Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/9Q7DqyjLx_e1_5Esw971SdAgQX4.roa
File: 9Q7DqyjLx_e1_5Esw971SdAgQX4.roa (raw, json)
Hash identifier: E8XHZhI5pem6EtUIkbpzb7ns+Oqax7Z/8wIv2pzF6Wc=
Subject key identifier: F5:0E:C3:AB:28:CB:C7:F7:B5:FF:91:2C:C3:DE:F5:49:D0:20:41:7E
Certificate issuer: /CN=9c721ac807a326f871bbaa184963cd602b5cc2d6
Certificate serial: 018CC802E97BA7A124BAA68CDB4C596FEB0D
Authority key identifier: 9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/9Q7DqyjLx_e1_5Esw971SdAgQX4.roa
Signing time: Tue 02 Jan 2024 02:31:23 +0000
ROA not before: Tue 02 Jan 2024 02:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50877
IP address blocks: 159.255.128.0/21 maxlen: 21
185.182.208.0/22 maxlen: 22
2a0a:f980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:e9:7b:a7:a1:24:ba:a6:8c:db:4c:59:6f:eb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c721ac807a326f871bbaa184963cd602b5cc2d6
Validity
Not Before: Jan 2 02:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f50ec3ab28cbc7f7b5ff912cc3def549d020417e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9c:c1:20:9a:d8:1e:8d:bf:c6:af:5f:f9:d2:
10:59:80:55:ac:aa:21:eb:19:80:37:ae:ec:be:04:
3d:ee:14:08:d4:c5:ac:59:c1:9f:14:b8:89:f0:c9:
fc:91:f5:dd:8a:5f:46:45:dd:76:e6:63:b6:94:5c:
14:d2:6a:6d:9d:f9:35:8c:30:46:14:41:28:50:55:
96:68:23:47:59:1f:da:0b:c9:45:0b:6f:ae:b2:b6:
d3:4a:3a:4d:19:5f:96:84:68:4a:55:52:3a:7a:6a:
26:ec:81:35:c8:86:cd:14:26:b6:03:bb:31:79:10:
fa:d7:7c:35:16:02:32:12:1e:7b:50:6b:8c:ac:42:
f1:bc:f9:86:c4:9f:25:27:be:94:49:b0:57:f8:e8:
48:05:a4:3e:68:d7:9d:5f:b8:61:80:66:55:11:c9:
36:30:57:d9:ae:19:9a:1f:64:65:07:ce:30:c5:b5:
5a:7a:fe:aa:f9:98:9a:0f:19:74:b0:fc:0a:be:e4:
d2:04:c7:82:53:0f:61:88:b6:4e:c1:2c:22:e6:7c:
39:94:3f:11:0e:4e:16:41:ae:95:92:9f:b3:8e:e7:
56:65:8e:a9:24:5d:2b:2c:62:4b:e0:26:3c:86:58:
4b:a7:57:25:f3:78:fb:10:6c:bb:40:30:13:4d:a7:
df:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0E:C3:AB:28:CB:C7:F7:B5:FF:91:2C:C3:DE:F5:49:D0:20:41:7E
X509v3 Authority Key Identifier:
keyid:9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/9Q7DqyjLx_e1_5Esw971SdAgQX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.128.0/21
185.182.208.0/22
IPv6:
2a0a:f980::/29
Signature Algorithm: sha256WithRSAEncryption
42:91:ae:d3:fd:43:bb:5f:a0:57:94:33:96:84:02:5b:bd:31:
26:4d:05:42:06:d0:05:e3:7e:53:97:9d:b2:c3:b1:4d:24:e0:
5a:da:5b:b6:c2:56:de:5b:c4:d0:41:c7:65:51:27:9f:22:c1:
ba:5f:aa:96:8d:1e:9f:f2:de:9a:54:65:e7:08:b0:2c:dd:5a:
a8:ed:a7:4c:b9:4b:39:55:c1:10:f7:93:6e:9c:f8:4a:bd:28:
c7:40:8d:7b:53:31:69:89:e2:07:cb:59:cd:57:97:1c:29:9c:
50:d5:bb:1e:83:14:01:03:dc:d7:a8:4d:a5:34:d7:e0:43:a1:
76:66:af:c0:e5:05:fb:31:79:05:11:e1:77:ae:25:5f:65:04:
cc:78:96:31:83:a4:cd:d3:ce:7c:70:4e:94:f1:d2:a1:29:61:
cd:c5:30:a6:71:e8:e8:71:3c:fe:67:c6:f6:fd:44:64:dd:6d:
49:56:52:66:eb:dd:f9:1f:6e:71:99:5d:aa:82:2c:ff:ea:a6:
69:a7:16:ee:01:60:8e:40:22:56:63:df:92:3d:1f:cc:2b:df:
8c:c4:19:80:bb:a1:34:fe:9a:9f:dc:44:cc:7f:b2:4a:80:6e:
b3:fe:c5:77:22:da:bb:a4:a9:47:4b:39:3f:18:b7:0e:de:32:
92:30:97:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAul7p6EkuqaM20xZb+sNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzIxYWM4MDdhMzI2Zjg3MWJiYWExODQ5NjNjZDYwMmI1
Y2MyZDYwHhcNMjQwMTAyMDIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTBlYzNhYjI4Y2JjN2Y3YjVmZjkxMmNjM2RlZjU0OWQwMjA0MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpzBIJrYHo2/xq9f+dIQWYBVrKoh
6xmAN67svgQ97hQI1MWsWcGfFLiJ8Mn8kfXdil9GRd125mO2lFwU0mptnfk1jDBG
FEEoUFWWaCNHWR/aC8lFC2+usrbTSjpNGV+WhGhKVVI6emom7IE1yIbNFCa2A7sx
eRD613w1FgIyEh57UGuMrELxvPmGxJ8lJ76USbBX+OhIBaQ+aNedX7hhgGZVEck2
MFfZrhmaH2RlB84wxbVaev6q+ZiaDxl0sPwKvuTSBMeCUw9hiLZOwSwi5nw5lD8R
Dk4WQa6Vkp+zjudWZY6pJF0rLGJL4CY8hlhLp1cl83j7EGy7QDATTaff7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPUOw6soy8f3tf+RLMPe9UnQIEF+MB8GA1UdIwQY
MBaAFJxyGsgHoyb4cbuqGEljzWArXMLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhJYXlBZWpKdmh4dTZvWVNXUE5ZQ3Rjd3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NjQyNjAtOGQ3ZS00NTA3LWI0NGIt
Mjg2NDcwN2IyYjNmLzEvOVE3RHF5akx4X2UxXzVFc3c5NzFTZEFnUVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NjQyNjAtOGQ3ZS00NTA3LWI0NGItMjg2NDcwN2IyYjNm
LzEvbkhJYXlBZWpKdmh4dTZvWVNXUE5ZQ3Rjd3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDn/+AAwQC
ubbQMA0EAgACMAcDBQMqCvmAMA0GCSqGSIb3DQEBCwUAA4IBAQBCka7T/UO7X6BX
lDOWhAJbvTEmTQVCBtAF435Tl52yw7FNJOBa2lu2wlbeW8TQQcdlUSefIsG6X6qW
jR6f8t6aVGXnCLAs3Vqo7adMuUs5VcEQ95NunPhKvSjHQI17UzFpieIHy1nNV5cc
KZxQ1bsegxQBA9zXqE2lNNfgQ6F2Zq/A5QX7MXkFEeF3riVfZQTMeJYxg6TN0858
cE6U8dKhKWHNxTCmcejocTz+Z8b2/URk3W1JVlJm6935H25xmV2qgiz/6qZppxbu
AWCOQCJWY9+SPR/MK9+MxBmAu6E0/pqf3ETMf7JKgG6z/sV3Itq7pKlHSzk/GLcO
3jKSMJeh
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:27:27 2024 by rpki-client on console-ams.rpki-client.org