Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/0aD7ArBrDYdAtQRayjUX6fl4_JE.roa
File: 0aD7ArBrDYdAtQRayjUX6fl4_JE.roa (raw, json)
Hash identifier: t3b7BFm2fbyeOuJvxKoqjZzcgaVzdel6HCe42y5lHTI=
Subject key identifier: D1:A0:FB:02:B0:6B:0D:87:40:B5:04:5A:CA:35:17:E9:F9:78:FC:91
Certificate issuer: /CN=6f57eb49196dd2e0606d5977c2b74b101b79bc0b
Certificate serial: 018CC8010A852888533676AF73695183EB8A
Authority key identifier: 6F:57:EB:49:19:6D:D2:E0:60:6D:59:77:C2:B7:4B:10:1B:79:BC:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/0aD7ArBrDYdAtQRayjUX6fl4_JE.roa
Signing time: Tue 02 Jan 2024 02:29:20 +0000
ROA not before: Tue 02 Jan 2024 02:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201967
IP address blocks: 193.104.143.0/24 maxlen: 24
2a0c:2380::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0a:85:28:88:53:36:76:af:73:69:51:83:eb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f57eb49196dd2e0606d5977c2b74b101b79bc0b
Validity
Not Before: Jan 2 02:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a0fb02b06b0d8740b5045aca3517e9f978fc91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:26:ec:f6:dd:3d:52:3e:15:14:f3:c0:01:64:
2c:2e:67:a8:ad:97:9b:2d:d8:e6:9f:a7:e3:69:25:
0e:86:c7:45:a2:8e:ee:0b:4d:e3:f1:d8:84:4f:0b:
b3:3a:9c:27:b3:5e:d4:58:fd:c5:7c:43:52:e3:8b:
1a:77:75:63:9d:ce:f8:14:09:3e:01:09:d1:7f:c1:
a0:53:03:10:16:8a:a1:70:27:00:4a:9c:a2:a9:17:
d7:8f:f0:d1:a7:bf:aa:69:dd:6b:ec:6b:17:97:f3:
cd:aa:dd:68:eb:02:ae:c2:4f:bd:1b:b7:d6:23:5a:
d4:dc:04:e4:7d:8d:d0:c2:be:c6:62:39:f4:36:34:
84:8e:4b:74:ba:c9:47:23:93:b4:7c:bd:f1:f2:c4:
4f:90:08:08:55:3a:a2:4f:44:08:d4:e6:f3:94:91:
3a:5d:f5:10:00:43:6d:27:2f:d6:1a:c8:60:3a:da:
86:80:68:a2:29:aa:a5:cc:6f:af:87:d5:08:1e:72:
36:10:8c:3d:a3:7f:e9:ce:1b:92:6c:5a:3c:7d:e1:
e2:77:6d:12:e5:7e:f5:4f:30:91:43:6b:84:7f:02:
a3:81:1f:6d:8b:d0:a0:c1:8f:aa:fa:e0:94:af:97:
eb:d6:5e:ae:23:11:8f:b4:f5:b5:6f:d2:16:a3:68:
58:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A0:FB:02:B0:6B:0D:87:40:B5:04:5A:CA:35:17:E9:F9:78:FC:91
X509v3 Authority Key Identifier:
keyid:6F:57:EB:49:19:6D:D2:E0:60:6D:59:77:C2:B7:4B:10:1B:79:BC:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/0aD7ArBrDYdAtQRayjUX6fl4_JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.143.0/24
IPv6:
2a0c:2380::/29
Signature Algorithm: sha256WithRSAEncryption
a7:4d:7f:ba:83:77:fb:7f:61:7f:9c:80:5c:bc:89:a1:19:e9:
50:ff:dc:e4:ae:bf:23:d0:38:36:59:52:10:52:cd:9d:02:9a:
54:2c:3a:99:be:38:df:42:80:44:af:c5:cc:95:b0:ae:ba:84:
e5:ab:f8:a8:5a:6d:5d:a7:46:a8:48:d7:6e:35:2c:25:bb:a5:
96:c6:60:21:ce:b5:7e:04:4c:fa:64:c2:1c:ae:2e:6e:f1:c5:
a8:29:49:45:1f:44:b9:a1:a4:4e:9d:25:11:d6:c6:8a:01:c4:
05:5c:64:68:bb:08:97:a3:23:c0:95:dd:06:42:f8:b7:9e:c4:
58:ec:cb:a8:ae:43:c3:86:30:87:63:ee:e7:38:ac:cb:b9:c6:
e1:90:3a:38:76:34:0f:b4:b1:27:bc:1f:bb:6d:75:1d:f9:6c:
17:41:fe:62:28:0b:92:82:f0:83:12:cb:ec:4e:58:66:66:9b:
e2:a5:23:70:e4:e2:c4:3a:44:e7:3f:78:b5:9d:d6:23:05:5b:
07:7b:13:9f:81:d2:36:56:31:c3:1a:8a:a1:06:c7:13:93:3b:
ad:13:0b:d3:8d:e1:f1:00:ca:1e:ab:d4:8c:92:32:7e:a0:a9:
88:ea:d1:03:96:f0:34:b5:28:08:bd:a2:c7:3c:73:84:a1:fa:
ef:d8:c5:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAQqFKIhTNnavc2lRg+uKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNTdlYjQ5MTk2ZGQyZTA2MDZkNTk3N2MyYjc0YjEwMWI3
OWJjMGIwHhcNMjQwMTAyMDIyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEwZmIwMmIwNmIwZDg3NDBiNTA0NWFjYTM1MTdlOWY5NzhmYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCbs9t09Uj4VFPPAAWQsLmeorZeb
Ldjmn6fjaSUOhsdFoo7uC03j8diETwuzOpwns17UWP3FfENS44sad3Vjnc74FAk+
AQnRf8GgUwMQFoqhcCcASpyiqRfXj/DRp7+qad1r7GsXl/PNqt1o6wKuwk+9G7fW
I1rU3ATkfY3Qwr7GYjn0NjSEjkt0uslHI5O0fL3x8sRPkAgIVTqiT0QI1ObzlJE6
XfUQAENtJy/WGshgOtqGgGiiKaqlzG+vh9UIHnI2EIw9o3/pzhuSbFo8feHid20S
5X71TzCRQ2uEfwKjgR9ti9CgwY+q+uCUr5fr1l6uIxGPtPW1b9IWo2hYGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNGg+wKwaw2HQLUEWso1F+n5ePyRMB8GA1UdIwQY
MBaAFG9X60kZbdLgYG1Zd8K3SxAbebwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjFmclNSbHQwdUJnYlZsM3dyZExFQnQ1dkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jN2JmNGEtZGE5Ny00YjViLTg3MTkt
MzdiM2UyNDRjMDYzLzEvMGFEN0FyQnJEWWRBdFFSYXlqVVg2Zmw0X0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jN2JmNGEtZGE5Ny00YjViLTg3MTktMzdiM2UyNDRjMDYz
LzEvYjFmclNSbHQwdUJnYlZsM3dyZExFQnQ1dkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWiPMA0E
AgACMAcDBQMqDCOAMA0GCSqGSIb3DQEBCwUAA4IBAQCnTX+6g3f7f2F/nIBcvImh
GelQ/9zkrr8j0Dg2WVIQUs2dAppULDqZvjjfQoBEr8XMlbCuuoTlq/ioWm1dp0ao
SNduNSwlu6WWxmAhzrV+BEz6ZMIcri5u8cWoKUlFH0S5oaROnSUR1saKAcQFXGRo
uwiXoyPAld0GQvi3nsRY7MuorkPDhjCHY+7nOKzLucbhkDo4djQPtLEnvB+7bXUd
+WwXQf5iKAuSgvCDEsvsTlhmZpvipSNw5OLEOkTnP3i1ndYjBVsHexOfgdI2VjHD
GoqhBscTkzutEwvTjeHxAMoeq9SMkjJ+oKmI6tEDlvA0tSgIvaLHPHOEofrv2MXT
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:56 2024 by rpki-client on console-fra.rpki-client.org