Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/9cLJ1GZkThvmUJU5HlMFeNYv_lc.roa
File: 9cLJ1GZkThvmUJU5HlMFeNYv_lc.roa (raw, json)
Hash identifier: p+9vB0YV4X5fW43F8A+nvO8u/l+NrIiGnqDnOR/e1xg=
Subject key identifier: F5:C2:C9:D4:66:64:4E:1B:E6:50:95:39:1E:53:05:78:D6:2F:FE:57
Certificate issuer: /CN=4ba9afd21cb8fbe6b850800cd4b49f2562c92ba0
Certificate serial: 018CC64A6B97CFAB5D30A6857FC001DBD2F4
Authority key identifier: 4B:A9:AF:D2:1C:B8:FB:E6:B8:50:80:0C:D4:B4:9F:25:62:C9:2B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/9cLJ1GZkThvmUJU5HlMFeNYv_lc.roa
Signing time: Mon 01 Jan 2024 18:30:15 +0000
ROA not before: Mon 01 Jan 2024 18:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56504
IP address blocks: 178.237.58.0/24 maxlen: 24
178.237.57.0/24 maxlen: 24
2a0d:5540:1::/48 maxlen: 48
2a0d:5540:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:6b:97:cf:ab:5d:30:a6:85:7f:c0:01:db:d2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ba9afd21cb8fbe6b850800cd4b49f2562c92ba0
Validity
Not Before: Jan 1 18:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5c2c9d466644e1be65095391e530578d62ffe57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:5d:bb:0b:71:f9:cf:3b:94:9c:2e:25:56:
6b:52:a4:92:d1:e5:de:72:b7:19:47:0d:f4:5b:22:
e3:20:dd:c6:b6:e3:17:a2:41:f7:f7:73:e9:01:f3:
6e:a2:4b:19:15:0f:fc:2b:cf:a3:09:83:7b:84:a0:
57:95:e9:16:ae:a3:66:12:25:0c:31:37:af:6a:99:
2f:7b:f0:0b:49:b2:aa:d7:81:fc:8c:69:38:bb:b7:
90:ca:6e:e9:c4:92:24:75:97:a1:6f:41:8a:60:26:
2e:7c:52:4b:9e:99:bb:6e:bb:d1:de:3e:78:38:49:
eb:5a:45:0f:08:30:84:06:7e:f6:0b:3e:b5:84:f1:
dc:ef:43:9c:6f:4f:c1:97:87:04:46:1d:3d:18:af:
13:7f:be:f4:f3:7a:63:40:e2:38:3b:9d:58:15:ee:
4d:17:0c:44:fa:85:45:b3:a6:db:5f:a5:58:66:b0:
e6:44:22:8f:fe:28:fc:a4:bd:70:12:ea:7e:60:33:
29:01:bb:e1:ef:57:9b:6d:85:47:d0:dc:25:27:7b:
3b:b8:b9:17:20:1e:e6:f7:db:a0:6a:45:b6:b3:97:
8d:3a:d1:4f:ab:52:9b:c7:07:d1:01:b5:91:54:73:
fe:b0:d6:fc:32:7b:30:6a:bc:6f:8a:86:37:74:42:
61:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C2:C9:D4:66:64:4E:1B:E6:50:95:39:1E:53:05:78:D6:2F:FE:57
X509v3 Authority Key Identifier:
keyid:4B:A9:AF:D2:1C:B8:FB:E6:B8:50:80:0C:D4:B4:9F:25:62:C9:2B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/9cLJ1GZkThvmUJU5HlMFeNYv_lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.57.0-178.237.58.255
IPv6:
2a0d:5540:1::-2a0d:5540:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
e3:6c:68:0e:74:02:eb:66:47:ef:9a:43:b1:86:24:55:04:05:
d7:ec:e7:64:30:94:09:c7:67:c4:68:11:46:41:cd:6f:5b:32:
46:91:07:57:05:98:94:6b:4f:23:ec:14:24:7e:5f:2a:e5:58:
49:7a:28:ce:0c:89:fd:eb:76:4e:7f:c6:8d:09:9b:bb:e0:e9:
f1:1a:0c:ad:85:98:9a:67:e3:b2:a2:01:8a:11:d0:1f:a3:a2:
2a:2e:04:4d:f4:e9:ca:cc:66:ae:2f:71:b3:09:aa:dc:95:c1:
b7:bd:68:94:2e:72:2d:d2:39:0b:56:bf:a1:ab:77:98:ce:c8:
85:fb:12:dd:dc:13:86:23:25:b7:7f:1c:ea:2d:ac:e3:28:ac:
8b:d2:7c:d8:51:78:7d:3b:93:fc:7a:b7:cb:5e:17:9e:3b:62:
b0:cf:40:78:93:1d:8b:da:73:ca:c5:63:ee:b7:90:7d:76:5f:
19:7f:48:8a:40:5d:c3:08:87:10:c9:e9:b8:f8:a0:46:fd:16:
49:62:d9:94:be:39:40:2b:84:7d:c5:d1:66:95:36:42:dd:6d:
77:54:69:39:8f:01:26:e1:0a:05:f8:ea:74:a5:8c:48:f7:b0:
ab:f2:ef:82:8c:94:b7:a0:e3:aa:48:18:81:c2:d8:78:ef:08:
24:ab:ba:3c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzGSmuXz6tdMKaFf8AB29L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTlhZmQyMWNiOGZiZTZiODUwODAwY2Q0YjQ5ZjI1NjJj
OTJiYTAwHhcNMjQwMTAxMTgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWMyYzlkNDY2NjQ0ZTFiZTY1MDk1MzkxZTUzMDU3OGQ2MmZmZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS1duwtx+c87lJwuJVZrUqSS0eXe
crcZRw30WyLjIN3GtuMXokH393PpAfNuoksZFQ/8K8+jCYN7hKBXlekWrqNmEiUM
MTevapkve/ALSbKq14H8jGk4u7eQym7pxJIkdZehb0GKYCYufFJLnpm7brvR3j54
OEnrWkUPCDCEBn72Cz61hPHc70Ocb0/Bl4cERh09GK8Tf77083pjQOI4O51YFe5N
FwxE+oVFs6bbX6VYZrDmRCKP/ij8pL1wEup+YDMpAbvh71ebbYVH0NwlJ3s7uLkX
IB7m99ugakW2s5eNOtFPq1KbxwfRAbWRVHP+sNb8MnswarxvioY3dEJh1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPXCydRmZE4b5lCVOR5TBXjWL/5XMB8GA1UdIwQY
MBaAFEupr9IcuPvmuFCADNS0nyViySugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZtdjBoeTQtLWE0VUlBTTFMU2ZKV0xKSzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kNWJkMzktYmVhNi00NDdiLTgzYmIt
ZjY5NjIyNDI1NjUxLzEvOWNMSjFHWmtUaHZtVUpVNUhsTUZlTll2X2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kNWJkMzktYmVhNi00NDdiLTgzYmItZjY5NjIyNDI1NjUx
LzEvUzZtdjBoeTQtLWE0VUlBTTFMU2ZKV0xKSzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBACy7TkD
BACy7TowGgQCAAIwFDASAwcAKg1VQAABAwcAKg1VQAACMA0GCSqGSIb3DQEBCwUA
A4IBAQDjbGgOdALrZkfvmkOxhiRVBAXX7OdkMJQJx2fEaBFGQc1vWzJGkQdXBZiU
a08j7BQkfl8q5VhJeijODIn963ZOf8aNCZu74OnxGgythZiaZ+OyogGKEdAfo6Iq
LgRN9OnKzGauL3GzCarclcG3vWiULnIt0jkLVr+hq3eYzsiF+xLd3BOGIyW3fxzq
LazjKKyL0nzYUXh9O5P8erfLXheeO2Kwz0B4kx2L2nPKxWPut5B9dl8Zf0iKQF3D
CIcQyem4+KBG/RZJYtmUvjlAK4R9xdFmlTZC3W13VGk5jwEm4QoF+Op0pYxI97Cr
8u+CjJS3oOOqSBiBwth47wgkq7o8
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:10:50 2024 by rpki-client on console-ams.rpki-client.org