Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/0btjNwXMOg386xN4V-OABm0K364.roa
File: 0btjNwXMOg386xN4V-OABm0K364.roa (raw, json)
Hash identifier: lvhZ1hXam0Ay8cLczkMQQz+BA7RfBTRI13G8jeOCeyk=
Subject key identifier: D1:BB:63:37:05:CC:3A:0D:FC:EB:13:78:57:E3:80:06:6D:0A:DF:AE
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 018CC2DAC399A4EF595DAED98EB83126DA73
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/0btjNwXMOg386xN4V-OABm0K364.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3262
IP address blocks: 194.30.28.0/24 maxlen: 24
212.81.128.0/17 maxlen: 17
192.148.167.0/24 maxlen: 24
195.16.128.0/19 maxlen: 19
194.30.0.0/17 maxlen: 17
2a03:c600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c3:99:a4:ef:59:5d:ae:d9:8e:b8:31:26:da:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1bb633705cc3a0dfceb137857e380066d0adfae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c9:1d:de:d8:4d:c7:27:45:45:ef:1c:92:21:
5c:34:35:e5:e6:79:30:45:e0:23:31:5b:3e:06:20:
c2:bc:3d:61:c1:74:03:14:e9:e7:82:7f:cb:f0:25:
b5:05:c7:22:d0:71:5a:09:29:33:30:aa:30:c6:33:
18:b2:75:1c:4d:d2:55:ba:fe:e6:f0:13:e9:09:2f:
7f:bd:da:6e:fc:fc:4e:13:48:2b:d1:f0:07:2c:61:
bc:30:b6:ed:3a:cd:70:e3:f8:79:0d:9e:51:ae:b7:
5a:f5:dc:b8:02:d0:60:9d:4d:2f:cc:6f:dc:dc:24:
c8:33:de:b9:f5:b5:52:49:37:e5:24:fb:58:43:7d:
87:4b:8f:bb:ca:4b:27:ce:46:79:00:8b:1e:ef:0d:
93:ce:36:7a:54:c8:4d:ef:8c:29:a6:c3:3e:06:6d:
52:cd:06:49:1b:40:e9:6b:00:3a:d0:e7:82:50:9d:
f5:9d:cc:96:04:80:f3:ca:14:28:2e:9b:b0:8d:f7:
07:a8:b5:d7:11:67:dd:6c:25:1c:2d:74:3c:92:b2:
b6:c8:e8:3c:5f:3c:b9:a0:df:64:13:10:bd:d9:41:
26:ad:36:4d:43:7f:88:6f:bd:35:01:a9:74:a1:b7:
fa:a4:6e:2c:bd:a7:22:be:ba:c9:4c:8b:ac:1f:71:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BB:63:37:05:CC:3A:0D:FC:EB:13:78:57:E3:80:06:6D:0A:DF:AE
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/0btjNwXMOg386xN4V-OABm0K364.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.148.167.0/24
194.30.0.0/17
195.16.128.0/19
212.81.128.0/17
IPv6:
2a03:c600::/32
Signature Algorithm: sha256WithRSAEncryption
83:21:8a:12:ae:e0:9d:02:06:39:f6:4d:ed:90:ba:6c:64:75:
c7:40:b1:ae:c1:00:04:64:9a:0a:af:9c:73:c3:07:2c:b9:b9:
21:53:4e:75:1b:32:3d:17:a6:c7:8c:3c:03:be:a1:58:a7:9e:
ce:74:80:0d:b4:f8:54:d8:53:b2:e7:b2:c1:8e:36:da:25:53:
0b:2f:aa:a7:5d:2c:ef:c6:c0:1b:dd:c1:00:77:40:63:e2:ec:
ef:d5:c7:2b:3e:74:8d:ea:96:a1:17:5c:83:a7:5c:59:74:df:
10:30:49:d4:25:c5:bd:25:0f:67:25:71:b7:74:e5:3b:cf:d1:
8d:15:08:14:19:a7:38:33:ee:89:74:c2:8c:6b:49:f2:61:e7:
b3:2a:07:bd:d4:7f:c4:f5:61:66:16:89:21:d2:8a:e2:43:66:
28:4a:b9:33:f1:22:9a:7b:c8:89:a1:25:d5:db:fc:b7:19:17:
6d:78:1d:7b:9b:68:49:c8:51:fe:ce:82:8b:59:ad:a2:6d:b3:
0e:df:f3:5a:7d:af:c1:3c:05:cb:be:ba:3a:9e:72:5b:82:7b:
fd:16:fe:4c:80:04:e4:58:19:a7:46:31:85:03:d4:e0:10:19:
ec:64:cd:8d:6c:6c:a4:ad:8e:44:0a:29:82:ae:5d:8c:e0:36:
77:80:6c:2e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2sOZpO9ZXa7ZjrgxJtpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJiNjMzNzA1Y2MzYTBkZmNlYjEzNzg1N2UzODAwNjZkMGFkZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiskd3thNxydFRe8ckiFcNDXl5nkw
ReAjMVs+BiDCvD1hwXQDFOnngn/L8CW1Bcci0HFaCSkzMKowxjMYsnUcTdJVuv7m
8BPpCS9/vdpu/PxOE0gr0fAHLGG8MLbtOs1w4/h5DZ5Rrrda9dy4AtBgnU0vzG/c
3CTIM9659bVSSTflJPtYQ32HS4+7yksnzkZ5AIse7w2TzjZ6VMhN74wppsM+Bm1S
zQZJG0DpawA60OeCUJ31ncyWBIDzyhQoLpuwjfcHqLXXEWfdbCUcLXQ8krK2yOg8
Xzy5oN9kExC92UEmrTZNQ3+Ib701Aal0obf6pG4svacivrrJTIusH3F5QQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNG7YzcFzDoN/OsTeFfjgAZtCt+uMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvMGJ0ak53WE1PZzM4NnhONFYtT0FCbTBLMzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwJSnAwQH
wh4AAwQFwxCAAwQH1FGAMA0EAgACMAcDBQAqA8YAMA0GCSqGSIb3DQEBCwUAA4IB
AQCDIYoSruCdAgY59k3tkLpsZHXHQLGuwQAEZJoKr5xzwwcsubkhU051GzI9F6bH
jDwDvqFYp57OdIANtPhU2FOy57LBjjbaJVMLL6qnXSzvxsAb3cEAd0Bj4uzv1ccr
PnSN6pahF1yDp1xZdN8QMEnUJcW9JQ9nJXG3dOU7z9GNFQgUGac4M+6JdMKMa0ny
YeezKge91H/E9WFmFokh0oriQ2YoSrkz8SKae8iJoSXV2/y3GRdteB17m2hJyFH+
zoKLWa2ibbMO3/Nafa/BPAXLvro6nnJbgnv9Fv5MgATkWBmnRjGFA9TgEBnsZM2N
bGykrY5ECimCrl2M4DZ3gGwu
-----END CERTIFICATE-----
Generated at Sun Jun 23 03:12:52 2024 by rpki-client on console-fra.rpki-client.org