Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/bOoREXtlYnAg7vW6xIiKS8u7daE.roa
File: bOoREXtlYnAg7vW6xIiKS8u7daE.roa (raw, json)
Hash identifier: 7hzzHPRY2rsrpgV5JVxCI6fvofkxsaLgHVcg8lMTGps=
Subject key identifier: 6C:EA:11:11:7B:65:62:70:20:EE:F5:BA:C4:88:8A:4B:CB:BB:75:A1
Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Certificate serial: 018DD09B80B484FEA65F989437DFF318BF45
Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/bOoREXtlYnAg7vW6xIiKS8u7daE.roa
Signing time: Thu 22 Feb 2024 11:37:48 +0000
ROA not before: Thu 22 Feb 2024 11:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61154
IP address blocks: 91.238.142.0/23 maxlen: 23
193.9.127.0/24 maxlen: 24
195.78.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:9b:80:b4:84:fe:a6:5f:98:94:37:df:f3:18:bf:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Validity
Not Before: Feb 22 11:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cea11117b65627020eef5bac4888a4bcbbb75a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:c0:10:9a:fc:57:9f:0a:25:3d:69:34:7e:
5d:45:d0:4a:cb:56:28:89:9a:d3:7f:2c:22:1d:fa:
2a:dc:4c:8d:22:7a:92:7f:95:a5:f8:1a:97:9c:53:
4f:a9:d1:12:3f:d2:72:2c:9f:f9:e1:79:ce:f0:9a:
1e:d9:27:26:5a:7a:9c:6a:19:6d:1b:67:3a:e2:55:
10:f2:ca:bc:c1:f1:ea:f4:db:6b:19:56:95:ea:d7:
00:7b:75:92:75:71:7e:79:8d:2f:ce:59:7c:96:23:
c8:24:d7:54:0f:af:e5:15:f5:ed:7b:6b:ca:5c:f8:
b7:a1:97:26:6e:e6:27:c6:99:e2:55:d8:b7:b3:de:
43:b6:b5:a9:6d:37:93:c5:96:36:35:a7:95:2f:ff:
69:51:c2:ec:84:da:cc:94:32:88:cc:b4:ff:bc:82:
4e:cf:6d:6e:3e:83:65:4f:86:33:f4:79:23:14:a0:
f8:92:2e:79:7b:db:6e:03:ac:a2:10:b0:21:d0:da:
fc:fd:3d:8e:c8:18:bc:58:7d:da:ef:54:af:b2:75:
12:b9:24:ce:e1:06:d7:5c:f3:c9:39:1a:ea:29:4f:
44:64:56:70:85:be:8b:2a:18:ff:fa:6d:3c:00:ce:
cf:49:2b:60:26:01:58:ea:43:29:74:61:4e:2c:d7:
a6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EA:11:11:7B:65:62:70:20:EE:F5:BA:C4:88:8A:4B:CB:BB:75:A1
X509v3 Authority Key Identifier:
keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/bOoREXtlYnAg7vW6xIiKS8u7daE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.142.0/23
193.9.127.0/24
195.78.236.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:5e:36:48:56:2e:b8:30:34:54:10:a7:23:a7:ee:27:f3:65:
9f:c5:4e:e5:e6:5e:37:9e:11:cf:3c:e9:d4:bc:67:c2:2a:e6:
61:12:b5:49:e8:48:7a:b8:0b:68:10:4b:53:ef:42:e1:90:5c:
9e:b8:f7:ca:b7:c1:88:02:41:56:ce:4c:e8:ed:23:49:6a:60:
aa:93:74:c9:91:a1:36:10:68:66:92:fe:5f:b8:c2:38:0c:c4:
bd:e6:8f:6d:2c:81:75:36:b4:39:bb:7c:f4:bd:ff:ea:17:6c:
da:e5:12:5e:e4:24:1e:c3:b1:8a:98:5e:bf:03:cd:1f:68:66:
ae:23:50:92:7b:34:cc:48:14:9f:28:90:1c:05:bb:71:e9:03:
5f:60:43:de:46:31:01:2c:a3:8a:db:f1:18:ab:5e:31:1d:2b:
b2:42:e7:9a:5a:8a:ba:49:ca:e5:4b:07:85:8c:ed:44:57:5e:
0f:8f:61:b8:2d:60:d6:18:c2:2c:f9:07:e7:3b:6e:b4:bb:2f:
00:5d:16:35:21:0c:38:ad:c0:d1:63:23:13:bd:b5:45:36:f0:
a6:52:f2:e7:79:ac:31:05:67:a8:75:f4:9d:58:61:43:d0:0f:
8a:5c:98:60:19:15:52:67:3d:50:e7:ca:00:ae:bd:c8:5c:80:
21:88:54:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3Qm4C0hP6mX5iUN9/zGL9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1
M2FlNjcwHhcNMjQwMjIyMTEzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VhMTExMTdiNjU2MjcwMjBlZWY1YmFjNDg4OGE0YmNiYmI3NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2HAEJr8V58KJT1pNH5dRdBKy1Yo
iZrTfywiHfoq3EyNInqSf5Wl+BqXnFNPqdESP9JyLJ/54XnO8Joe2ScmWnqcahlt
G2c64lUQ8sq8wfHq9NtrGVaV6tcAe3WSdXF+eY0vzll8liPIJNdUD6/lFfXte2vK
XPi3oZcmbuYnxpniVdi3s95DtrWpbTeTxZY2NaeVL/9pUcLshNrMlDKIzLT/vIJO
z21uPoNlT4Yz9HkjFKD4ki55e9tuA6yiELAh0Nr8/T2OyBi8WH3a71SvsnUSuSTO
4QbXXPPJORrqKU9EZFZwhb6LKhj/+m08AM7PSStgJgFY6kMpdGFOLNemvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGzqERF7ZWJwIO71usSIikvLu3WhMB8GA1UdIwQY
MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt
NjVhNWVmMGFmMGI0LzEvYk9vUkVYdGxZbkFnN3ZXNnhJaUtTOHU3ZGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0
LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+6OAwQA
wQl/AwQCw07sMA0GCSqGSIb3DQEBCwUAA4IBAQAvXjZIVi64MDRUEKcjp+4n82Wf
xU7l5l43nhHPPOnUvGfCKuZhErVJ6Eh6uAtoEEtT70LhkFyeuPfKt8GIAkFWzkzo
7SNJamCqk3TJkaE2EGhmkv5fuMI4DMS95o9tLIF1NrQ5u3z0vf/qF2za5RJe5CQe
w7GKmF6/A80faGauI1CSezTMSBSfKJAcBbtx6QNfYEPeRjEBLKOK2/EYq14xHSuy
QueaWoq6ScrlSweFjO1EV14Pj2G4LWDWGMIs+QfnO260uy8AXRY1IQw4rcDRYyMT
vbVFNvCmUvLneawxBWeodfSdWGFD0A+KXJhgGRVSZz1Q58oArr3IXIAhiFRz
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:44:02 2024 by rpki-client on console-ams.rpki-client.org