Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/f0-L0iZW4Fkxkexg0VerXv8NtRA.roa
File: f0-L0iZW4Fkxkexg0VerXv8NtRA.roa (raw, json)
Hash identifier: +KQv9cIgFwz/7bSVaH8TUYyz+/D9jMz3o1m/4jhSbPg=
Subject key identifier: 7F:4F:8B:D2:26:56:E0:59:31:91:EC:60:D1:57:AB:5E:FF:0D:B5:10
Certificate issuer: /CN=6d8bc5d2c69b91615cca26dbb6ea70577036e26d
Certificate serial: 01926DEF484F2E176549F00521B544AA3AF8
Authority key identifier: 6D:8B:C5:D2:C6:9B:91:61:5C:CA:26:DB:B6:EA:70:57:70:36:E2:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYvF0sabkWFcyibbtupwV3A24m0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/f0-L0iZW4Fkxkexg0VerXv8NtRA.roa
Signing time: Tue 08 Oct 2024 21:00:51 +0000
ROA not before: Tue 08 Oct 2024 21:00:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 45.152.251.0/24 maxlen: 24
91.247.184.0/24 maxlen: 24
161.51.101.0/24 maxlen: 24
188.241.247.0/24 maxlen: 24
193.160.154.0/24 maxlen: 24
2a14:5bc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/bYvF0sabkWFcyibbtupwV3A24m0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/bYvF0sabkWFcyibbtupwV3A24m0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bYvF0sabkWFcyibbtupwV3A24m0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6d:ef:48:4f:2e:17:65:49:f0:05:21:b5:44:aa:3a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d8bc5d2c69b91615cca26dbb6ea70577036e26d
Validity
Not Before: Oct 8 21:00:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f4f8bd22656e0593191ec60d157ab5eff0db510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:07:7a:f3:f2:8a:b5:d2:75:8a:0d:3b:db:
44:df:64:97:3c:d8:6d:c9:90:f5:fe:89:64:83:73:
a5:e7:4d:7b:ac:18:8f:33:40:05:da:f1:f0:ca:10:
a1:20:72:03:dd:b1:a8:bf:2d:08:57:a8:8d:0b:e8:
bc:83:3d:a2:14:f1:19:40:c7:5a:78:77:71:cc:03:
c5:93:1b:a4:43:b4:e2:03:40:56:3c:ff:3d:ef:54:
ba:06:b8:35:19:8b:bf:3f:45:7e:60:c9:2b:03:f3:
9d:30:8b:01:59:28:e8:b9:24:09:d2:5f:40:ec:19:
64:4b:11:e0:24:ca:f6:a3:0e:4f:ec:d5:46:c5:8c:
ce:a4:52:e8:42:45:c6:bf:7b:9a:c2:f8:9f:53:39:
43:8b:88:78:7a:00:92:40:ae:8c:bc:1e:09:e3:5f:
1f:ff:c6:a8:41:6e:63:f0:3b:bd:85:49:bc:c7:70:
41:75:4b:e8:7a:2f:d8:58:ec:8a:90:52:fd:0a:68:
c0:4c:52:2b:60:20:bd:d1:33:ca:d2:04:8a:19:68:
62:7c:25:8f:0f:d4:c7:64:8f:f3:3d:c8:67:9b:bd:
70:5d:21:18:3f:fe:ff:40:b0:05:b6:af:50:03:82:
29:19:48:50:ab:5e:de:d1:d6:f0:d3:e6:e4:0a:a1:
6b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4F:8B:D2:26:56:E0:59:31:91:EC:60:D1:57:AB:5E:FF:0D:B5:10
X509v3 Authority Key Identifier:
keyid:6D:8B:C5:D2:C6:9B:91:61:5C:CA:26:DB:B6:EA:70:57:70:36:E2:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYvF0sabkWFcyibbtupwV3A24m0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/f0-L0iZW4Fkxkexg0VerXv8NtRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/bYvF0sabkWFcyibbtupwV3A24m0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.251.0/24
91.247.184.0/24
161.51.101.0/24
188.241.247.0/24
193.160.154.0/24
IPv6:
2a14:5bc0::/29
Signature Algorithm: sha256WithRSAEncryption
76:54:83:8a:06:91:b5:f7:5b:8f:65:71:ec:27:b2:8f:e1:80:
77:ba:9c:76:03:ce:07:1c:99:eb:02:c6:68:86:df:77:68:e8:
e2:77:4e:be:9c:0b:7c:c9:98:ad:d0:9a:96:6e:fb:7a:2d:b9:
fe:0d:4a:25:20:1f:5f:8c:62:ad:57:a4:42:03:6d:d1:02:7a:
28:61:f0:2c:d5:36:7f:c9:bd:a6:53:07:75:cd:a7:59:7d:fa:
57:cd:e3:b3:31:7e:99:dc:49:79:64:ef:66:38:e6:92:15:0a:
2a:ad:f1:e2:c2:74:78:78:79:74:df:d1:76:7d:74:0d:ea:e5:
ce:cd:11:c5:69:ee:db:3e:15:46:45:3b:67:63:a2:aa:ae:d6:
4d:23:c4:ca:07:62:60:c1:f8:ea:bb:93:00:ca:10:77:7f:b0:
cc:b8:87:6a:98:cc:44:7f:4b:b6:06:e2:13:fc:17:00:22:3b:
0a:3f:aa:77:8a:66:8f:7a:85:3f:bb:40:52:1b:23:e1:1c:a4:
d2:d6:8a:bc:34:70:1d:5c:e8:9e:e6:8a:45:80:77:a3:cd:ab:
5e:8b:95:d7:56:58:34:de:79:2a:3f:f3:ee:70:97:0c:4c:6a:
b7:42:14:33:e3:0c:3b:8c:05:c6:ef:58:3c:2a:53:51:4b:fc:
cd:a7:c7:18
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZJt70hPLhdlSfAFIbVEqjr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOGJjNWQyYzY5YjkxNjE1Y2NhMjZkYmI2ZWE3MDU3NzAz
NmUyNmQwHhcNMjQxMDA4MjEwMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRmOGJkMjI2NTZlMDU5MzE5MWVjNjBkMTU3YWI1ZWZmMGRiNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIQHevPyirXSdYoNO9tE32SXPNht
yZD1/olkg3Ol5017rBiPM0AF2vHwyhChIHID3bGovy0IV6iNC+i8gz2iFPEZQMda
eHdxzAPFkxukQ7TiA0BWPP8971S6Brg1GYu/P0V+YMkrA/OdMIsBWSjouSQJ0l9A
7BlkSxHgJMr2ow5P7NVGxYzOpFLoQkXGv3uawvifUzlDi4h4egCSQK6MvB4J418f
/8aoQW5j8Du9hUm8x3BBdUvoei/YWOyKkFL9CmjATFIrYCC90TPK0gSKGWhifCWP
D9THZI/zPchnm71wXSEYP/7/QLAFtq9QA4IpGUhQq17e0dbw0+bkCqFrlQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH9Pi9ImVuBZMZHsYNFXq17/DbUQMB8GA1UdIwQY
MBaAFG2LxdLGm5FhXMom27bqcFdwNuJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYll2RjBzYWJrV0ZjeWliYnR1cHdWM0EyNG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wM2UxOTYtZmMyOC00M2FkLWJkNTEt
NzFjMjk2ZDQ5NjlmLzEvZjAtTDBpWlc0Rmt4a2V4ZzBWZXJYdjhOdFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wM2UxOTYtZmMyOC00M2FkLWJkNTEtNzFjMjk2ZDQ5Njlm
LzEvYll2RjBzYWJrV0ZjeWliYnR1cHdWM0EyNG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALZj7AwQA
W/e4AwQAoTNlAwQAvPH3AwQAwaCaMA0EAgACMAcDBQMqFFvAMA0GCSqGSIb3DQEB
CwUAA4IBAQB2VIOKBpG191uPZXHsJ7KP4YB3upx2A84HHJnrAsZoht93aOjid06+
nAt8yZit0JqWbvt6Lbn+DUolIB9fjGKtV6RCA23RAnooYfAs1TZ/yb2mUwd1zadZ
ffpXzeOzMX6Z3El5ZO9mOOaSFQoqrfHiwnR4eHl039F2fXQN6uXOzRHFae7bPhVG
RTtnY6KqrtZNI8TKB2Jgwfjqu5MAyhB3f7DMuIdqmMxEf0u2BuIT/BcAIjsKP6p3
imaPeoU/u0BSGyPhHKTS1oq8NHAdXOie5opFgHejzatei5XXVlg03nkqP/PucJcM
TGq3QhQz4ww7jAXG71g8KlNRS/zNp8cY
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:33:21 2024 by rpki-client on console-fra.rpki-client.org