Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/j-g4oaQrf8HoLEBtDAq3H6O9_aM.roa
File: j-g4oaQrf8HoLEBtDAq3H6O9_aM.roa (raw, json)
Hash identifier: wvYam7dr2/0ZU9xTHH4mCDX7xDfq/N9xfBjIYgx1aWw=
Subject key identifier: 8F:E8:38:A1:A4:2B:7F:C1:E8:2C:40:6D:0C:0A:B7:1F:A3:BD:FD:A3
Certificate issuer: /CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Certificate serial: 018CC424758F1D5C584F2E78B3BCA9BE3266
Authority key identifier: 1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/j-g4oaQrf8HoLEBtDAq3H6O9_aM.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 132.66.0.0/16 maxlen: 16
132.67.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:03:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:75:8f:1d:5c:58:4f:2e:78:b3:bc:a9:be:32:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fe838a1a42b7fc1e82c406d0c0ab71fa3bdfda3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:f8:0f:27:75:a2:0a:4a:e2:36:1b:0c:d1:
86:6e:0a:e8:bf:39:4c:a8:f2:1e:65:ff:9b:5f:39:
b6:aa:00:03:4e:df:fd:47:79:d6:93:1d:ea:3f:f2:
a9:a6:b0:26:5c:74:6d:4e:70:7d:1b:f6:69:bf:a9:
73:e0:ac:cd:e5:7d:b1:5a:6f:b5:13:2a:fe:6f:bd:
a5:18:53:61:c7:36:5d:74:2a:9f:b1:75:c8:f1:ef:
12:ed:04:0b:6a:e7:f0:8f:7d:07:c7:fb:2f:8b:58:
2c:4e:73:e2:69:00:5d:82:f6:57:0a:c1:07:30:77:
79:69:e0:62:54:32:93:47:cc:98:7a:56:82:b4:b3:
4e:e2:58:c9:b6:74:cd:66:62:e5:d9:9c:02:18:c1:
45:44:60:5d:e1:ed:44:9e:79:b2:2c:d0:2d:f6:4d:
cb:bb:e7:dc:e9:9d:6c:28:a3:db:97:73:cb:74:53:
88:94:31:78:20:1b:b5:82:36:19:5a:70:c1:e0:18:
3f:7b:3d:28:cf:a5:e8:8d:be:21:8f:05:48:20:a0:
e7:1c:d8:5d:c8:e1:49:06:4f:77:22:8d:be:d8:34:
bc:da:10:79:3a:61:13:46:c4:bd:ff:47:4a:d6:27:
0f:44:4a:bb:43:02:46:03:56:06:89:d2:2d:b9:71:
4d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E8:38:A1:A4:2B:7F:C1:E8:2C:40:6D:0C:0A:B7:1F:A3:BD:FD:A3
X509v3 Authority Key Identifier:
keyid:1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/j-g4oaQrf8HoLEBtDAq3H6O9_aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.66.0.0/15
Signature Algorithm: sha256WithRSAEncryption
68:70:1b:14:49:ff:b0:52:7c:9e:a1:41:93:49:16:f1:08:dc:
75:aa:86:4f:14:bd:5c:c3:c5:c3:4d:d2:b1:d9:d6:73:67:64:
17:40:84:90:26:03:16:d9:1b:d4:e1:25:fb:8b:c5:5d:48:53:
a8:71:f6:4e:ed:ee:f5:5e:b5:5f:88:3e:50:a3:dc:30:8d:6f:
28:eb:d2:a2:a5:69:b3:0c:5c:d3:e0:5e:73:0c:5b:cc:13:73:
ae:34:81:e7:6b:12:0d:f9:bf:d7:40:61:81:87:03:b5:c2:f7:
dd:37:f1:1d:13:a9:ea:5e:e7:1f:a1:ee:eb:57:80:da:8e:33:
7d:dc:62:f7:90:55:75:6b:9a:bf:06:83:95:bc:59:d1:c9:a0:
0e:19:69:20:95:54:54:6c:46:19:a9:55:17:82:ed:4b:7b:bf:
0b:83:fd:97:4c:99:53:bc:df:aa:69:8c:99:f7:24:95:cf:bf:
be:b7:0f:2d:36:70:36:a2:55:6c:9e:82:07:e0:66:77:f1:fe:
6c:f2:9b:75:19:8e:22:2c:c5:de:b3:06:3f:eb:7c:5b:bb:17:
59:33:43:ee:35:0e:d3:b2:7b:b4:9a:f4:5a:8b:a4:f3:c9:98:
e8:e3:8c:82:be:ff:e4:60:e3:3c:ad:7e:f3:ae:73:d6:83:8a:
4a:c6:b4:b4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzEJHWPHVxYTy54s7ypvjJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMmNkY2I5Yzc2ZjVlMGNlMGMzODVkN2UwZWYxNTU3MmQx
NWE1NGMwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU4MzhhMWE0MmI3ZmMxZTgyYzQwNmQwYzBhYjcxZmEzYmRmZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDD4Dyd1ogpK4jYbDNGGbgrovzlM
qPIeZf+bXzm2qgADTt/9R3nWkx3qP/KpprAmXHRtTnB9G/Zpv6lz4KzN5X2xWm+1
Eyr+b72lGFNhxzZddCqfsXXI8e8S7QQLaufwj30Hx/svi1gsTnPiaQBdgvZXCsEH
MHd5aeBiVDKTR8yYelaCtLNO4ljJtnTNZmLl2ZwCGMFFRGBd4e1EnnmyLNAt9k3L
u+fc6Z1sKKPbl3PLdFOIlDF4IBu1gjYZWnDB4Bg/ez0oz6Xojb4hjwVIIKDnHNhd
yOFJBk93Io2+2DS82hB5OmETRsS9/0dK1icPREq7QwJGA1YGidItuXFN5wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFI/oOKGkK3/B6CxAbQwKtx+jvf2jMB8GA1UdIwQY
MBaAFB0s3LnHb14M4MOF1+DvFVctFaVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUt
NzYwZTRlZTRjNmIyLzEvai1nNG9hUXJmOEhvTEVCdERBcTNINk85X2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUtNzYwZTRlZTRjNmIy
LzEvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEIwDQYJ
KoZIhvcNAQELBQADggEBAGhwGxRJ/7BSfJ6hQZNJFvEI3HWqhk8UvVzDxcNN0rHZ
1nNnZBdAhJAmAxbZG9ThJfuLxV1IU6hx9k7t7vVetV+IPlCj3DCNbyjr0qKlabMM
XNPgXnMMW8wTc640gedrEg35v9dAYYGHA7XC99038R0Tqepe5x+h7utXgNqOM33c
YveQVXVrmr8Gg5W8WdHJoA4ZaSCVVFRsRhmpVReC7Ut7vwuD/ZdMmVO836ppjJn3
JJXPv763Dy02cDaiVWyeggfgZnfx/mzym3UZjiIsxd6zBj/rfFu7F1kzQ+41DtOy
e7Sa9FqLpPPJmOjjjIK+/+Rg4zytfvOuc9aDikrGtLQ=
-----END CERTIFICATE-----
Generated at Sun May 5 18:40:04 2024 by rpki-client on console-fra.rpki-client.org