Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/bH7QHxgfVXkNYynYRNLGBW8UKvI.roa
File: bH7QHxgfVXkNYynYRNLGBW8UKvI.roa (raw, json)
Hash identifier: 7H8dqxwHsMwSAZchyvStlp+rBxKaSWauK6KVj//4Geg=
Subject key identifier: 6C:7E:D0:1F:18:1F:55:79:0D:63:29:D8:44:D2:C6:05:6F:14:2A:F2
Certificate issuer: /CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Certificate serial: 018CC42474C2DFDC53563C91ACE77C5B7EB5
Authority key identifier: 1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/bH7QHxgfVXkNYynYRNLGBW8UKvI.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 378
IP address blocks: 132.66.0.0/16 maxlen: 16
132.66.0.0/15 maxlen: 15
132.67.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:74:c2:df:dc:53:56:3c:91:ac:e7:7c:5b:7e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c7ed01f181f55790d6329d844d2c6056f142af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b0:4d:0b:b5:e2:a9:ee:70:88:72:11:79:fa:
69:d3:67:b1:53:4e:a1:29:ee:14:a6:79:6b:87:f5:
e5:0b:0e:ab:db:ef:4a:9c:fa:49:bb:03:a3:f9:37:
6a:0d:4b:1e:6a:97:04:eb:c3:e0:2a:89:9b:c8:61:
38:a1:63:fd:92:49:a5:00:78:7f:15:20:0c:61:e1:
05:88:31:27:df:dd:0a:ac:c2:3d:05:9a:59:96:01:
83:37:a3:4f:41:7d:b0:cd:6a:e1:91:25:bf:d1:9c:
04:e4:f6:dc:a2:50:f6:3e:cc:ef:8b:18:c4:25:25:
8c:5e:0b:2c:10:91:55:66:57:b8:85:0d:f8:11:ab:
0e:30:16:2d:a2:6c:d4:61:67:15:03:04:27:68:54:
48:3f:34:f9:4f:79:7e:3b:1e:89:86:a8:6f:b9:fa:
22:f9:b1:97:21:bd:45:f3:e5:0d:77:b8:2c:94:52:
13:9c:bd:dd:4d:13:25:96:a4:fd:df:5a:01:28:e4:
0f:fa:d4:14:ac:ec:3f:98:10:c7:e7:df:72:13:7d:
8d:b7:a0:bd:42:be:79:a1:89:11:18:42:20:f5:2c:
2f:be:d1:c9:9a:06:89:24:bb:42:9e:48:66:ee:e6:
74:82:1c:13:c0:76:7d:0c:8c:64:75:14:82:6c:ee:
61:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7E:D0:1F:18:1F:55:79:0D:63:29:D8:44:D2:C6:05:6F:14:2A:F2
X509v3 Authority Key Identifier:
keyid:1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/bH7QHxgfVXkNYynYRNLGBW8UKvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.66.0.0/15
Signature Algorithm: sha256WithRSAEncryption
19:b9:22:7e:56:8a:22:ed:a0:86:63:e6:99:5e:07:24:20:d8:
90:c2:3f:50:3c:81:03:9a:bb:e1:d0:08:5f:09:c5:57:3e:89:
c4:d5:dc:16:e0:f3:ab:81:1a:83:f5:5c:38:9d:ee:98:02:3b:
18:44:33:e9:ff:02:da:79:71:a9:48:80:3b:ed:c3:47:c9:8d:
45:01:6d:1c:bf:c3:00:25:1b:c4:e7:81:97:59:f2:a2:10:3a:
47:4e:57:14:32:ee:a5:4e:5c:21:d6:b5:0b:9d:bf:1c:c7:86:
be:59:cb:8b:50:96:8d:bd:f7:06:bd:f9:10:c7:a4:01:ab:31:
28:b0:c9:d1:8f:ca:d4:6d:27:fa:1e:5c:df:46:02:84:09:e9:
aa:1e:00:f0:9f:f7:ae:10:c5:27:05:ff:60:4c:ab:7b:74:d1:
c3:90:5f:9c:d4:b8:c8:99:04:66:1b:e1:87:fe:32:17:89:66:
18:df:f9:90:6a:84:57:6c:50:84:19:94:6f:05:b1:a7:bb:b6:
fc:e0:1b:57:b1:cb:9a:53:07:d6:ee:d8:13:53:77:f5:70:0e:
78:aa:41:04:86:54:97:96:e8:27:36:8b:63:98:04:d2:a7:67:
40:a1:6d:a1:a9:77:5a:97:a0:b3:08:33:3b:d6:79:52:ac:d4:
9b:44:3e:d5
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzEJHTC39xTVjyRrOd8W361MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMmNkY2I5Yzc2ZjVlMGNlMGMzODVkN2UwZWYxNTU3MmQx
NWE1NGMwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdlZDAxZjE4MWY1NTc5MGQ2MzI5ZDg0NGQyYzYwNTZmMTQyYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7BNC7Xiqe5wiHIRefpp02exU06h
Ke4Upnlrh/XlCw6r2+9KnPpJuwOj+TdqDUseapcE68PgKombyGE4oWP9kkmlAHh/
FSAMYeEFiDEn390KrMI9BZpZlgGDN6NPQX2wzWrhkSW/0ZwE5PbcolD2PszvixjE
JSWMXgssEJFVZle4hQ34EasOMBYtomzUYWcVAwQnaFRIPzT5T3l+Ox6Jhqhvufoi
+bGXIb1F8+UNd7gslFITnL3dTRMllqT931oBKOQP+tQUrOw/mBDH599yE32Nt6C9
Qr55oYkRGEIg9SwvvtHJmgaJJLtCnkhm7uZ0ghwTwHZ9DIxkdRSCbO5hxwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGx+0B8YH1V5DWMp2ETSxgVvFCryMB8GA1UdIwQY
MBaAFB0s3LnHb14M4MOF1+DvFVctFaVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUt
NzYwZTRlZTRjNmIyLzEvYkg3UUh4Z2ZWWGtOWXluWVJOTEdCVzhVS3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUtNzYwZTRlZTRjNmIy
LzEvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEIwDQYJ
KoZIhvcNAQELBQADggEBABm5In5WiiLtoIZj5pleByQg2JDCP1A8gQOau+HQCF8J
xVc+icTV3Bbg86uBGoP1XDid7pgCOxhEM+n/Atp5calIgDvtw0fJjUUBbRy/wwAl
G8TngZdZ8qIQOkdOVxQy7qVOXCHWtQudvxzHhr5Zy4tQlo299wa9+RDHpAGrMSiw
ydGPytRtJ/oeXN9GAoQJ6aoeAPCf964QxScF/2BMq3t00cOQX5zUuMiZBGYb4Yf+
MheJZhjf+ZBqhFdsUIQZlG8Fsae7tvzgG1exy5pTB9bu2BNTd/VwDniqQQSGVJeW
6Cc2i2OYBNKnZ0ChbaGpd1qXoLMIMzvWeVKs1JtEPtU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:59:51 2024 by rpki-client on console-ams.rpki-client.org