Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/1_y_wMU78AsKQK5d1tU5tgHCpfw.roa
File: 1_y_wMU78AsKQK5d1tU5tgHCpfw.roa (raw, json)
Hash identifier: JsNQ9yNe7/z+Hay6kycaou0loddBEIlkuOcHmL6Kv7U=
Subject key identifier: D7:FC:BF:C0:C5:3B:F0:0B:0A:40:AE:5D:D6:D5:39:B6:01:C2:A5:FC
Certificate issuer: /CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Certificate serial: 018CC56E1A4335B98561E0AE6ECD0DD0BA15
Authority key identifier: 7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/1_y_wMU78AsKQK5d1tU5tgHCpfw.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10474
IP address blocks: 176.67.176.0/21 maxlen: 24
185.39.236.0/22 maxlen: 24
2a01:5380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/fTXAsgkTXCLMgAWnwuIixjwTbLA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/fTXAsgkTXCLMgAWnwuIixjwTbLA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1a:43:35:b9:85:61:e0:ae:6e:cd:0d:d0:ba:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7fcbfc0c53bf00b0a40ae5dd6d539b601c2a5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:ca:07:90:c2:08:e5:85:0c:04:81:ea:c6:
1f:29:5f:a3:fd:e2:bb:76:6c:42:7c:d1:ba:48:21:
62:44:d5:f1:82:ac:0b:9b:18:9f:82:18:bf:ef:8c:
2d:6f:57:55:7c:c3:63:e1:1c:6e:bd:71:2f:dc:44:
5f:a1:a1:fb:0e:f2:d4:d6:97:cc:6f:5d:02:48:e0:
15:d1:b2:58:a3:85:aa:52:a6:76:e7:b5:b7:6a:24:
6c:bc:8e:0b:f3:64:c0:7e:fc:98:63:03:48:0d:65:
4f:0b:cd:cd:27:20:76:67:54:31:cc:c9:80:0f:25:
34:40:2c:df:6e:21:82:fe:69:70:f7:a5:8a:79:9e:
c6:1e:7d:64:bb:57:c6:4b:9c:7c:ca:7f:53:43:89:
af:e5:e6:7c:fc:bb:1f:29:7e:aa:74:7b:26:85:7b:
d0:11:ca:f7:43:6b:9a:72:aa:fa:91:82:0d:fa:ab:
87:63:18:42:d9:a0:01:44:ce:f3:d6:34:19:0e:0c:
31:d8:7c:c9:7e:42:29:64:7a:95:81:db:ff:33:4f:
cb:70:5c:1c:be:b3:76:02:c8:7e:f7:e2:10:09:5b:
6f:58:ec:27:cd:50:e9:a6:d7:01:1c:b1:6e:91:cf:
1f:50:3a:92:7d:32:04:bd:66:03:ad:98:f6:41:ee:
29:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FC:BF:C0:C5:3B:F0:0B:0A:40:AE:5D:D6:D5:39:B6:01:C2:A5:FC
X509v3 Authority Key Identifier:
keyid:7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/1_y_wMU78AsKQK5d1tU5tgHCpfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/fTXAsgkTXCLMgAWnwuIixjwTbLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.176.0/21
185.39.236.0/22
IPv6:
2a01:5380::/32
Signature Algorithm: sha256WithRSAEncryption
11:46:8b:c6:44:de:f1:ca:7c:de:df:cf:d3:1c:34:30:ae:c6:
c1:04:b9:8c:d0:51:b4:a5:fd:2f:ad:f9:fb:ab:21:95:5d:ce:
d0:86:63:dd:b7:91:bb:3e:91:c2:bd:82:3b:02:9c:5a:55:5d:
58:a2:65:ae:1d:23:12:37:29:d2:ad:19:b1:0f:16:3a:7b:3c:
43:39:fe:96:d0:e3:b4:40:1a:e7:50:6e:a7:54:32:de:b2:b2:
88:10:95:dc:20:f2:66:14:af:e6:18:e2:53:0c:bf:93:e6:29:
95:77:69:b4:63:75:67:66:cc:86:ef:46:5f:69:2e:ba:52:23:
ba:b7:08:51:2b:ed:5f:a2:30:fe:60:5c:3e:d4:38:1b:ad:b5:
35:ae:1e:bf:e6:a8:59:b0:ed:83:12:14:47:86:8b:6b:67:b3:
b1:c1:c9:ab:ab:fc:47:63:df:33:26:94:81:ca:c3:24:e4:41:
a2:e7:4b:13:1d:3b:38:da:62:cf:0e:88:ef:bd:a2:58:4d:a3:
c2:3b:92:d8:1a:d4:b6:1e:e7:22:9e:14:24:d1:85:2c:bd:a0:
43:bd:e5:23:f8:c5:85:ee:b8:59:35:ce:88:f4:24:95:98:0c:
b5:bc:1d:dd:fe:b3:a5:43:da:bd:da:2f:a7:80:d2:08:e5:a0:
20:86:68:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbhpDNbmFYeCubs0N0LoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMzVjMGIyMDkxMzVjMjJjYzgwMDVhN2MyZTIyMmM2M2Mx
MzZjYjAwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZjYmZjMGM1M2JmMDBiMGE0MGFlNWRkNmQ1MzliNjAxYzJhNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslzKB5DCCOWFDASB6sYfKV+j/eK7
dmxCfNG6SCFiRNXxgqwLmxifghi/74wtb1dVfMNj4RxuvXEv3ERfoaH7DvLU1pfM
b10CSOAV0bJYo4WqUqZ257W3aiRsvI4L82TAfvyYYwNIDWVPC83NJyB2Z1QxzMmA
DyU0QCzfbiGC/mlw96WKeZ7GHn1ku1fGS5x8yn9TQ4mv5eZ8/LsfKX6qdHsmhXvQ
Ecr3Q2uacqr6kYIN+quHYxhC2aABRM7z1jQZDgwx2HzJfkIpZHqVgdv/M0/LcFwc
vrN2Ash+9+IQCVtvWOwnzVDpptcBHLFukc8fUDqSfTIEvWYDrZj2Qe4pWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNf8v8DFO/ALCkCuXdbVObYBwqX8MB8GA1UdIwQY
MBaAFH01wLIJE1wizIAFp8LiIsY8E2ywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjIt
ODI1N2Q1MTkyOGE5LzEvMV95X3dNVTc4QXNLUUs1ZDF0VTV0Z0hDcGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjItODI1N2Q1MTkyOGE5
LzEvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsEOwAwQC
uSfsMA0EAgACMAcDBQAqAVOAMA0GCSqGSIb3DQEBCwUAA4IBAQARRovGRN7xynze
38/THDQwrsbBBLmM0FG0pf0vrfn7qyGVXc7QhmPdt5G7PpHCvYI7ApxaVV1YomWu
HSMSNynSrRmxDxY6ezxDOf6W0OO0QBrnUG6nVDLesrKIEJXcIPJmFK/mGOJTDL+T
5imVd2m0Y3VnZsyG70ZfaS66UiO6twhRK+1fojD+YFw+1DgbrbU1rh6/5qhZsO2D
EhRHhotrZ7Oxwcmrq/xHY98zJpSBysMk5EGi50sTHTs42mLPDojvvaJYTaPCO5LY
GtS2HucinhQk0YUsvaBDveUj+MWF7rhZNc6I9CSVmAy1vB3d/rOlQ9q92i+ngNII
5aAghmhM
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:25 2024 by rpki-client on console-fra.rpki-client.org