8a:5b:c3:89:11:6e:58:a8:2b:57:4e:9c:
3f:91:bb:30:48:de:ea:78:7f:af:7c:9d:6f:99:2c:
9c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6B:D6:2B:B9:39:7D:CA:5E:E0:E8:86:3D:99:D1:FE:A9:A9:E8:6B
X509v3 Authority Key Identifier:
keyid:CD:69:8F:55:B4:09:59:B1:78:F7:CE:CB:C2:0C:35:E9:C1:37:93:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/nWvWK7k5fcpe4OiGPZnR_qmp6Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.88.0/22
IPv6:
2a00:88a0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:44:78:41:93:f8:be:a8:94:97:b1:a8:5f:fb:67:df:08:0e:
4b:ac:46:49:ae:fc:f9:0a:5f:61:c4:f5:02:27:a3:81:c3:dd:
a8:41:98:c3:8a:25:98:3f:35:fb:bf:e0:b9:f8:6c:9f:06:d5:
98:74:01:04:a0:e1:df:f4:cc:d7:aa:ef:7f:d0:bc:fa:2c:27:
08:68:4d:ea:92:91:d7:8d:6f:cd:3b:94:1f:86:bd:6b:69:da:
44:96:41:c8:38:b0:09:e4:34:28:e4:16:10:b1:22:12:96:f4:
6b:82:0d:f4:eb:48:79:76:55:8e:c1:5d:59:97:7a:83:e9:a6:
3d:83:5c:25:23:7c:2a:16:88:38:1c:12:30:a8:45:64:3d:92:
40:3d:9e:ca:8b:a1:f9:f7:20:76:c8:52:93:a2:b7:90:64:5b:
49:e5:e2:da:7f:e9:f6:cf:2b:92:de:cf:0c:15:38:09:f4:6f:
19:27:4f:26:b8:c5:31:d8:d1:34:07:e6:01:05:08:70:24:b4:
19:99:96:53:88:b1:3d:6a:48:4b:b5:77:5e:e6:c2:4a:8b:99:
10:cf:eb:8f:76:30:dc:00:d8:a0:b1:57:ed:96:9b:15:6e:31:
91:7f:7b:43:1c:7e:4a:7d:dc:8e:73:50:ba:e7:8d:43:00:a3:
db:3b:35:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2v0ZbhxHoMBpdwaV2upwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjk4ZjU1YjQwOTU5YjE3OGY3Y2VjYmMyMGMzNWU5YzEz
NzkzNDQwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZiZDYyYmI5Mzk3ZGNhNWVlMGU4ODYzZDk5ZDFmZWE5YTllODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjMjQCULaBNxy0OgVnmK1lKTm01x
IBux1W70DTy4MdtEpZ7iRUR2pXePpcR7Lgga6ubAsDCRby9AqHQslkSjDBzGkInR
RC0le4SuRuL6IarKvcQ1hOvXh4J0LQJLoXG+ROvI5Scjo0c9YdzpKA+YS1vZjRcK
NxSZ5co9KIVsZSXh8HyAl4z50tbgUYQ/iRoDlASt+oSxCdaBcyK8UuRB2d7JrPoj
jOGoFPl0LEqEsgckHAtUwRaUbMKUBjGa3GrHjDDyWuyjfTnyY9cRa7j2FUWzhuO0
uX2lYCUMWKNkLyNWQe2KW8OJEW5YqCtXTpw/kbswSN7qeH+vfJ1vmSycZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ1r1iu5OX3KXuDohj2Z0f6pqehrMB8GA1UdIwQY
MBaAFM1pj1W0CVmxePfOy8IMNenBN5NEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldtUFZiUUpXYkY0OTg3THdndzE2Y0UzazBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9hMTQ0OWUtMmFkYi00YjFhLWIyM2Mt
YmQ2ZDhiYWRjZGMwLzEvbld2V0s3azVmY3BlNE9pR1BablJfcW1wNkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9hMTQ0OWUtMmFkYi00YjFhLWIyM2MtYmQ2ZDhiYWRjZGMw
LzEveldtUFZiUUpXYkY0OTg3THdndzE2Y0UzazBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRpYMA0E
AgACMAcDBQAqAIigMA0GCSqGSIb3DQEBCwUAA4IBAQAaRHhBk/i+qJSXsahf+2ff
CA5LrEZJrvz5Cl9hxPUCJ6OBw92oQZjDiiWYPzX7v+C5+GyfBtWYdAEEoOHf9MzX
qu9/0Lz6LCcIaE3qkpHXjW/NO5Qfhr1radpElkHIOLAJ5DQo5BYQsSISlvRrgg30
60h5dlWOwV1Zl3qD6aY9g1wlI3wqFog4HBIwqEVkPZJAPZ7Ki6H59yB2yFKToreQ
ZFtJ5eLaf+n2zyuS3s8MFTgJ9G8ZJ08muMUx2NE0B+YBBQhwJLQZmZZTiLE9akhL
tXde5sJKi5kQz+uPdjDcANigsVftlpsVbjGRf3tDHH5KfdyOc1C6541DAKPbOzX2
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:08 2024 by rpki-client on console-ams.rpki-client.org