Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/362958-06dd-4c04-8864-01398942fb5a/1/xh9i3BvO0eZ9D0Pupi01dGNQ8MA.roa
File: xh9i3BvO0eZ9D0Pupi01dGNQ8MA.roa (raw, json)
Hash identifier: 2DFAH+8E7DRAirSjyNVfoUpdWtid9VAXOsT8geL4O0o=
Subject key identifier: C6:1F:62:DC:1B:CE:D1:E6:7D:0F:43:EE:A6:2D:35:74:63:50:F0:C0
Certificate issuer: /CN=9cc26f18cf96b86a4506b3b84ccc44d3b3506a20
Certificate serial: 018CC6B897C7B8D43D4D02A707EA1B219A14
Authority key identifier: 9C:C2:6F:18:CF:96:B8:6A:45:06:B3:B8:4C:CC:44:D3:B3:50:6A:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nMJvGM-WuGpFBrO4TMxE07NQaiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/362958-06dd-4c04-8864-01398942fb5a/1/xh9i3BvO0eZ9D0Pupi01dGNQ8MA.roa
Signing time: Mon 01 Jan 2024 20:30:35 +0000
ROA not before: Mon 01 Jan 2024 20:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44138
IP address blocks: 193.109.218.0/24 maxlen: 24
193.200.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/362958-06dd-4c04-8864-01398942fb5a/1/nMJvGM-WuGpFBrO4TMxE07NQaiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/362958-06dd-4c04-8864-01398942fb5a/1/nMJvGM-WuGpFBrO4TMxE07NQaiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nMJvGM-WuGpFBrO4TMxE07NQaiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:97:c7:b8:d4:3d:4d:02:a7:07:ea:1b:21:9a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cc26f18cf96b86a4506b3b84ccc44d3b3506a20
Validity
Not Before: Jan 1 20:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c61f62dc1bced1e67d0f43eea62d35746350f0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ce:59:94:13:87:90:71:ab:76:82:2b:7c:4c:
ff:e4:56:41:21:2d:be:42:a1:c8:b9:13:ae:56:48:
ca:02:ab:e2:cc:73:3e:ee:93:d1:5b:60:87:50:64:
3d:3e:36:cf:6d:44:4f:c6:c6:c6:42:bf:21:a2:3f:
4d:fb:01:16:2c:01:fb:39:fd:18:3d:08:f8:75:59:
73:3a:04:a0:0f:c8:63:12:f3:c6:84:34:19:38:ff:
b9:19:7e:15:4c:fc:53:9f:27:3d:5d:c3:2f:bb:2e:
3c:86:d3:68:1a:43:9b:13:95:2d:6a:6d:ba:d5:52:
7b:d0:ec:7d:d2:7a:96:3c:18:f0:ed:95:2f:89:11:
a6:df:1c:1b:38:5f:1c:cd:eb:75:bc:35:97:48:42:
2d:ca:82:fe:a1:21:f1:c1:ef:e3:1b:e8:27:a0:76:
35:98:0f:ec:88:39:a0:5c:ea:01:f7:ff:d1:66:ef:
01:bd:23:5b:50:59:43:8e:48:cb:d4:28:94:53:e0:
8e:9e:12:34:6b:15:ee:54:35:dc:3b:a3:aa:3e:8e:
47:2d:8d:b1:2d:be:72:a2:e1:33:c4:57:c5:8e:e7:
36:bd:f1:4f:93:7d:7e:42:62:13:12:a9:ab:83:ab:
26:a4:df:18:cf:91:1e:08:75:dd:b9:aa:f6:58:0f:
b8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1F:62:DC:1B:CE:D1:E6:7D:0F:43:EE:A6:2D:35:74:63:50:F0:C0
X509v3 Authority Key Identifier:
keyid:9C:C2:6F:18:CF:96:B8:6A:45:06:B3:B8:4C:CC:44:D3:B3:50:6A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nMJvGM-WuGpFBrO4TMxE07NQaiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/362958-06dd-4c04-8864-01398942fb5a/1/xh9i3BvO0eZ9D0Pupi01dGNQ8MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/362958-06dd-4c04-8864-01398942fb5a/1/nMJvGM-WuGpFBrO4TMxE07NQaiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.218.0/24
193.200.247.0/24
Signature Algorithm: sha256WithRSAEncryption
06:a9:0d:68:ff:04:37:f1:a4:b7:9d:9b:8d:41:08:99:fc:93:
2f:e1:2e:d2:1a:1f:19:b4:de:59:3d:2e:5a:1e:bf:20:40:5c:
eb:8f:9e:82:ad:97:e4:4f:e9:c9:07:1b:f6:30:a8:69:7d:ae:
58:01:55:65:12:69:55:5b:cc:a6:a1:b4:a9:65:58:80:de:0b:
ee:3c:bf:17:01:2f:e1:ff:5f:92:91:94:39:d7:47:23:30:07:
32:7e:79:9f:63:66:b1:37:3a:40:c7:99:fa:21:3f:0d:54:3b:
ef:2c:da:04:7b:03:ab:3a:b1:4b:99:20:8e:c0:49:7c:e7:0b:
1f:0f:70:33:b2:65:0a:e7:8a:72:d8:47:81:3f:50:c8:a8:58:
e4:cb:b8:ce:1f:fc:20:41:88:4e:e5:bd:d5:f4:15:e4:64:47:
c5:50:7d:6b:2b:ec:d9:7c:7a:29:23:c5:f7:a5:58:9e:c7:98:
97:8a:12:83:5f:31:6e:36:14:1f:a0:51:d3:c4:99:52:de:c0:
3c:0b:3a:e4:a2:30:61:da:c7:d3:51:47:fe:33:20:97:1e:e4:
70:de:04:a2:e7:5b:e8:55:0c:41:f3:44:49:b6:80:67:98:99:
7e:0c:0f:79:78:04:ae:1c:81:a8:3c:67:b8:b4:54:bb:85:87:
fa:2f:76:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuJfHuNQ9TQKnB+obIZoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYzI2ZjE4Y2Y5NmI4NmE0NTA2YjNiODRjY2M0NGQzYjM1
MDZhMjAwHhcNMjQwMTAxMjAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFmNjJkYzFiY2VkMWU2N2QwZjQzZWVhNjJkMzU3NDYzNTBmMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc5ZlBOHkHGrdoIrfEz/5FZBIS2+
QqHIuROuVkjKAqvizHM+7pPRW2CHUGQ9PjbPbURPxsbGQr8hoj9N+wEWLAH7Of0Y
PQj4dVlzOgSgD8hjEvPGhDQZOP+5GX4VTPxTnyc9XcMvuy48htNoGkObE5Utam26
1VJ70Ox90nqWPBjw7ZUviRGm3xwbOF8czet1vDWXSEItyoL+oSHxwe/jG+gnoHY1
mA/siDmgXOoB9//RZu8BvSNbUFlDjkjL1CiUU+COnhI0axXuVDXcO6OqPo5HLY2x
Lb5youEzxFfFjuc2vfFPk31+QmITEqmrg6smpN8Yz5EeCHXduar2WA+4yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYfYtwbztHmfQ9D7qYtNXRjUPDAMB8GA1UdIwQY
MBaAFJzCbxjPlrhqRQazuEzMRNOzUGogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk1KdkdNLVd1R3BGQnJPNFRNeEUwN05RYWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zNjI5NTgtMDZkZC00YzA0LTg4NjQt
MDEzOTg5NDJmYjVhLzEveGg5aTNCdk8wZVo5RDBQdXBpMDFkR05ROE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zNjI5NTgtMDZkZC00YzA0LTg4NjQtMDEzOTg5NDJmYjVh
LzEvbk1KdkdNLVd1R3BGQnJPNFRNeEUwN05RYWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW3aAwQA
wcj3MA0GCSqGSIb3DQEBCwUAA4IBAQAGqQ1o/wQ38aS3nZuNQQiZ/JMv4S7SGh8Z
tN5ZPS5aHr8gQFzrj56CrZfkT+nJBxv2MKhpfa5YAVVlEmlVW8ymobSpZViA3gvu
PL8XAS/h/1+SkZQ510cjMAcyfnmfY2axNzpAx5n6IT8NVDvvLNoEewOrOrFLmSCO
wEl85wsfD3AzsmUK54py2EeBP1DIqFjky7jOH/wgQYhO5b3V9BXkZEfFUH1rK+zZ
fHopI8X3pViex5iXihKDXzFuNhQfoFHTxJlS3sA8CzrkojBh2sfTUUf+MyCXHuRw
3gSi51voVQxB80RJtoBnmJl+DA95eASuHIGoPGe4tFS7hYf6L3ad
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:02 2024 by rpki-client on console-ams.rpki-client.org