Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/9htos7myS69aPI8lGG6M5mVqGGI.roa
File: 9htos7myS69aPI8lGG6M5mVqGGI.roa (raw, json)
Hash identifier: 5Mp63cqKT+tolkPdvjJ4V1jgnXkIZMJDr9XFdSOl2Ko=
Subject key identifier: F6:1B:68:B3:B9:B2:4B:AF:5A:3C:8F:25:18:6E:8C:E6:65:6A:18:62
Certificate issuer: /CN=965a6abfdb0874f2fec2262cdea3373adcb2dc55
Certificate serial: 018CC56DE5C3A453EBCEA788A0FCC6725F3E
Authority key identifier: 96:5A:6A:BF:DB:08:74:F2:FE:C2:26:2C:DE:A3:37:3A:DC:B2:DC:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/9htos7myS69aPI8lGG6M5mVqGGI.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12511
IP address blocks: 194.41.128.0/17 maxlen: 18
138.191.0.0/16 maxlen: 16
138.189.0.0/16 maxlen: 16
84.246.232.0/21 maxlen: 22
2a00:17c8::/32 maxlen: 32
2a00:17cf::/32 maxlen: 32
2a00:17c9::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e5:c3:a4:53:eb:ce:a7:88:a0:fc:c6:72:5f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=965a6abfdb0874f2fec2262cdea3373adcb2dc55
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f61b68b3b9b24baf5a3c8f25186e8ce6656a1862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f2:67:ef:e7:91:e8:76:1a:08:a7:85:a3:87:
79:ae:04:b8:1e:cc:31:72:44:36:85:b6:d6:1f:2b:
dd:70:81:9c:38:35:dc:11:f0:09:aa:4d:81:0d:56:
d3:ff:01:cf:89:48:34:fd:64:f0:90:44:a7:8c:99:
9d:a6:53:9e:1e:fc:aa:0f:8d:d8:25:36:da:94:db:
6e:de:35:9f:78:8c:78:ae:54:9b:22:f3:a6:2e:6b:
7d:4e:a2:ed:88:78:b0:14:fd:ac:d0:a6:83:3e:16:
c0:4e:30:49:ec:ac:55:54:19:8a:ed:93:b0:2c:ab:
ad:db:c7:7b:ec:35:5b:9f:e2:23:37:20:f4:ea:d6:
53:f8:5d:67:14:d1:b8:67:25:ff:fe:90:2f:49:e4:
25:80:53:84:d4:f6:89:ef:e6:1f:35:13:5e:36:01:
8f:47:72:65:46:da:55:a4:14:a2:65:c4:d1:89:2a:
e4:cb:93:82:03:93:86:e3:41:77:31:b1:6e:a8:9a:
a7:54:66:b7:33:96:13:a6:3e:b3:d3:79:1b:3f:47:
61:8b:68:83:d8:6d:2c:29:d7:06:81:a5:11:46:16:
43:fc:63:64:c5:35:16:61:bc:a8:e9:80:4b:55:b8:
1b:c6:a3:9f:04:01:eb:ad:ba:d3:1d:d1:3a:e8:2e:
fe:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1B:68:B3:B9:B2:4B:AF:5A:3C:8F:25:18:6E:8C:E6:65:6A:18:62
X509v3 Authority Key Identifier:
keyid:96:5A:6A:BF:DB:08:74:F2:FE:C2:26:2C:DE:A3:37:3A:DC:B2:DC:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/9htos7myS69aPI8lGG6M5mVqGGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.232.0/21
138.189.0.0/16
138.191.0.0/16
194.41.128.0/17
IPv6:
2a00:17c8::/31
2a00:17cf::/32
Signature Algorithm: sha256WithRSAEncryption
9c:58:87:61:83:b1:f5:14:b9:7e:00:28:f7:4f:7e:23:f5:b1:
74:57:1a:ad:c4:a1:37:c4:a1:91:2c:ea:5b:8b:62:2d:cf:20:
92:93:7d:fa:6c:27:91:38:30:99:82:22:d8:3d:19:e3:ed:72:
b3:7e:90:49:d4:17:9a:97:2a:95:e7:dd:20:01:b0:76:25:7a:
cc:60:cd:27:2b:b0:5d:30:c1:52:e4:54:ca:ea:be:4e:ce:43:
4e:f8:7d:4c:1a:4c:a9:18:f2:3d:8a:67:e2:3e:00:00:f5:cb:
16:95:5e:79:e7:ba:65:1d:df:c3:6b:c5:4e:e3:d4:e5:df:12:
2a:43:d3:22:83:c4:7d:42:a8:55:7e:3f:db:39:7b:4e:8d:28:
13:40:22:32:c8:c8:f0:24:d1:cc:db:df:7a:f3:67:bb:a3:cb:
4f:b5:12:df:be:d3:ba:0d:c1:7a:21:d7:0b:a3:2d:fb:bb:94:
c1:2e:33:97:91:0b:61:7f:8e:6f:4f:64:52:b0:b6:5c:00:9e:
43:a3:7e:b3:94:2b:4c:de:3e:9e:53:27:7c:4a:85:82:04:a1:
59:82:86:2a:37:a0:e2:31:36:5e:f6:ee:37:d0:33:62:d5:03:
31:ba:ec:70:91:9d:7a:7b:79:7a:a4:12:47:30:7e:04:3a:f5:
ab:58:7e:37
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzFbeXDpFPrzqeIoPzGcl8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NWE2YWJmZGIwODc0ZjJmZWMyMjYyY2RlYTMzNzNhZGNi
MmRjNTUwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjFiNjhiM2I5YjI0YmFmNWEzYzhmMjUxODZlOGNlNjY1NmExODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPJn7+eR6HYaCKeFo4d5rgS4Hswx
ckQ2hbbWHyvdcIGcODXcEfAJqk2BDVbT/wHPiUg0/WTwkESnjJmdplOeHvyqD43Y
JTbalNtu3jWfeIx4rlSbIvOmLmt9TqLtiHiwFP2s0KaDPhbATjBJ7KxVVBmK7ZOw
LKut28d77DVbn+IjNyD06tZT+F1nFNG4ZyX//pAvSeQlgFOE1PaJ7+YfNRNeNgGP
R3JlRtpVpBSiZcTRiSrky5OCA5OG40F3MbFuqJqnVGa3M5YTpj6z03kbP0dhi2iD
2G0sKdcGgaURRhZD/GNkxTUWYbyo6YBLVbgbxqOfBAHrrbrTHdE66C7+TwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPYbaLO5skuvWjyPJRhujOZlahhiMB8GA1UdIwQY
MBaAFJZaar/bCHTy/sImLN6jNzrcstxVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGxwcXY5c0lkUEwtd2lZczNxTTNPdHl5M0ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xMjQxN2YtNzY2NS00MDk4LWEzMzgt
NDk0OWIxZTJiNjBmLzEvOWh0b3M3bXlTNjlhUEk4bEdHNk01bVZxR0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xMjQxN2YtNzY2NS00MDk4LWEzMzgtNDk0OWIxZTJiNjBm
LzEvbGxwcXY5c0lkUEwtd2lZczNxTTNPdHl5M0ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAcBAIAATAWAwQDVPboAwMA
ir0DAwCKvwMEB8IpgDAUBAIAAjAOAwUBKgAXyAMFACoAF88wDQYJKoZIhvcNAQEL
BQADggEBAJxYh2GDsfUUuX4AKPdPfiP1sXRXGq3EoTfEoZEs6luLYi3PIJKTffps
J5E4MJmCItg9GePtcrN+kEnUF5qXKpXn3SABsHYlesxgzScrsF0wwVLkVMrqvk7O
Q074fUwaTKkY8j2KZ+I+AAD1yxaVXnnnumUd38NrxU7j1OXfEipD0yKDxH1CqFV+
P9s5e06NKBNAIjLIyPAk0czb33rzZ7ujy0+1Et++07oNwXoh1wujLfu7lMEuM5eR
C2F/jm9PZFKwtlwAnkOjfrOUK0zePp5TJ3xKhYIEoVmChio3oOIxNl727jfQM2LV
AzG67HCRnXp7eXqkEkcwfgQ69atYfjc=
-----END CERTIFICATE-----
Generated at Tue Nov 26 07:08:46 2024 by rpki-client on console-ams.rpki-client.org