Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/9hd9pdjjhxf4B04nn9ngolfb1xU.roa
File: 9hd9pdjjhxf4B04nn9ngolfb1xU.roa (raw, json)
Hash identifier: CCQe4+3ZrPBL9AjgBNjkN3HMyWwOhlCrWLS+W8B86G4=
Subject key identifier: F6:17:7D:A5:D8:E3:87:17:F8:07:4E:27:9F:D9:E0:A2:57:DB:D7:15
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018CC5DC5A92CA1067E41A4E1E3D354E05E8
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/9hd9pdjjhxf4B04nn9ngolfb1xU.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4787
IP address blocks: 163.171.67.0/24 maxlen: 24
148.253.254.0/24 maxlen: 24
148.253.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5a:92:ca:10:67:e4:1a:4e:1e:3d:35:4e:05:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6177da5d8e38717f8074e279fd9e0a257dbd715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3c:33:0d:a7:56:2b:e6:06:f7:40:21:03:33:
5e:6a:b5:77:69:75:26:55:ee:ea:46:d7:45:44:67:
8f:96:c5:b0:c5:89:a9:8e:4b:08:dd:4a:b0:85:9b:
56:78:a0:c8:6a:91:41:b0:41:f1:ee:29:92:68:fd:
ad:f9:02:35:f9:39:9d:90:39:c4:73:75:cb:8f:9a:
a5:da:ce:d2:58:68:a4:3f:f4:df:e5:59:6b:bb:cb:
6f:85:6a:0d:d9:b6:ce:1b:14:14:3c:3c:0d:5e:72:
6c:2e:65:e8:c8:8b:6e:0c:e6:9e:2d:91:f1:29:ee:
69:34:c8:d3:96:b0:b3:7e:c9:c9:f1:0b:3d:36:15:
ab:eb:91:9f:0e:63:8f:58:3c:08:a4:3a:ce:1d:fc:
d0:3f:dd:2d:dd:dd:ef:07:1f:9a:5d:c0:9c:2c:6c:
92:b8:e0:6b:08:1d:e7:07:4d:3b:79:38:21:53:71:
c4:30:23:c0:75:d6:fc:14:1a:80:3d:91:fd:fb:87:
d0:31:4a:17:95:a0:fb:df:07:15:a9:10:59:3f:60:
fa:df:8e:70:1d:31:f0:e1:a1:ac:e8:3f:f1:32:e0:
e4:15:13:82:ea:db:ce:46:76:1d:89:0b:5d:db:ba:
81:ea:6f:ed:5c:e6:15:e4:e1:3a:d0:96:3a:e5:30:
0f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:17:7D:A5:D8:E3:87:17:F8:07:4E:27:9F:D9:E0:A2:57:DB:D7:15
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/9hd9pdjjhxf4B04nn9ngolfb1xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.254.0/23
163.171.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b3:9e:0e:c8:d7:44:ef:0c:84:e2:51:d2:85:b2:77:2c:68:
e7:e2:79:3a:8c:4c:c6:9a:fe:55:16:1c:bf:2a:44:4a:e3:0d:
70:d3:b2:96:87:69:59:f7:d2:e9:d5:62:67:d7:5a:c6:31:43:
b8:15:6b:39:6d:f4:83:54:74:bd:25:9b:08:c2:a5:c2:61:93:
ef:57:7f:c6:52:1f:3c:7b:7d:ac:7d:be:d0:82:73:9d:64:da:
7b:f7:25:e1:cf:74:66:21:c4:be:22:96:c2:b2:7b:e4:8d:e9:
76:49:e6:ab:1e:4e:b4:a6:62:25:58:30:31:db:41:8b:5a:14:
ed:05:d5:36:d3:72:85:d2:b4:78:6b:00:65:69:c5:20:d5:a1:
5d:77:6c:8b:9f:c6:a1:6f:a9:5d:7f:b0:8e:83:fd:4c:77:85:
f2:53:6c:23:7e:b7:8c:f3:89:cc:80:2f:5c:5e:a5:b4:09:b7:
15:d9:79:69:79:f4:72:6f:5e:4f:b9:5a:50:c9:9a:d8:89:5d:
af:09:aa:d5:a5:16:a8:54:8f:39:8e:46:d3:4d:db:11:e4:dd:
c2:46:e0:71:09:26:dc:b3:cd:b4:a0:e6:06:90:46:ae:25:47:
7f:0d:cb:a4:56:99:4a:d6:64:30:2c:c4:f1:85:fd:ed:f8:89:
05:93:40:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3FqSyhBn5BpOHj01TgXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE3N2RhNWQ4ZTM4NzE3ZjgwNzRlMjc5ZmQ5ZTBhMjU3ZGJkNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTwzDadWK+YG90AhAzNearV3aXUm
Ve7qRtdFRGePlsWwxYmpjksI3UqwhZtWeKDIapFBsEHx7imSaP2t+QI1+TmdkDnE
c3XLj5ql2s7SWGikP/Tf5Vlru8tvhWoN2bbOGxQUPDwNXnJsLmXoyItuDOaeLZHx
Ke5pNMjTlrCzfsnJ8Qs9NhWr65GfDmOPWDwIpDrOHfzQP90t3d3vBx+aXcCcLGyS
uOBrCB3nB007eTghU3HEMCPAddb8FBqAPZH9+4fQMUoXlaD73wcVqRBZP2D6345w
HTHw4aGs6D/xMuDkFROC6tvORnYdiQtd27qB6m/tXOYV5OE60JY65TAP6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPYXfaXY44cX+AdOJ5/Z4KJX29cVMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvOWhkOXBkampoeGY0QjA0bm45bmdvbGZiMXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBlP3+AwQA
o6tDMA0GCSqGSIb3DQEBCwUAA4IBAQAKs54OyNdE7wyE4lHShbJ3LGjn4nk6jEzG
mv5VFhy/KkRK4w1w07KWh2lZ99Lp1WJn11rGMUO4FWs5bfSDVHS9JZsIwqXCYZPv
V3/GUh88e32sfb7QgnOdZNp79yXhz3RmIcS+IpbCsnvkjel2SearHk60pmIlWDAx
20GLWhTtBdU203KF0rR4awBlacUg1aFdd2yLn8ahb6ldf7COg/1Md4XyU2wjfreM
84nMgC9cXqW0CbcV2XlpefRyb15PuVpQyZrYiV2vCarVpRaoVI85jkbTTdsR5N3C
RuBxCSbcs820oOYGkEauJUd/DcukVplK1mQwLMTxhf3t+IkFk0Cn
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:29:36 2024 by rpki-client on console-ams.rpki-client.org