Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/CcoA3urMfj8YGqgYHWr2sNzjNL4.roa
File: CcoA3urMfj8YGqgYHWr2sNzjNL4.roa (raw, json)
Hash identifier: E+ItNO7mZ2NUwt6BfEefPDcvflGhM6TGPEHiEqmgAFA=
Subject key identifier: 09:CA:00:DE:EA:CC:7E:3F:18:1A:A8:18:1D:6A:F6:B0:DC:E3:34:BE
Certificate issuer: /CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Certificate serial: 018CC94AC1CAE620A424F611DA4559BBB219
Authority key identifier: 6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/CcoA3urMfj8YGqgYHWr2sNzjNL4.roa
Signing time: Tue 02 Jan 2024 08:29:28 +0000
ROA not before: Tue 02 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206701
IP address blocks: 194.0.168.0/24 maxlen: 24
194.0.139.0/24 maxlen: 24
194.0.141.0/24 maxlen: 24
194.0.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:c1:ca:e6:20:a4:24:f6:11:da:45:59:bb:b2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Validity
Not Before: Jan 2 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09ca00deeacc7e3f181aa8181d6af6b0dce334be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:57:5b:91:61:cb:89:38:a4:d0:07:72:fd:e6:
88:01:2d:f5:3d:f6:5a:90:68:ce:4d:2a:02:bb:48:
ac:a8:8a:6c:3b:ee:a8:1a:3b:c7:ca:71:37:de:0f:
e6:e1:93:d1:43:87:d0:7a:fb:76:a1:6c:98:2c:ba:
de:b7:a4:b6:51:90:67:f0:ad:91:e0:14:61:66:0b:
19:66:40:19:1a:b2:3c:03:57:11:36:9d:28:70:45:
83:bf:91:ce:6b:7e:89:58:b8:82:7b:43:c2:9c:c1:
78:35:70:d0:3c:9b:51:0f:3f:fd:53:a5:28:45:cd:
f0:03:2e:83:39:af:16:d4:36:f9:5d:27:f2:7f:41:
c9:d4:17:1b:6c:58:fd:35:a3:7d:20:fd:85:dd:4b:
7e:0f:59:2c:2c:63:6a:e1:2b:79:1b:0c:f4:d6:44:
97:9e:dd:2d:72:d9:90:5c:76:c5:a5:20:3c:df:03:
33:46:2a:b0:ce:a8:1c:e7:65:e0:d4:ea:b2:ce:4f:
b4:0e:d6:d7:b7:e4:8b:4b:84:8c:33:12:de:06:cb:
8d:a0:7f:17:2f:02:9c:30:e7:b1:98:87:a5:b5:96:
83:bb:ec:b4:55:39:87:ae:87:52:4c:e1:53:c7:18:
86:1e:63:0b:76:41:a4:69:c2:f4:73:69:8e:58:ff:
2a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CA:00:DE:EA:CC:7E:3F:18:1A:A8:18:1D:6A:F6:B0:DC:E3:34:BE
X509v3 Authority Key Identifier:
keyid:6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/CcoA3urMfj8YGqgYHWr2sNzjNL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.139.0/24
194.0.141.0/24
194.0.159.0/24
194.0.168.0/24
Signature Algorithm: sha256WithRSAEncryption
86:5e:f6:cb:14:80:0b:d0:71:6b:ef:49:29:47:e6:b7:58:61:
f4:d6:89:b7:0c:6c:fb:2c:28:31:5c:e8:cc:32:04:5b:0d:25:
57:53:f4:03:99:61:da:6b:ef:aa:e5:b3:b9:55:f5:19:c0:ed:
58:0a:0b:cd:1d:80:41:90:a1:9c:99:bc:b0:1d:af:0c:ce:d3:
37:a5:c9:7a:ac:6e:01:96:4b:bf:50:5d:11:86:47:5d:76:4b:
c9:b4:5c:c9:04:ff:7f:89:f8:6c:b6:fe:96:ac:ec:f1:d9:90:
05:f9:fc:ee:99:52:80:28:a1:f3:a8:59:ef:1b:ab:54:da:75:
f0:45:d8:21:ea:f5:a3:49:4a:67:ad:fe:e1:b5:90:20:76:15:
c7:4c:ea:e5:75:19:6e:8c:b1:b2:18:29:0f:5a:0d:c6:5e:3b:
18:00:97:d8:a7:4b:bd:2e:cd:f0:27:61:6a:ef:31:34:67:54:
0a:33:71:59:13:1f:a7:e6:7e:86:61:5b:c1:99:43:92:3a:29:
28:ba:d4:f2:89:72:0e:3e:33:db:ba:ff:56:11:c5:7a:81:b6:
e1:d4:08:ec:76:4b:ba:67:94:48:76:fc:86:9b:f4:79:bc:7a:
64:a6:4f:45:05:5f:2f:bc:dd:b8:99:70:b5:52:25:2d:74:a6:
d7:1a:9b:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJSsHK5iCkJPYR2kVZu7IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTRiOTAwZWZmNjEwYTQxODdmNmZiZDQ1ZTNiODU3ZDA4
OTZhMDAwHhcNMjQwMTAyMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWNhMDBkZWVhY2M3ZTNmMTgxYWE4MTgxZDZhZjZiMGRjZTMzNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVdbkWHLiTik0Ady/eaIAS31PfZa
kGjOTSoCu0isqIpsO+6oGjvHynE33g/m4ZPRQ4fQevt2oWyYLLret6S2UZBn8K2R
4BRhZgsZZkAZGrI8A1cRNp0ocEWDv5HOa36JWLiCe0PCnMF4NXDQPJtRDz/9U6Uo
Rc3wAy6DOa8W1Db5XSfyf0HJ1BcbbFj9NaN9IP2F3Ut+D1ksLGNq4St5Gwz01kSX
nt0tctmQXHbFpSA83wMzRiqwzqgc52Xg1Oqyzk+0DtbXt+SLS4SMMxLeBsuNoH8X
LwKcMOexmIeltZaDu+y0VTmHrodSTOFTxxiGHmMLdkGkacL0c2mOWP8q7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAnKAN7qzH4/GBqoGB1q9rDc4zS+MB8GA1UdIwQY
MBaAFG8UuQDv9hCkGH9vvUXjuFfQiWoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUt
NTE4MWEyZjBkMTk3LzEvQ2NvQTN1ck1majhZR3FnWUhXcjJzTnpqTkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUtNTE4MWEyZjBkMTk3
LzEvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwgCLAwQA
wgCNAwQAwgCfAwQAwgCoMA0GCSqGSIb3DQEBCwUAA4IBAQCGXvbLFIAL0HFr70kp
R+a3WGH01om3DGz7LCgxXOjMMgRbDSVXU/QDmWHaa++q5bO5VfUZwO1YCgvNHYBB
kKGcmbywHa8MztM3pcl6rG4Blku/UF0RhkdddkvJtFzJBP9/ifhstv6WrOzx2ZAF
+fzumVKAKKHzqFnvG6tU2nXwRdgh6vWjSUpnrf7htZAgdhXHTOrldRlujLGyGCkP
Wg3GXjsYAJfYp0u9Ls3wJ2Fq7zE0Z1QKM3FZEx+n5n6GYVvBmUOSOikoutTyiXIO
PjPbuv9WEcV6gbbh1Ajsdku6Z5RIdvyGm/R5vHpkpk9FBV8vvN24mXC1UiUtdKbX
GptL
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:32:07 2024 by rpki-client on console-fra.rpki-client.org