Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/hwWnOyJh5eE8sLfNHuROBCFCwDk.roa
File: hwWnOyJh5eE8sLfNHuROBCFCwDk.roa (raw, json)
Hash identifier: WWI3P0TXhDvgrpPmFsZfG/LI0mqIJjUxdxl7jLZL/TM=
Subject key identifier: 87:05:A7:3B:22:61:E5:E1:3C:B0:B7:CD:1E:E4:4E:04:21:42:C0:39
Certificate issuer: /CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Certificate serial: 018CC3495D94AAD2339544156F2580BC7615
Authority key identifier: 9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/hwWnOyJh5eE8sLfNHuROBCFCwDk.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48964
IP address blocks: 91.204.122.0/24 maxlen: 24
91.204.123.0/24 maxlen: 24
91.204.120.0/24 maxlen: 24
91.212.80.0/24 maxlen: 24
193.19.243.0/24 maxlen: 24
193.19.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5d:94:aa:d2:33:95:44:15:6f:25:80:bc:76:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8705a73b2261e5e13cb0b7cd1ee44e042142c039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:01:1d:1a:0f:26:c5:b3:c4:1b:dd:02:c0:
0e:66:29:51:91:41:df:b6:e5:f7:f9:11:51:06:f5:
d7:f9:4a:f4:9b:58:e0:09:99:73:32:0e:85:6b:62:
0d:be:96:9f:53:17:e8:9c:e8:c4:10:8b:2b:b9:d3:
5f:3d:e8:34:7a:7d:ac:ac:a2:b2:13:58:4b:ca:de:
9b:6f:20:9c:dc:b3:eb:44:8f:f0:c4:66:71:e0:ed:
c9:81:f6:8e:f7:ef:8a:fa:72:5a:82:3c:c3:a1:09:
ef:1f:21:85:33:d6:63:24:34:e7:af:7c:b1:cd:0f:
fc:ad:d4:55:26:26:08:78:48:83:95:b4:da:4d:ec:
67:14:b8:12:2d:0d:87:00:16:e2:1a:af:15:51:b9:
2b:6f:41:17:5c:11:49:38:7a:fa:56:3e:06:61:a7:
59:d4:74:f9:45:51:12:b3:7b:f7:72:2e:cc:80:4a:
6b:e5:44:c0:5d:9c:5f:2f:45:4e:6f:67:c1:f6:bf:
aa:46:02:42:e7:67:19:a7:26:7c:12:5c:53:8e:19:
84:d4:2f:8d:8f:68:8a:65:8c:ba:1d:a5:2c:93:ee:
e9:8a:57:46:45:2e:7b:c8:cc:52:45:07:90:a3:4e:
93:5f:7c:61:b3:85:93:98:0a:fb:00:fa:db:46:20:
65:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:05:A7:3B:22:61:E5:E1:3C:B0:B7:CD:1E:E4:4E:04:21:42:C0:39
X509v3 Authority Key Identifier:
keyid:9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/hwWnOyJh5eE8sLfNHuROBCFCwDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.120.0/24
91.204.122.0/23
91.212.80.0/24
193.19.241.0/24
193.19.243.0/24
Signature Algorithm: sha256WithRSAEncryption
89:12:e3:85:52:3c:ff:db:fe:08:ce:ea:fb:db:49:d6:b8:2e:
77:f2:37:71:ca:8b:e2:93:a6:b6:f1:09:e4:38:d2:7e:41:0c:
07:a2:76:02:17:5e:64:35:49:d1:c9:e4:82:05:d5:7f:f5:61:
cf:2c:f2:07:a2:ed:c3:b6:73:bf:3b:e0:9d:71:5e:27:20:c0:
f8:81:a4:55:a2:71:42:15:4f:fb:29:f9:da:17:4e:c0:6b:a4:
28:9d:6d:ae:3a:ed:b8:1a:e2:83:9d:ab:3c:cb:20:b9:61:00:
f1:86:81:d2:77:e1:93:96:05:6f:ad:f8:84:08:5a:e2:36:a6:
61:04:33:b6:d5:c3:2f:25:4f:fb:19:19:4d:9e:48:f0:f4:84:
b5:3a:58:f6:34:e0:c4:cb:3c:16:08:f3:81:b8:a9:49:c7:72:
83:2f:29:98:55:a4:93:64:ed:99:16:8e:92:98:03:e8:39:e1:
1a:b2:64:23:8f:dc:6b:5f:65:b8:de:2f:78:ae:cc:65:49:1f:
52:9d:c2:f3:61:44:ab:dc:68:37:7b:96:fb:05:3e:ab:c8:da:
8d:6e:0b:bc:24:46:e5:03:68:d5:f2:8a:53:2e:76:9d:67:4b:
80:40:5b:db:63:5e:e2:8e:54:a9:d1:8f:56:b8:f9:5f:32:62:
07:ff:ea:6f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSV2UqtIzlUQVbyWAvHYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDUwNDg2MGE3YzkyNGU3MjFjYmZhZWE1ZjQ5YTcyYzgy
OTZjMzUwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA1YTczYjIyNjFlNWUxM2NiMGI3Y2QxZWU0NGUwNDIxNDJjMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGIBHRoPJsWzxBvdAsAOZilRkUHf
tuX3+RFRBvXX+Ur0m1jgCZlzMg6Fa2INvpafUxfonOjEEIsrudNfPeg0en2srKKy
E1hLyt6bbyCc3LPrRI/wxGZx4O3JgfaO9++K+nJagjzDoQnvHyGFM9ZjJDTnr3yx
zQ/8rdRVJiYIeEiDlbTaTexnFLgSLQ2HABbiGq8VUbkrb0EXXBFJOHr6Vj4GYadZ
1HT5RVESs3v3ci7MgEpr5UTAXZxfL0VOb2fB9r+qRgJC52cZpyZ8ElxTjhmE1C+N
j2iKZYy6HaUsk+7pildGRS57yMxSRQeQo06TX3xhs4WTmAr7APrbRiBlFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIcFpzsiYeXhPLC3zR7kTgQhQsA5MB8GA1UdIwQY
MBaAFJ3VBIYKfJJOchy/rqX0mnLIKWw1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRVRWhncDhrazV5SEwtdXBmU2Fjc2dwYkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80OTYyMzItZDE4Yi00NTU0LTlhNDMt
NDMyZjVjMWY0MWY3LzEvaHdXbk95Smg1ZUU4c0xmTkh1Uk9CQ0ZDd0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80OTYyMzItZDE4Yi00NTU0LTlhNDMtNDMyZjVjMWY0MWY3
LzEvbmRVRWhncDhrazV5SEwtdXBmU2Fjc2dwYkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8x4AwQB
W8x6AwQAW9RQAwQAwRPxAwQAwRPzMA0GCSqGSIb3DQEBCwUAA4IBAQCJEuOFUjz/
2/4Izur720nWuC538jdxyovik6a28QnkONJ+QQwHonYCF15kNUnRyeSCBdV/9WHP
LPIHou3DtnO/O+CdcV4nIMD4gaRVonFCFU/7KfnaF07Aa6QonW2uOu24GuKDnas8
yyC5YQDxhoHSd+GTlgVvrfiECFriNqZhBDO21cMvJU/7GRlNnkjw9IS1Olj2NODE
yzwWCPOBuKlJx3KDLymYVaSTZO2ZFo6SmAPoOeEasmQjj9xrX2W43i94rsxlSR9S
ncLzYUSr3Gg3e5b7BT6ryNqNbgu8JEblA2jV8opTLnadZ0uAQFvbY17ijlSp0Y9W
uPlfMmIH/+pv
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:42:22 2024 by rpki-client on console-ams.rpki-client.org