Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/kCluYn7nqoHH4SSOepPfvh-y1yk.roa
File: kCluYn7nqoHH4SSOepPfvh-y1yk.roa (raw, json)
Hash identifier: nTq6la6myCABttwP6zRbIZ4fLxwO0QnV6q+uhEwUj8A=
Subject key identifier: 90:29:6E:62:7E:E7:AA:81:C7:E1:24:8E:7A:93:DF:BE:1F:B2:D7:29
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 018FE1C1879A2A8334D55976A77A20C46AB6
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/kCluYn7nqoHH4SSOepPfvh-y1yk.roa
Signing time: Tue 04 Jun 2024 05:38:27 +0000
ROA not before: Tue 04 Jun 2024 05:38:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21473
IP address blocks: 94.176.168.0/22 maxlen: 22
185.142.8.0/22 maxlen: 22
2a07:2800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e1:c1:87:9a:2a:83:34:d5:59:76:a7:7a:20:c4:6a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Jun 4 05:38:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90296e627ee7aa81c7e1248e7a93dfbe1fb2d729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:86:b8:85:60:a8:87:41:2c:25:5c:25:44:5a:
7c:dd:76:4d:b7:70:94:d8:b6:7c:3a:cf:05:58:36:
f4:f2:f6:dc:b6:af:73:25:38:91:dd:8f:a9:00:db:
cf:db:3a:b3:71:11:80:1a:5a:54:c3:f9:54:b7:2b:
ea:3c:86:92:20:f0:6b:8c:c7:60:77:5e:0c:49:d1:
75:0f:0c:62:dc:02:b0:b0:48:9d:2d:7b:2c:46:f9:
95:da:4a:6c:f6:ae:f7:2e:8f:58:b2:0a:3e:c2:e8:
3d:3e:22:b0:15:0a:0c:71:e6:e4:fb:c4:b8:17:07:
58:78:70:b7:24:70:17:1f:68:bf:ce:6c:bf:8b:c3:
63:9b:aa:c4:f1:1e:9f:97:b7:cd:9c:29:03:03:68:
6f:b2:c7:bb:85:81:5f:53:25:cd:92:fb:6f:5c:a1:
b1:7f:84:18:e7:d8:0c:d0:d4:ea:75:f8:64:5d:3c:
56:26:e7:c0:eb:7e:42:68:7d:9f:36:56:a9:c5:4b:
ab:c5:80:70:84:78:06:6e:32:de:74:aa:98:5b:c7:
95:3c:c8:61:95:a1:6d:72:60:c4:f1:76:6a:26:70:
07:ac:f7:c5:45:64:ca:a6:db:7d:f5:5b:22:85:9a:
7d:09:3f:ee:07:14:52:db:9f:01:bb:4a:6e:85:02:
da:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:29:6E:62:7E:E7:AA:81:C7:E1:24:8E:7A:93:DF:BE:1F:B2:D7:29
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/kCluYn7nqoHH4SSOepPfvh-y1yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.168.0/22
185.142.8.0/22
IPv6:
2a07:2800::/29
Signature Algorithm: sha256WithRSAEncryption
90:a1:5c:60:cf:4d:68:5e:67:fa:09:0b:37:2b:aa:d8:bf:13:
63:fb:d3:60:d2:53:98:f7:64:4e:81:6a:b5:bb:01:79:5b:5b:
57:ad:91:74:b5:06:00:11:a6:08:30:f1:21:c6:e9:36:d2:08:
7b:28:12:b9:b8:71:c5:dd:78:10:f2:dc:7d:c6:24:18:1f:3d:
6c:94:02:b3:4c:dc:9c:b1:01:45:34:ba:9e:66:c9:d4:c9:7e:
98:b3:f1:e8:10:e8:35:00:e6:91:38:f2:b9:61:86:ee:b6:8e:
e2:bd:e6:f2:30:55:5b:27:48:e5:a4:0e:5b:41:7c:69:ac:a3:
cd:15:41:5d:76:c9:b8:88:48:c1:71:5c:fc:1f:67:21:6e:c6:
98:46:18:c4:dd:1a:73:2c:10:69:eb:ef:e6:1a:82:41:c4:da:
e0:29:ef:83:78:11:27:7a:37:2d:ae:bb:7d:f9:f1:70:7e:a4:
58:82:c6:35:c7:ea:d3:64:df:8f:db:40:3e:c8:96:53:45:95:
fa:46:33:0d:79:d6:91:d6:6f:bd:d6:34:3d:07:30:f7:35:b2:
5a:1a:d4:bc:01:ab:7b:2f:9f:10:a0:61:61:14:d6:24:41:a9:
e5:c6:56:83:21:fb:bb:9d:ce:c4:fc:73:47:63:de:20:b9:d3:
49:cf:d7:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/hwYeaKoM01Vl2p3ogxGq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjQwNjA0MDUzODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDI5NmU2MjdlZTdhYTgxYzdlMTI0OGU3YTkzZGZiZTFmYjJkNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYa4hWCoh0EsJVwlRFp83XZNt3CU
2LZ8Os8FWDb08vbctq9zJTiR3Y+pANvP2zqzcRGAGlpUw/lUtyvqPIaSIPBrjMdg
d14MSdF1Dwxi3AKwsEidLXssRvmV2kps9q73Lo9Ysgo+wug9PiKwFQoMcebk+8S4
FwdYeHC3JHAXH2i/zmy/i8Njm6rE8R6fl7fNnCkDA2hvsse7hYFfUyXNkvtvXKGx
f4QY59gM0NTqdfhkXTxWJufA635CaH2fNlapxUurxYBwhHgGbjLedKqYW8eVPMhh
laFtcmDE8XZqJnAHrPfFRWTKptt99VsihZp9CT/uBxRS258Bu0puhQLaRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJApbmJ+56qBx+EkjnqT374fstcpMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEva0NsdVluN25xb0hINFNTT2VwUGZ2aC15MXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXrCoAwQC
uY4IMA0EAgACMAcDBQMqBygAMA0GCSqGSIb3DQEBCwUAA4IBAQCQoVxgz01oXmf6
CQs3K6rYvxNj+9Ng0lOY92ROgWq1uwF5W1tXrZF0tQYAEaYIMPEhxuk20gh7KBK5
uHHF3XgQ8tx9xiQYHz1slAKzTNycsQFFNLqeZsnUyX6Ys/HoEOg1AOaROPK5YYbu
to7ivebyMFVbJ0jlpA5bQXxprKPNFUFddsm4iEjBcVz8H2chbsaYRhjE3RpzLBBp
6+/mGoJBxNrgKe+DeBEnejctrrt9+fFwfqRYgsY1x+rTZN+P20A+yJZTRZX6RjMN
edaR1m+91jQ9BzD3NbJaGtS8Aat7L58QoGFhFNYkQanlxlaDIfu7nc7E/HNHY94g
udNJz9eI
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:25 2024 by rpki-client on console-ams.rpki-client.org