Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/RiSPnpcNmVcRmXSvfa5_4IowGpc.roa
File: RiSPnpcNmVcRmXSvfa5_4IowGpc.roa (raw, json)
Hash identifier: H6M1S8aeSZLAKXJUQX3WEhGz9rWfRFarkH68Of19UDc=
Subject key identifier: 46:24:8F:9E:97:0D:99:57:11:99:74:AF:7D:AE:7F:E0:8A:30:1A:97
Certificate issuer: /CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Certificate serial: 018CE41E6CA982CB918348B87064C9FCBB13
Authority key identifier: CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/RiSPnpcNmVcRmXSvfa5_4IowGpc.roa
Signing time: Sun 07 Jan 2024 13:30:48 +0000
ROA not before: Sun 07 Jan 2024 13:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209059
IP address blocks: 93.177.126.0/24 maxlen: 24
176.124.196.0/24 maxlen: 24
176.124.197.0/24 maxlen: 24
2a10:880::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:1e:6c:a9:82:cb:91:83:48:b8:70:64:c9:fc:bb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Validity
Not Before: Jan 7 13:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46248f9e970d9957119974af7dae7fe08a301a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:79:bd:8e:d1:ec:03:35:96:e6:e3:9f:14:
74:70:b7:bf:d2:c4:ec:99:bc:12:fa:67:86:0e:ed:
e5:b7:59:31:d0:d8:02:2b:c7:4e:f2:7e:9c:bd:2e:
67:5f:34:eb:7d:e2:42:10:35:fe:88:50:3b:1e:d7:
14:f0:15:c8:69:05:ef:05:ca:20:87:8f:b6:bb:51:
f5:53:a8:27:ff:ed:98:36:75:3b:e1:44:e0:a0:e9:
53:2f:72:37:2f:23:cd:5f:77:23:b1:9e:cc:e7:8e:
29:70:ec:07:18:18:f7:8f:97:39:c2:5c:15:b4:72:
78:23:43:ec:94:26:15:0e:f5:d1:ec:52:1b:28:1f:
7a:9f:78:6a:bb:96:3b:66:5f:2e:c2:bf:71:50:43:
04:01:9a:fb:82:e3:ea:4a:15:a7:45:05:b4:2e:3e:
05:e0:1e:04:3c:6b:e1:47:a1:9b:96:03:2c:87:0e:
47:a6:9b:3f:61:69:55:cf:c6:e5:7e:d6:08:a6:9d:
83:f5:8f:e3:e8:87:71:2a:89:77:5a:5c:82:e7:e7:
68:3e:39:81:22:a6:a6:ca:9a:4e:09:bc:8f:8c:8a:
ea:44:ba:9a:f4:f1:ac:52:a4:3c:53:8b:c2:cf:c0:
e1:3f:62:c0:90:98:82:99:7e:71:a4:6b:b8:af:1e:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:24:8F:9E:97:0D:99:57:11:99:74:AF:7D:AE:7F:E0:8A:30:1A:97
X509v3 Authority Key Identifier:
keyid:CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/RiSPnpcNmVcRmXSvfa5_4IowGpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.126.0/24
176.124.196.0/23
IPv6:
2a10:880::/64
Signature Algorithm: sha256WithRSAEncryption
31:08:32:6a:5f:44:27:56:7d:bd:af:9f:4d:f0:2a:d8:b6:b4:
9e:65:c1:79:90:8e:fd:a0:47:3f:d3:c6:57:e4:26:5a:90:5e:
ec:aa:2c:6b:5e:04:db:e9:62:f5:d8:ff:5d:42:13:72:c6:20:
87:02:9e:71:5b:43:c7:aa:66:b1:85:61:fc:9b:5d:34:63:aa:
ea:cc:35:48:c7:82:e5:82:08:e6:df:58:51:8b:ef:62:f4:24:
21:03:59:72:f1:2b:a3:ba:b1:3b:fb:88:70:bc:28:73:88:08:
5a:92:00:f2:b2:e5:c7:33:24:a3:80:d8:83:2a:0e:dc:31:91:
36:32:bf:18:be:cb:97:39:7b:a0:2c:00:cd:df:ee:58:33:84:
c3:ad:46:88:80:07:2f:74:91:ab:dd:55:45:bb:58:c1:04:ca:
56:8c:bd:d7:c4:c5:a5:24:de:68:5a:54:8d:b5:16:3b:09:55:
2d:dd:06:1e:57:bc:ea:e7:67:c8:1b:b4:05:d5:1d:9b:24:7d:
ec:3a:b1:c5:82:00:59:f3:a8:80:ff:b5:9d:c0:01:ad:31:24:
fb:ae:6d:37:99:7f:7f:2a:8f:a5:34:58:f0:de:f1:b3:db:8d:
d5:c7:08:04:62:bd:93:a8:2d:48:86:d0:da:9f:98:9f:c9:a1:
29:fa:c5:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzkHmypgsuRg0i4cGTJ/LsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2Q1ODNjOGQ3MWEyNDI3ZTAwNjBlM2NjOTI0ZjMyZGMx
YTgyMGIwHhcNMjQwMTA3MTMzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI0OGY5ZTk3MGQ5OTU3MTE5OTc0YWY3ZGFlN2ZlMDhhMzAxYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrx5vY7R7AM1lubjnxR0cLe/0sTs
mbwS+meGDu3lt1kx0NgCK8dO8n6cvS5nXzTrfeJCEDX+iFA7HtcU8BXIaQXvBcog
h4+2u1H1U6gn/+2YNnU74UTgoOlTL3I3LyPNX3cjsZ7M544pcOwHGBj3j5c5wlwV
tHJ4I0PslCYVDvXR7FIbKB96n3hqu5Y7Zl8uwr9xUEMEAZr7guPqShWnRQW0Lj4F
4B4EPGvhR6GblgMshw5Hpps/YWlVz8blftYIpp2D9Y/j6IdxKol3WlyC5+doPjmB
IqamyppOCbyPjIrqRLqa9PGsUqQ8U4vCz8DhP2LAkJiCmX5xpGu4rx6uqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYkj56XDZlXEZl0r32uf+CKMBqXMB8GA1UdIwQY
MBaAFMzNWDyNcaJCfgBg48ySTzLcGoILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYt
ZjQ4NTAyZDEzOTQ4LzEvUmlTUG5wY05tVmNSbVhTdmZhNV80SW93R3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYtZjQ4NTAyZDEzOTQ4
LzEvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzASBAIAATAMAwQAXbF+AwQB
sHzEMBEEAgACMAsDCQAqEAiAAAAAADANBgkqhkiG9w0BAQsFAAOCAQEAMQgyal9E
J1Z9va+fTfAq2La0nmXBeZCO/aBHP9PGV+QmWpBe7Kosa14E2+li9dj/XUITcsYg
hwKecVtDx6pmsYVh/JtdNGOq6sw1SMeC5YII5t9YUYvvYvQkIQNZcvEro7qxO/uI
cLwoc4gIWpIA8rLlxzMko4DYgyoO3DGRNjK/GL7Llzl7oCwAzd/uWDOEw61GiIAH
L3SRq91VRbtYwQTKVoy918TFpSTeaFpUjbUWOwlVLd0GHle86udnyBu0BdUdmyR9
7DqxxYIAWfOogP+1ncABrTEk+65tN5l/fyqPpTRY8N7xs9uN1ccIBGK9k6gtSIbQ
2p+Yn8mhKfrFAQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:27:00 2024 by rpki-client on console-fra.rpki-client.org