Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/wiv9ohIfO88AdDjHXiP2id1UPWA.roa
File: wiv9ohIfO88AdDjHXiP2id1UPWA.roa (raw, json)
Hash identifier: b7MEyRIl3D8G2gcd1nEeLfNMlpms9v7oYChebhQJqik=
Subject key identifier: C2:2B:FD:A2:12:1F:3B:CF:00:74:38:C7:5E:23:F6:89:DD:54:3D:60
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDFF9D552E35A901F36EA4E1C3E23
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/wiv9ohIfO88AdDjHXiP2id1UPWA.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206448
IP address blocks: 192.109.243.0/24 maxlen: 24
192.109.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:df:f9:d5:52:e3:5a:90:1f:36:ea:4e:1c:3e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c22bfda2121f3bcf007438c75e23f689dd543d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:0d:d5:a1:a2:fd:a8:b3:76:dc:3a:61:a2:bd:
94:be:8d:99:8d:93:e0:75:ef:65:0e:ea:3e:13:71:
65:ee:96:61:bc:55:ec:c8:fb:ef:8d:c3:9c:b7:48:
4b:2a:5c:6e:db:67:58:af:67:f8:79:a0:a6:5e:80:
b5:71:27:86:36:07:fa:0a:81:bb:f9:33:86:30:06:
65:1c:6b:ff:d6:ac:ce:2d:a9:f1:70:f8:e7:9b:4b:
be:4b:06:6a:4b:1a:73:0e:e0:f0:ec:60:ad:8d:78:
a3:ea:09:26:02:9a:8d:a2:12:f1:ea:9c:ad:6e:9b:
4f:87:38:48:70:9d:f8:13:ed:85:7c:5b:66:ee:57:
6c:52:c7:99:50:1e:3b:48:69:f1:79:ce:1a:e3:d5:
91:8c:77:1a:c9:0e:07:e4:55:4c:3d:a4:b4:05:16:
fd:6d:14:d8:ce:96:ff:66:55:3f:b7:35:c8:af:07:
fa:f0:3d:f5:a3:9c:c0:3c:65:db:f3:45:f4:33:ef:
b5:dd:9d:6c:e8:50:d7:74:2e:47:39:21:96:1a:cf:
d9:2d:b4:b5:4e:8b:fb:83:c7:5e:e4:1b:76:2a:72:
c6:79:5c:1a:69:2a:93:bb:53:35:f4:e4:f0:df:66:
86:41:da:09:4b:0c:26:d3:88:a7:8a:3b:d1:3d:8e:
2d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:2B:FD:A2:12:1F:3B:CF:00:74:38:C7:5E:23:F6:89:DD:54:3D:60
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/wiv9ohIfO88AdDjHXiP2id1UPWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.243.0/24
192.109.250.0/24
Signature Algorithm: sha256WithRSAEncryption
88:a0:ca:b7:09:82:32:cf:71:a4:b0:12:90:e1:ff:da:03:be:
a1:6e:35:00:14:84:12:4f:4f:2b:57:1d:f4:55:f1:42:53:00:
85:50:bf:f2:ae:b0:b1:cf:9b:59:4c:bd:2d:92:71:35:80:07:
9f:ba:5b:83:28:6e:35:5e:ef:88:53:ff:97:73:ba:03:fb:00:
3c:9d:29:78:e3:b5:53:16:5b:7f:6b:01:f3:f8:13:04:4c:54:
36:d9:f0:38:c1:ce:f4:38:8a:95:26:c7:ba:07:5c:1a:2b:85:
e1:b3:c1:17:e4:30:72:af:92:e6:9b:2a:52:e4:1d:24:ac:54:
47:c4:d6:6b:13:10:db:ee:ee:49:b0:b5:4d:b5:38:ba:16:70:
9f:38:5b:2c:d4:2d:6b:14:3a:6f:7d:64:0e:6d:d0:80:5d:d9:
9c:01:fa:34:9b:05:1b:27:03:b0:09:a5:ce:eb:58:c5:07:ea:
bb:32:e5:56:3e:b6:4d:71:ef:b8:7d:47:4a:29:46:5a:6e:36:
35:d3:cd:06:a0:35:f2:e2:5f:fe:2b:3e:23:1d:8b:ba:41:8a:
b5:ad:19:71:a1:30:72:92:b7:38:d9:ce:5d:98:5d:42:33:25:
89:09:32:a4:84:c6:2a:a4:b0:a5:20:7c:f5:a8:4e:e5:22:e1:
34:ad:c1:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3t/51VLjWpAfNupOHD4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjJiZmRhMjEyMWYzYmNmMDA3NDM4Yzc1ZTIzZjY4OWRkNTQzZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Q3VoaL9qLN23Dphor2Uvo2ZjZPg
de9lDuo+E3Fl7pZhvFXsyPvvjcOct0hLKlxu22dYr2f4eaCmXoC1cSeGNgf6CoG7
+TOGMAZlHGv/1qzOLanxcPjnm0u+SwZqSxpzDuDw7GCtjXij6gkmApqNohLx6pyt
bptPhzhIcJ34E+2FfFtm7ldsUseZUB47SGnxec4a49WRjHcayQ4H5FVMPaS0BRb9
bRTYzpb/ZlU/tzXIrwf68D31o5zAPGXb80X0M++13Z1s6FDXdC5HOSGWGs/ZLbS1
Tov7g8de5Bt2KnLGeVwaaSqTu1M19OTw32aGQdoJSwwm04inijvRPY4t0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMIr/aISHzvPAHQ4x14j9ondVD1gMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvd2l2OW9oSWZPODhBZERqSFhpUDJpZDFVUFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG3zAwQA
wG36MA0GCSqGSIb3DQEBCwUAA4IBAQCIoMq3CYIyz3GksBKQ4f/aA76hbjUAFIQS
T08rVx30VfFCUwCFUL/yrrCxz5tZTL0tknE1gAefuluDKG41Xu+IU/+Xc7oD+wA8
nSl447VTFlt/awHz+BMETFQ22fA4wc70OIqVJse6B1waK4Xhs8EX5DByr5LmmypS
5B0krFRHxNZrExDb7u5JsLVNtTi6FnCfOFss1C1rFDpvfWQObdCAXdmcAfo0mwUb
JwOwCaXO61jFB+q7MuVWPrZNce+4fUdKKUZabjY1080GoDXy4l/+Kz4jHYu6QYq1
rRlxoTBykrc42c5dmF1CMyWJCTKkhMYqpLClIHz1qE7lIuE0rcFT
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:38 2024 by rpki-client on console-fra.rpki-client.org