Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/l1NB1u-By_W9bAp0PygButNxK5s.roa
File: l1NB1u-By_W9bAp0PygButNxK5s.roa (raw, json)
Hash identifier: zJz8sPO2qupuihmpxF7NR6MAZ3rkvlso2mgSeaSzpUw=
Subject key identifier: 97:53:41:D6:EF:81:CB:F5:BD:6C:0A:74:3F:28:01:BA:D3:71:2B:9B
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 018D6A3FB437FA0B68D4327E95EE2601AD35
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/l1NB1u-By_W9bAp0PygButNxK5s.roa
Signing time: Fri 02 Feb 2024 14:36:16 +0000
ROA not before: Fri 02 Feb 2024 14:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202520
IP address blocks: 83.168.68.0/23 maxlen: 24
83.168.105.0/24 maxlen: 24
83.168.106.0/24 maxlen: 24
83.168.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:3f:b4:37:fa:0b:68:d4:32:7e:95:ee:26:01:ad:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Feb 2 14:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=975341d6ef81cbf5bd6c0a743f2801bad3712b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:76:c5:e9:79:81:89:8d:be:00:41:32:7f:72:
c7:9b:30:e1:0e:c2:df:e2:c0:8f:ed:55:fa:30:40:
eb:2a:bc:a8:18:fd:99:fd:54:80:9a:9e:8f:19:6e:
ff:bb:64:d3:87:89:e0:c7:a2:76:09:1c:ee:b4:61:
dd:ca:69:00:70:dc:38:c7:71:cf:2f:36:20:36:50:
db:ef:69:42:78:20:3c:5a:10:71:1d:b1:e7:59:1e:
0d:d8:44:97:d3:3e:3c:bb:f2:9d:f4:ce:fe:31:83:
69:b8:e7:63:43:a9:af:41:8e:de:ed:ba:84:bf:42:
3a:c0:cd:cf:e3:09:b0:9b:a1:87:30:a6:98:30:22:
3f:2d:97:96:3c:88:4c:2f:28:c6:19:90:26:7f:27:
d4:d3:79:19:a5:df:4e:df:83:41:e2:ee:8d:34:1c:
d1:d4:2c:af:d5:f1:ed:f3:4c:93:81:ca:79:2c:29:
e3:44:2c:b5:83:23:c4:6b:0b:1c:51:85:34:8a:38:
27:69:e9:1e:73:43:90:06:3d:e4:77:b8:00:a7:23:
59:fc:d1:0e:42:ea:88:a5:d2:9c:5c:8e:c0:d1:f7:
db:ee:ac:a1:00:37:43:c7:68:db:d5:38:e8:0a:62:
64:ae:df:2c:a4:45:aa:2a:db:54:12:6a:6e:b2:e6:
95:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:53:41:D6:EF:81:CB:F5:BD:6C:0A:74:3F:28:01:BA:D3:71:2B:9B
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/l1NB1u-By_W9bAp0PygButNxK5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.68.0/23
83.168.105.0-83.168.107.255
Signature Algorithm: sha256WithRSAEncryption
06:35:8d:9f:8b:79:04:b6:ab:4e:8d:c8:c9:1e:0d:3c:24:8d:
33:e2:7e:7d:4f:3e:d2:4a:f2:b4:4e:85:3e:bf:9e:1f:13:81:
ac:01:38:fd:8e:f9:b0:e2:04:ce:0b:5c:f2:81:cc:99:39:ab:
8d:90:b7:65:8b:06:8a:c3:ba:fa:8f:4e:4e:60:bd:b2:97:9e:
91:61:1c:50:6b:15:d7:2c:09:97:c6:c9:da:b6:86:83:6d:85:
18:a2:75:a8:83:e9:df:fd:e8:63:09:1f:c8:70:42:7b:15:11:
f2:93:bc:ac:7a:2d:de:c5:15:9a:cb:61:c9:c6:5c:f0:35:22:
8f:22:6e:e8:44:35:f6:0d:2b:5f:0c:4f:48:bb:38:8b:52:5f:
19:48:5a:a1:ae:8e:82:6e:05:2c:db:7b:f8:90:f3:ac:8d:69:
37:5b:a2:59:9e:aa:7d:cf:da:10:e2:47:a3:7b:65:72:3e:c2:
bf:fd:56:3d:28:45:c0:56:21:7f:28:d7:0a:ce:0b:d4:ed:ce:
3e:9b:f3:4d:12:f5:98:03:86:06:46:c7:44:6b:b8:da:fe:b7:
6d:a0:82:7e:81:16:ca:a3:cf:42:26:23:ed:b1:34:39:50:c1:
02:2a:d4:3e:c5:0e:f2:89:78:c3:a6:53:7f:e2:74:6e:19:08:
57:5b:fc:e8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1qP7Q3+gto1DJ+le4mAa01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQwMjAyMTQzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzUzNDFkNmVmODFjYmY1YmQ2YzBhNzQzZjI4MDFiYWQzNzEyYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXbF6XmBiY2+AEEyf3LHmzDhDsLf
4sCP7VX6MEDrKryoGP2Z/VSAmp6PGW7/u2TTh4ngx6J2CRzutGHdymkAcNw4x3HP
LzYgNlDb72lCeCA8WhBxHbHnWR4N2ESX0z48u/Kd9M7+MYNpuOdjQ6mvQY7e7bqE
v0I6wM3P4wmwm6GHMKaYMCI/LZeWPIhMLyjGGZAmfyfU03kZpd9O34NB4u6NNBzR
1Cyv1fHt80yTgcp5LCnjRCy1gyPEawscUYU0ijgnaekec0OQBj3kd7gApyNZ/NEO
QuqIpdKcXI7A0ffb7qyhADdDx2jb1TjoCmJkrt8spEWqKttUEmpusuaVTwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJdTQdbvgcv1vWwKdD8oAbrTcSubMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvbDFOQjF1LUJ5X1c5YkFwMFB5Z0J1dE54SzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBU6hEMAwD
BABTqGkDBAJTqGgwDQYJKoZIhvcNAQELBQADggEBAAY1jZ+LeQS2q06NyMkeDTwk
jTPifn1PPtJK8rROhT6/nh8TgawBOP2O+bDiBM4LXPKBzJk5q42Qt2WLBorDuvqP
Tk5gvbKXnpFhHFBrFdcsCZfGydq2hoNthRiidaiD6d/96GMJH8hwQnsVEfKTvKx6
Ld7FFZrLYcnGXPA1Io8ibuhENfYNK18MT0i7OItSXxlIWqGujoJuBSzbe/iQ86yN
aTdbolmeqn3P2hDiR6N7ZXI+wr/9Vj0oRcBWIX8o1wrOC9Ttzj6b800S9ZgDhgZG
x0RruNr+t22ggn6BFsqjz0ImI+2xNDlQwQIq1D7FDvKJeMOmU3/idG4ZCFdb/Og=
-----END CERTIFICATE-----
Generated at Wed Jun 26 14:06:00 2024 by rpki-client on console-fra.rpki-client.org