Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/6OQzZJt7u3gCsY72ao4LXZ6dM6M.roa
File: 6OQzZJt7u3gCsY72ao4LXZ6dM6M.roa (raw, json)
Hash identifier: YXRhwFXWdyFfNgENFtY9MzLeNr4T7DyBYormpcWqCfc=
Subject key identifier: E8:E4:33:64:9B:7B:BB:78:02:B1:8E:F6:6A:8E:0B:5D:9E:9D:33:A3
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 018CC7954005E08453313398BEA612BD6693
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/6OQzZJt7u3gCsY72ao4LXZ6dM6M.roa
Signing time: Tue 02 Jan 2024 00:31:36 +0000
ROA not before: Tue 02 Jan 2024 00:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21472
IP address blocks: 78.143.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:40:05:e0:84:53:31:33:98:be:a6:12:bd:66:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 2 00:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8e433649b7bbb7802b18ef66a8e0b5d9e9d33a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7c:78:59:b0:25:19:d4:fe:bf:c7:b9:c4:40:
b7:cb:98:3e:8f:90:7d:74:c6:5d:25:42:ad:c9:b3:
be:6b:51:4c:4a:b8:65:54:2c:56:e8:04:6d:7b:02:
aa:0f:8e:0d:86:e7:33:11:c1:24:bc:29:4f:d9:58:
f1:7e:d9:71:0a:a7:44:8d:09:6d:e4:1e:d3:09:0b:
ba:f5:12:14:3c:02:4f:3d:fd:40:29:8d:0d:0e:ba:
cc:43:11:41:ae:59:91:a6:08:18:db:9c:d3:76:e9:
04:a8:9d:4d:a7:bf:e5:ab:bd:5c:5d:cb:f7:e9:ef:
0c:b2:37:e6:c6:7e:7e:58:d2:e8:85:8d:66:28:8e:
2d:ed:dd:67:1c:c2:de:14:bc:fd:6e:55:66:ad:6e:
da:24:46:ad:7c:39:9c:b9:2f:c3:d1:a3:a4:8f:9a:
e7:0d:53:87:93:06:c2:91:0c:89:2b:7d:88:7f:a6:
a5:77:01:11:7b:cf:34:f2:23:28:b4:fc:91:94:dc:
a4:4d:24:5c:60:6d:76:f4:e0:9b:37:6c:a9:2b:63:
1b:15:dc:1e:1a:83:4c:c1:dc:94:5b:b2:de:66:cf:
a4:4a:bb:22:b9:71:9a:4c:cd:a7:7b:89:03:57:9d:
3c:8a:24:5e:64:76:54:9e:6d:2c:3b:22:c9:a5:44:
46:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E4:33:64:9B:7B:BB:78:02:B1:8E:F6:6A:8E:0B:5D:9E:9D:33:A3
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/6OQzZJt7u3gCsY72ao4LXZ6dM6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.255.0/24
Signature Algorithm: sha256WithRSAEncryption
58:e6:46:d4:0e:9f:19:8b:a4:73:51:42:29:6c:0f:e5:f7:30:
fc:eb:1e:6a:63:63:7b:a7:cd:1d:1c:99:80:fe:0c:0f:3f:7f:
a7:a4:28:35:03:0e:99:38:5c:33:ac:04:72:15:94:76:06:92:
0c:15:d4:57:8f:21:c4:5f:a8:9a:7c:40:4d:c4:a6:6d:8a:d5:
4e:6d:f3:78:b5:45:8b:f2:81:45:e0:de:bf:4e:35:1b:be:90:
bb:79:45:fb:d0:84:30:86:26:28:54:3f:37:fe:53:b1:c0:7e:
56:db:91:b9:c5:84:b7:35:fc:66:1d:6e:6d:17:2b:e4:c3:d1:
30:7e:06:4e:e3:a5:e9:d3:df:41:4a:67:8d:b5:6e:a3:dd:1f:
e1:39:c6:0b:db:c5:7e:7d:82:d1:13:15:93:08:23:2b:b9:62:
8b:d7:99:9f:81:e7:d7:ad:d5:34:14:04:70:a5:b4:37:07:a7:
e2:49:1f:02:09:2a:33:5d:1e:23:d9:1b:7b:7c:02:d3:8a:86:
b1:b9:74:fe:b7:bd:ec:31:31:cd:75:52:9d:2f:d3:2a:ee:db:
27:b1:7b:a6:8b:0e:c2:20:e6:4c:06:e3:d9:fe:5e:c5:1c:5d:
de:a8:93:4a:6a:0c:98:4d:84:ff:30:41:12:3f:49:31:a9:c7:
9f:9d:80:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlUAF4IRTMTOYvqYSvWaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwMTAyMDAzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGU0MzM2NDliN2JiYjc4MDJiMThlZjY2YThlMGI1ZDllOWQzM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXx4WbAlGdT+v8e5xEC3y5g+j5B9
dMZdJUKtybO+a1FMSrhlVCxW6ARtewKqD44NhuczEcEkvClP2VjxftlxCqdEjQlt
5B7TCQu69RIUPAJPPf1AKY0NDrrMQxFBrlmRpggY25zTdukEqJ1Np7/lq71cXcv3
6e8Msjfmxn5+WNLohY1mKI4t7d1nHMLeFLz9blVmrW7aJEatfDmcuS/D0aOkj5rn
DVOHkwbCkQyJK32If6aldwERe8808iMotPyRlNykTSRcYG129OCbN2ypK2MbFdwe
GoNMwdyUW7LeZs+kSrsiuXGaTM2ne4kDV508iiReZHZUnm0sOyLJpURGpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjkM2Sbe7t4ArGO9mqOC12enTOjMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvNk9RelpKdDd1M2dDc1k3MmFvNExYWjZkTTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATo//MA0G
CSqGSIb3DQEBCwUAA4IBAQBY5kbUDp8Zi6RzUUIpbA/l9zD86x5qY2N7p80dHJmA
/gwPP3+npCg1Aw6ZOFwzrARyFZR2BpIMFdRXjyHEX6iafEBNxKZtitVObfN4tUWL
8oFF4N6/TjUbvpC7eUX70IQwhiYoVD83/lOxwH5W25G5xYS3NfxmHW5tFyvkw9Ew
fgZO46Xp099BSmeNtW6j3R/hOcYL28V+fYLRExWTCCMruWKL15mfgefXrdU0FARw
pbQ3B6fiSR8CCSozXR4j2Rt7fALTioaxuXT+t73sMTHNdVKdL9Mq7tsnsXumiw7C
IOZMBuPZ/l7FHF3eqJNKagyYTYT/MEESP0kxqcefnYCi
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:39:57 2024 by rpki-client on console-ams.rpki-client.org