Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/67CdTiNYozCDfzsAx5MIvi7c4LI.roa
File: 67CdTiNYozCDfzsAx5MIvi7c4LI.roa (raw, json)
Hash identifier: H9MMMNuDkAt3TJd4bU13MEXWbtJgGTBkV2CPkBNZcLk=
Subject key identifier: EB:B0:9D:4E:23:58:A3:30:83:7F:3B:00:C7:93:08:BE:2E:DC:E0:B2
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 018CC4245234492E58DA9C44436B1871F1E7
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/67CdTiNYozCDfzsAx5MIvi7c4LI.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207945
IP address blocks: 194.63.152.0/22 maxlen: 22
185.183.72.0/22 maxlen: 22
2a0f:6b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:52:34:49:2e:58:da:9c:44:43:6b:18:71:f1:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebb09d4e2358a330837f3b00c79308be2edce0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:47:a2:4d:c4:0e:9a:a5:13:c7:8a:eb:17:fc:
59:9a:d0:91:28:9b:be:09:77:6f:98:5d:24:90:03:
21:76:99:d3:7a:35:94:48:09:74:7e:eb:54:6e:36:
9e:fa:72:30:11:4b:f9:a2:cc:67:c7:e8:e3:df:cb:
1e:7f:2b:fb:02:9c:38:81:f0:3b:e4:31:21:d2:d5:
34:68:63:3d:0a:a3:fb:ca:43:1a:5d:ae:dc:c6:42:
49:70:22:c0:b5:69:39:93:01:3b:d6:15:ba:f9:92:
59:2a:2d:3e:c8:4e:3f:0f:4a:53:85:41:6b:03:0e:
81:1e:fc:d1:34:3e:d0:79:06:1e:e6:7a:19:b8:4a:
00:81:67:5c:54:44:ec:40:50:4d:ae:7f:b1:d9:11:
ca:95:44:7a:31:81:bf:33:7f:a0:eb:70:21:b9:42:
1e:ee:dc:b5:11:37:dd:2d:08:35:a0:72:e8:3d:be:
b7:aa:4c:f5:b4:2e:b1:da:4d:a8:fd:53:07:61:f9:
67:d1:96:f4:a1:f0:1e:9b:f5:f9:bd:b7:6f:3a:1e:
27:63:0b:7f:ad:24:ad:74:a5:3b:5f:47:eb:22:d1:
ff:b1:62:19:d7:6c:a4:48:eb:db:80:43:f5:cd:4c:
b0:af:86:8d:a0:86:a7:d1:f3:93:1d:18:7c:20:2f:
c8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B0:9D:4E:23:58:A3:30:83:7F:3B:00:C7:93:08:BE:2E:DC:E0:B2
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/67CdTiNYozCDfzsAx5MIvi7c4LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.72.0/22
194.63.152.0/22
IPv6:
2a0f:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:49:0f:9d:ab:c5:03:50:5c:bd:1e:63:f2:ae:0a:1d:b4:11:
b4:92:ca:0b:f4:cc:c5:81:ef:ad:3e:4e:90:49:f6:3f:63:c7:
3e:96:fa:80:3f:fe:e7:f3:ae:86:b1:cf:af:75:bd:c2:04:45:
cf:59:72:8e:37:0a:52:8e:95:64:25:ce:2e:3b:78:e0:a5:35:
fb:89:3d:61:d2:11:f3:63:fc:21:b6:7d:9c:ef:bd:ad:31:c5:
1b:d4:73:fc:7d:50:ea:d0:16:60:b2:ad:24:98:d6:c7:09:85:
44:1c:3a:ae:86:b8:f9:c3:5d:98:cf:67:d9:0b:0d:19:22:20:
de:4e:67:6b:83:80:e3:97:9f:38:73:02:d4:7d:a7:ce:66:30:
5a:4d:cb:70:ff:e6:db:d8:d8:45:62:b4:cd:aa:df:09:3d:2f:
c7:b4:6d:4b:45:34:ec:e3:23:01:d3:0e:8d:70:02:a7:1a:6b:
c8:ea:b7:dd:13:1c:2c:7f:66:88:af:bd:4a:80:a1:18:bd:c9:
37:80:7c:d8:c4:e4:c1:6b:dc:a9:95:2b:a4:9d:76:14:7f:9e:
ae:3e:87:8b:cd:ed:55:e7:5d:c7:08:de:6a:f8:fa:6c:2d:9f:
30:b6:c5:f6:6c:55:98:2c:c8:e6:a6:3c:5f:47:7a:22:fd:8b:
ae:4c:08:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJFI0SS5Y2pxEQ2sYcfHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmIwOWQ0ZTIzNThhMzMwODM3ZjNiMDBjNzkzMDhiZTJlZGNlMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6EeiTcQOmqUTx4rrF/xZmtCRKJu+
CXdvmF0kkAMhdpnTejWUSAl0futUbjae+nIwEUv5osxnx+jj38sefyv7Apw4gfA7
5DEh0tU0aGM9CqP7ykMaXa7cxkJJcCLAtWk5kwE71hW6+ZJZKi0+yE4/D0pThUFr
Aw6BHvzRND7QeQYe5noZuEoAgWdcVETsQFBNrn+x2RHKlUR6MYG/M3+g63AhuUIe
7ty1ETfdLQg1oHLoPb63qkz1tC6x2k2o/VMHYfln0Zb0ofAem/X5vbdvOh4nYwt/
rSStdKU7X0frItH/sWIZ12ykSOvbgEP1zUywr4aNoIan0fOTHRh8IC/I2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOuwnU4jWKMwg387AMeTCL4u3OCyMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvNjdDZFRpTllvekNEZnpzQXg1TUl2aTdjNExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubdIAwQC
wj+YMA0EAgACMAcDBQMqD2uAMA0GCSqGSIb3DQEBCwUAA4IBAQBaSQ+dq8UDUFy9
HmPyrgodtBG0ksoL9MzFge+tPk6QSfY/Y8c+lvqAP/7n866Gsc+vdb3CBEXPWXKO
NwpSjpVkJc4uO3jgpTX7iT1h0hHzY/whtn2c772tMcUb1HP8fVDq0BZgsq0kmNbH
CYVEHDquhrj5w12Yz2fZCw0ZIiDeTmdrg4Djl584cwLUfafOZjBaTctw/+bb2NhF
YrTNqt8JPS/HtG1LRTTs4yMB0w6NcAKnGmvI6rfdExwsf2aIr71KgKEYvck3gHzY
xOTBa9yplSuknXYUf56uPoeLze1V513HCN5q+PpsLZ8wtsX2bFWYLMjmpjxfR3oi
/YuuTAjP
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:30 2024 by rpki-client on console-fra.rpki-client.org