Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/1_9gCWyZaT__v0V9EoKL2qzdaIA.roa
File: 1_9gCWyZaT__v0V9EoKL2qzdaIA.roa (raw, json)
Hash identifier: V1+5M+YzYkcLo4ebcRFLSAXB6U1ANRVPL65QJvwv9vM=
Subject key identifier: D7:FF:60:09:6C:99:69:3F:FF:BF:45:7D:12:82:8B:DA:AC:DD:68:80
Certificate issuer: /CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Certificate serial: 018CCB8A2810707A5ECE724EF9627D244C23
Authority key identifier: 1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/1_9gCWyZaT__v0V9EoKL2qzdaIA.roa
Signing time: Tue 02 Jan 2024 18:57:58 +0000
ROA not before: Tue 02 Jan 2024 18:57:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201579
IP address blocks: 193.138.195.0/24 maxlen: 24
62.169.151.0/24 maxlen: 24
185.91.69.0/24 maxlen: 24
91.237.124.0/24 maxlen: 24
2a13:2480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:8a:28:10:70:7a:5e:ce:72:4e:f9:62:7d:24:4c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Validity
Not Before: Jan 2 18:57:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7ff60096c99693fffbf457d12828bdaacdd6880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4a:89:bc:ac:06:e5:a7:ec:bd:99:57:59:b3:
54:ee:88:18:df:c1:37:27:b5:7c:3f:d4:db:a0:1b:
55:79:1c:4b:64:ca:85:13:fa:12:6b:2f:f3:1c:a4:
4d:90:c0:e4:d1:51:ab:83:87:c9:c9:b4:a5:e1:06:
01:e0:68:8c:04:fe:dc:92:17:a1:15:43:61:30:34:
89:b3:6e:39:2b:89:23:24:98:8f:9d:75:9f:41:be:
0a:c5:00:de:c8:d7:6a:09:a6:2e:9a:39:26:72:c1:
e6:65:26:f1:5f:66:fc:6a:c6:29:fd:6f:3d:18:5a:
df:03:9f:e4:09:b3:f8:1f:1c:40:cd:a3:11:c1:bf:
34:ba:fb:a6:2a:4f:6b:1a:26:bd:45:ea:e4:ba:7c:
64:a5:a4:2c:42:aa:d6:01:8b:e4:2d:0c:f0:60:d2:
1a:d3:37:64:0d:04:9a:ac:08:c9:55:73:26:e3:35:
4e:af:ff:a5:db:ba:c1:7f:7b:2a:3b:08:69:9c:0a:
67:8f:e3:2c:85:f6:2d:33:40:7e:1f:fe:af:c4:ce:
b8:42:ce:d6:e1:db:76:64:96:5f:66:65:9f:94:c6:
3b:b3:98:ed:cf:fa:49:6b:43:2c:78:f4:b4:52:de:
0c:7b:14:0d:bb:b4:58:ed:0a:b3:32:c0:37:9b:d7:
86:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FF:60:09:6C:99:69:3F:FF:BF:45:7D:12:82:8B:DA:AC:DD:68:80
X509v3 Authority Key Identifier:
keyid:1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/1_9gCWyZaT__v0V9EoKL2qzdaIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.151.0/24
91.237.124.0/24
185.91.69.0/24
193.138.195.0/24
IPv6:
2a13:2480::/29
Signature Algorithm: sha256WithRSAEncryption
54:8a:e5:cb:a5:fd:b5:16:1d:a5:39:49:57:89:74:cf:20:2d:
e3:6c:c9:01:4d:0e:55:e9:91:46:e4:f6:d8:cb:85:57:30:5a:
9d:6f:5f:28:a5:5a:fc:e1:cc:65:be:02:86:3b:27:b9:17:d3:
a2:2a:04:44:1f:1c:21:26:59:6d:ce:ea:55:ba:ac:09:aa:52:
6c:00:c5:42:46:0e:d5:a5:27:e4:a7:0c:2c:d7:8c:bf:e8:00:
1e:70:ed:47:bb:7b:48:63:60:32:5f:85:5e:66:2f:7b:b1:4d:
a0:1e:08:dc:95:43:b1:cb:74:ce:d1:1b:c7:ac:e2:70:96:0c:
8e:65:e4:ed:14:06:ab:ef:40:c4:c2:37:4a:01:fd:72:ce:a2:
cc:09:b3:e7:58:2c:3a:4d:4f:76:60:9e:c2:2d:cd:8c:e2:04:
dd:86:b0:2d:8d:d7:fa:f3:13:ed:53:af:51:0c:8b:2a:64:7b:
2f:1b:2f:8c:c0:8e:a8:a9:48:6d:50:b0:5c:7b:1e:cd:31:5c:
7f:17:5e:3f:82:32:f6:65:ee:e9:2a:af:17:12:04:ec:89:02:
16:ba:2c:fd:2b:8c:27:02:e8:5f:6d:de:da:cc:39:f0:9e:2f:
4f:f6:8a:6c:0c:c5:3d:ce:d0:3a:4c:32:dc:a6:bc:d5:4e:55:
7c:7d:7a:f9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzLiigQcHpeznJO+WJ9JEwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZTM2ZmNmYjA0N2I4YzY1M2ZmYTMyN2ZjMmNhNTExNjll
OTQ3YTQwHhcNMjQwMTAyMTg1NzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZmNjAwOTZjOTk2OTNmZmZiZjQ1N2QxMjgyOGJkYWFjZGQ2ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UqJvKwG5afsvZlXWbNU7ogY38E3
J7V8P9TboBtVeRxLZMqFE/oSay/zHKRNkMDk0VGrg4fJybSl4QYB4GiMBP7ckheh
FUNhMDSJs245K4kjJJiPnXWfQb4KxQDeyNdqCaYumjkmcsHmZSbxX2b8asYp/W89
GFrfA5/kCbP4HxxAzaMRwb80uvumKk9rGia9RerkunxkpaQsQqrWAYvkLQzwYNIa
0zdkDQSarAjJVXMm4zVOr/+l27rBf3sqOwhpnApnj+MshfYtM0B+H/6vxM64Qs7W
4dt2ZJZfZmWflMY7s5jtz/pJa0MsePS0Ut4MexQNu7RY7QqzMsA3m9eGuQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNf/YAlsmWk//79FfRKCi9qs3WiAMB8GA1UdIwQY
MBaAFBvjb8+wR7jGU/+jJ/wspRFp6UekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMt
ZTBjOTY2YzE1ZDVmLzEvMV85Z0NXeVphVF9fdjBWOUVvS0wycXpkYUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMtZTBjOTY2YzE1ZDVm
LzEvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAPqmXAwQA
W+18AwQAuVtFAwQAwYrDMA0EAgACMAcDBQMqEySAMA0GCSqGSIb3DQEBCwUAA4IB
AQBUiuXLpf21Fh2lOUlXiXTPIC3jbMkBTQ5V6ZFG5PbYy4VXMFqdb18opVr84cxl
vgKGOye5F9OiKgREHxwhJlltzupVuqwJqlJsAMVCRg7VpSfkpwws14y/6AAecO1H
u3tIY2AyX4VeZi97sU2gHgjclUOxy3TO0RvHrOJwlgyOZeTtFAar70DEwjdKAf1y
zqLMCbPnWCw6TU92YJ7CLc2M4gTdhrAtjdf68xPtU69RDIsqZHsvGy+MwI6oqUht
ULBcex7NMVx/F14/gjL2Ze7pKq8XEgTsiQIWuiz9K4wnAuhfbd7azDnwni9P9ops
DMU9ztA6TDLcprzVTlV8fXr5
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:11:57 2024 by rpki-client on console-fra.rpki-client.org