Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/czVG4O8xQ_Qxjt35boB5o4Zy968.roa
File: czVG4O8xQ_Qxjt35boB5o4Zy968.roa (raw, json)
Hash identifier: BIQ65FJElqKtzkrGzp2TAHoEXv1KyQAfqTzcygkfRwc=
Subject key identifier: 73:35:46:E0:EF:31:43:F4:31:8E:DD:F9:6E:80:79:A3:86:72:F7:AF
Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Certificate serial: 018CC802D98FE0970A830E74E5EC4D0FB6D0
Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/czVG4O8xQ_Qxjt35boB5o4Zy968.roa
Signing time: Tue 02 Jan 2024 02:31:19 +0000
ROA not before: Tue 02 Jan 2024 02:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197912
IP address blocks: 128.127.170.0/24 maxlen: 24
128.127.169.0/24 maxlen: 24
128.127.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d9:8f:e0:97:0a:83:0e:74:e5:ec:4d:0f:b6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Validity
Not Before: Jan 2 02:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=733546e0ef3143f4318eddf96e8079a38672f7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4c:d4:33:6f:5d:7a:fa:3a:ab:8d:f6:0c:f6:
35:a6:de:dd:df:84:51:40:a3:6e:28:a1:da:f6:bf:
35:5f:4b:e9:90:9b:aa:45:bf:eb:50:c8:fb:f3:2c:
20:bb:79:5c:0d:42:99:8a:d3:8f:d8:19:87:63:07:
cb:6b:3c:e7:61:8a:46:bd:c7:84:6f:be:1b:3b:48:
e9:57:de:01:67:7e:cb:0f:c9:59:c7:0f:c9:3b:ff:
fe:13:c9:c1:55:28:ef:61:04:52:37:38:f2:a1:dd:
e6:22:e5:b0:3e:28:25:ae:d1:ca:91:97:f7:2a:ee:
7b:d5:06:c8:44:68:3b:a6:1d:e5:72:4a:44:af:dc:
c1:cb:bf:32:bb:cc:f4:be:cd:40:59:35:ac:15:ea:
a0:29:13:44:ca:c2:58:30:2e:18:2e:39:56:6e:78:
87:6d:81:d5:e0:bc:85:06:92:88:3b:1f:df:ef:68:
ce:e9:b3:fd:e0:1a:ee:61:09:60:ec:31:94:78:0d:
d5:77:1a:6c:c3:22:7f:4e:f9:64:1c:80:7f:c1:09:
be:38:a1:f9:d7:7f:8a:dc:fe:a7:3b:52:31:af:6c:
86:77:80:f5:d1:b3:b6:08:6c:c6:76:46:db:ba:54:
f4:f0:8f:89:e2:a6:40:18:0c:7f:12:c0:c3:eb:a6:
05:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:35:46:E0:EF:31:43:F4:31:8E:DD:F9:6E:80:79:A3:86:72:F7:AF
X509v3 Authority Key Identifier:
keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/czVG4O8xQ_Qxjt35boB5o4Zy968.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.168.0-128.127.170.255
Signature Algorithm: sha256WithRSAEncryption
9a:91:af:3b:94:d2:7a:27:73:fa:7f:f1:06:87:0e:a7:d1:b3:
34:a5:a8:d4:5c:fd:8e:ad:d4:18:d3:6e:7f:8d:c7:7e:60:aa:
77:30:8e:98:40:e2:d5:d0:85:aa:04:1a:af:e0:c3:6d:8a:2c:
aa:8f:36:29:46:ae:11:ab:46:f1:7c:7e:30:93:e7:52:98:07:
e3:68:08:48:9a:63:f9:81:0a:7a:24:3e:eb:7c:88:3d:28:77:
5f:77:6b:19:ad:a5:96:da:83:dc:5a:3a:6d:b7:8d:10:ac:2b:
b2:e9:2a:e3:4a:65:86:8c:8e:45:34:b6:86:79:86:38:29:f0:
3d:66:c7:b3:a1:e5:7b:e9:be:e2:a2:f9:c3:47:b1:75:7e:d1:
62:1c:b6:b0:b1:10:f0:cd:5a:3b:07:4e:64:7f:c7:c3:d9:26:
8d:8a:7a:20:0c:9f:53:72:01:1f:dd:27:9e:6e:f4:04:7f:fd:
e3:95:74:95:fa:a7:a1:a9:88:77:21:57:15:13:76:86:fd:8a:
94:5e:63:3a:c2:80:40:20:45:5e:fd:33:ed:c1:fa:8a:99:f9:
db:b9:6c:ef:38:55:aa:5b:a7:75:91:08:f4:33:1c:b0:70:f2:
a2:f1:99:96:6c:67:28:4f:d4:b1:2e:69:0e:7f:41:14:1a:25:
39:92:7c:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIAtmP4JcKgw505exND7bQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm
MDNjNGEwHhcNMjQwMTAyMDIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM1NDZlMGVmMzE0M2Y0MzE4ZWRkZjk2ZTgwNzlhMzg2NzJmN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUzUM29devo6q432DPY1pt7d34RR
QKNuKKHa9r81X0vpkJuqRb/rUMj78ywgu3lcDUKZitOP2BmHYwfLazznYYpGvceE
b74bO0jpV94BZ37LD8lZxw/JO//+E8nBVSjvYQRSNzjyod3mIuWwPiglrtHKkZf3
Ku571QbIRGg7ph3lckpEr9zBy78yu8z0vs1AWTWsFeqgKRNEysJYMC4YLjlWbniH
bYHV4LyFBpKIOx/f72jO6bP94BruYQlg7DGUeA3VdxpswyJ/TvlkHIB/wQm+OKH5
13+K3P6nO1Ixr2yGd4D10bO2CGzGdkbbulT08I+J4qZAGAx/EsDD66YFJwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHM1RuDvMUP0MY7d+W6AeaOGcvevMB8GA1UdIwQY
MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt
YTAxZTllNmRjYmYyLzEvY3pWRzRPOHhRX1F4anQzNWJvQjVvNFp5OTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy
LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOAf6gD
BACAf6owDQYJKoZIhvcNAQELBQADggEBAJqRrzuU0nonc/p/8QaHDqfRszSlqNRc
/Y6t1BjTbn+Nx35gqncwjphA4tXQhaoEGq/gw22KLKqPNilGrhGrRvF8fjCT51KY
B+NoCEiaY/mBCnokPut8iD0od193axmtpZbag9xaOm23jRCsK7LpKuNKZYaMjkU0
toZ5hjgp8D1mx7Oh5XvpvuKi+cNHsXV+0WIctrCxEPDNWjsHTmR/x8PZJo2KeiAM
n1NyAR/dJ55u9AR//eOVdJX6p6GpiHchVxUTdob9ipReYzrCgEAgRV79M+3B+oqZ
+du5bO84Vapbp3WRCPQzHLBw8qLxmZZsZyhP1LEuaQ5/QRQaJTmSfMg=
-----END CERTIFICATE-----
Generated at Sat May 25 22:38:16 2024 by rpki-client on console-fra.rpki-client.org