Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/n7hS9TYtixwCIO6ZnHs1ZHnXDNE.roa
File: n7hS9TYtixwCIO6ZnHs1ZHnXDNE.roa (raw, json)
Hash identifier: szSyN1QLEmGBmjO0SJXw3mGNLmqC4toJE/ZJ5qgr1nc=
Subject key identifier: 9F:B8:52:F5:36:2D:8B:1C:02:20:EE:99:9C:7B:35:64:79:D7:0C:D1
Certificate issuer: /CN=62e25656c50bb254f58077d1b966e474b16347af
Certificate serial: 018CC7954EFA949239DA198514E344E2F155
Authority key identifier: 62:E2:56:56:C5:0B:B2:54:F5:80:77:D1:B9:66:E4:74:B1:63:47:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YuJWVsULslT1gHfRuWbkdLFjR68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/n7hS9TYtixwCIO6ZnHs1ZHnXDNE.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8657
IP address blocks: 185.96.172.0/22 maxlen: 22
195.8.0.0/19 maxlen: 24
217.168.112.0/21 maxlen: 24
2001:15d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/YuJWVsULslT1gHfRuWbkdLFjR68.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/YuJWVsULslT1gHfRuWbkdLFjR68.mft
rsync://rpki.ripe.net/repository/DEFAULT/YuJWVsULslT1gHfRuWbkdLFjR68.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4e:fa:94:92:39:da:19:85:14:e3:44:e2:f1:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62e25656c50bb254f58077d1b966e474b16347af
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fb852f5362d8b1c0220ee999c7b356479d70cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:67:5a:58:db:7e:27:23:2d:e0:2d:ae:bb:64:
28:f6:4c:d6:b6:99:61:94:04:6a:d0:e4:9e:b2:f8:
e5:7f:d4:e2:c8:b4:02:22:4b:e3:7f:07:cf:b4:0f:
b8:ab:94:b2:d7:67:ff:ed:67:da:55:c5:40:11:11:
14:9f:5b:d0:f3:f0:49:42:d4:ba:88:99:fd:c0:2e:
53:01:6c:17:5f:e5:a3:79:c8:3e:fd:39:31:36:42:
48:b6:65:28:13:42:a9:80:ef:39:19:3d:80:bb:d5:
11:a9:4b:fe:a6:e2:a7:2e:1f:5e:86:50:01:9f:a8:
91:d6:12:ad:7a:13:30:ac:7e:ea:89:19:86:a0:57:
d4:6a:6b:f1:f3:21:3a:ef:87:b6:1e:97:f8:67:a7:
67:c5:a5:9f:2f:6f:1e:92:00:21:4d:15:6b:6e:73:
45:c3:da:84:37:b9:3e:8b:bf:82:2f:ac:54:65:02:
07:01:bc:1d:a6:57:98:11:e8:b3:1d:51:7f:93:e2:
02:f7:d7:e2:da:a0:99:c6:93:4b:64:7c:38:31:74:
23:35:e9:95:53:3a:85:46:67:7e:f9:dc:d8:9f:f5:
42:1b:10:8a:83:ca:17:fa:89:f2:c0:5d:6e:79:ab:
b0:dd:ff:94:4c:09:c8:7b:41:6e:16:d6:9d:df:c6:
44:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B8:52:F5:36:2D:8B:1C:02:20:EE:99:9C:7B:35:64:79:D7:0C:D1
X509v3 Authority Key Identifier:
keyid:62:E2:56:56:C5:0B:B2:54:F5:80:77:D1:B9:66:E4:74:B1:63:47:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YuJWVsULslT1gHfRuWbkdLFjR68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/n7hS9TYtixwCIO6ZnHs1ZHnXDNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/424685-d8a9-4368-8d3c-c2064b0f9ab9/1/YuJWVsULslT1gHfRuWbkdLFjR68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.172.0/22
195.8.0.0/19
217.168.112.0/21
IPv6:
2001:15d8::/32
Signature Algorithm: sha256WithRSAEncryption
69:56:23:e1:4d:9e:32:72:63:c2:89:b3:3c:08:85:4e:9f:7f:
b6:f0:37:fa:5e:e0:0b:4d:0a:90:49:4e:d4:0d:ef:1f:25:e4:
93:90:93:80:72:a9:db:99:fc:c5:c1:ce:fd:9b:6d:3d:93:6b:
c1:22:11:0e:85:35:e6:a1:cd:e4:62:82:95:fb:dc:a2:26:94:
ff:cb:87:36:3d:4e:6c:eb:3c:1f:47:0a:98:fd:29:68:e7:53:
58:10:f4:45:89:0c:0f:c0:12:bd:16:8f:28:6c:0c:ec:ac:5e:
1f:11:47:f6:a2:76:a6:cb:11:da:44:a0:b5:58:fe:66:06:c3:
a2:7d:58:6f:04:c2:9e:bd:99:93:b9:38:e6:de:9d:69:0c:59:
f5:9f:e8:54:b8:f9:f0:90:f6:44:82:2c:fa:53:4b:0d:d3:d5:
18:b7:5f:3e:15:7e:89:11:d9:23:3a:10:fd:44:fc:40:9f:0c:
e7:6f:c7:06:76:54:90:b0:5b:eb:ab:aa:6c:e1:23:1d:f7:08:
3a:da:89:66:8a:0a:d9:42:48:1e:e6:d9:eb:3f:09:e6:5d:33:
c9:60:9d:f6:c5:ac:6c:4d:43:df:f4:2a:ab:58:de:5f:a5:6c:
b3:4a:8e:40:ab:9e:3f:2c:e5:58:40:15:3d:9b:c5:9d:a7:5b:
25:b7:ca:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlU76lJI52hmFFONE4vFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZTI1NjU2YzUwYmIyNTRmNTgwNzdkMWI5NjZlNDc0YjE2
MzQ3YWYwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI4NTJmNTM2MmQ4YjFjMDIyMGVlOTk5YzdiMzU2NDc5ZDcwY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmdaWNt+JyMt4C2uu2Qo9kzWtplh
lARq0OSesvjlf9TiyLQCIkvjfwfPtA+4q5Sy12f/7WfaVcVAEREUn1vQ8/BJQtS6
iJn9wC5TAWwXX+Wjecg+/TkxNkJItmUoE0KpgO85GT2Au9URqUv+puKnLh9ehlAB
n6iR1hKtehMwrH7qiRmGoFfUamvx8yE674e2Hpf4Z6dnxaWfL28ekgAhTRVrbnNF
w9qEN7k+i7+CL6xUZQIHAbwdpleYEeizHVF/k+IC99fi2qCZxpNLZHw4MXQjNemV
UzqFRmd++dzYn/VCGxCKg8oX+onywF1ueauw3f+UTAnIe0FuFtad38ZEvQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ+4UvU2LYscAiDumZx7NWR51wzRMB8GA1UdIwQY
MBaAFGLiVlbFC7JU9YB30blm5HSxY0evMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXVKV1ZzVUxzbFQxZ0hmUnVXYmtkTEZqUjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80MjQ2ODUtZDhhOS00MzY4LThkM2Mt
YzIwNjRiMGY5YWI5LzEvbjdoUzlUWXRpeHdDSU82Wm5IczFaSG5YRE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80MjQ2ODUtZDhhOS00MzY4LThkM2MtYzIwNjRiMGY5YWI5
LzEvWXVKV1ZzVUxzbFQxZ0hmUnVXYmtkTEZqUjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWCsAwQF
wwgAAwQD2ahwMA0EAgACMAcDBQAgARXYMA0GCSqGSIb3DQEBCwUAA4IBAQBpViPh
TZ4ycmPCibM8CIVOn3+28Df6XuALTQqQSU7UDe8fJeSTkJOAcqnbmfzFwc79m209
k2vBIhEOhTXmoc3kYoKV+9yiJpT/y4c2PU5s6zwfRwqY/Slo51NYEPRFiQwPwBK9
Fo8obAzsrF4fEUf2onamyxHaRKC1WP5mBsOifVhvBMKevZmTuTjm3p1pDFn1n+hU
uPnwkPZEgiz6U0sN09UYt18+FX6JEdkjOhD9RPxAnwznb8cGdlSQsFvrq6ps4SMd
9wg62olmigrZQkge5tnrPwnmXTPJYJ32xaxsTUPf9CqrWN5fpWyzSo5Aq54/LOVY
QBU9m8Wdp1slt8q9
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:20 2024 by rpki-client on console-ams.rpki-client.org