Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/Ri3wEpWNOXs4S5sMzIPujMTfXPM.roa
File: Ri3wEpWNOXs4S5sMzIPujMTfXPM.roa (raw, json)
Hash identifier: zCKbgnQWxvqSVrsWjEKqtv7E1kqg5nXwr6vglBAMM8A=
Subject key identifier: 46:2D:F0:12:95:8D:39:7B:38:4B:9B:0C:CC:83:EE:8C:C4:DF:5C:F3
Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Certificate serial: 018CC94D5A22C70096F7070D28989F8BD252
Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/Ri3wEpWNOXs4S5sMzIPujMTfXPM.roa
Signing time: Tue 02 Jan 2024 08:32:18 +0000
ROA not before: Tue 02 Jan 2024 08:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42886
IP address blocks: 194.0.95.0/24 maxlen: 24
194.0.94.0/24 maxlen: 24
194.0.92.0/24 maxlen: 24
194.0.93.0/24 maxlen: 24
2001:67c:2dac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.mft
rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 08:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:5a:22:c7:00:96:f7:07:0d:28:98:9f:8b:d2:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Validity
Not Before: Jan 2 08:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=462df012958d397b384b9b0ccc83ee8cc4df5cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:52:c5:65:e5:32:c1:ab:6a:3b:83:b5:9b:f8:
1a:18:dc:99:b1:a2:b6:b6:bc:a6:1f:c4:a2:70:e1:
00:71:54:07:bc:97:76:b7:3f:82:9d:cf:a7:ff:6e:
5f:a0:c3:b2:21:5b:bf:61:73:0c:68:02:03:8f:53:
3b:c6:2f:a6:e2:da:3b:38:cd:24:df:66:11:c1:65:
c0:9c:c1:ff:12:3f:2d:18:13:96:be:96:a9:34:b8:
d5:7f:c4:ec:9f:04:98:b0:63:f1:92:af:6c:4b:6f:
f6:1e:6d:19:8b:e7:f5:c2:16:0a:1a:e5:af:76:57:
9a:78:74:55:97:38:38:22:49:b7:aa:6a:e5:cf:43:
e7:bc:21:cf:5d:61:e7:b7:12:36:1f:61:12:07:11:
d2:4b:9d:08:39:a7:3d:38:e0:b1:08:7d:8d:e2:8d:
80:d0:9e:7e:f8:76:14:39:5f:4b:ac:8e:8e:3d:23:
f0:62:04:57:6e:bb:94:06:4f:21:ec:4e:cf:c2:0a:
47:81:f1:22:b8:84:41:c3:c4:11:c2:bf:e9:ec:93:
18:c1:70:20:50:c8:1f:21:16:95:a7:3d:26:6e:aa:
d2:5e:58:7c:c9:16:bd:06:8b:42:98:33:a4:51:e6:
07:28:ac:62:ed:b5:5d:da:da:75:4d:12:cf:14:26:
e8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2D:F0:12:95:8D:39:7B:38:4B:9B:0C:CC:83:EE:8C:C4:DF:5C:F3
X509v3 Authority Key Identifier:
keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/Ri3wEpWNOXs4S5sMzIPujMTfXPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.92.0/22
IPv6:
2001:67c:2dac::/48
Signature Algorithm: sha256WithRSAEncryption
2b:4e:65:69:cd:bd:58:84:89:92:94:df:b9:6a:1e:6a:29:87:
b1:f2:bd:e9:ec:63:16:22:75:ca:20:26:3c:ac:e1:77:2a:52:
9a:a6:e5:b1:03:3a:bc:39:6f:f2:e1:2b:fe:e6:67:a2:b1:0a:
8d:f0:6b:0a:cd:3f:97:27:6e:67:e3:7d:e0:ec:da:0b:9e:aa:
4d:a3:2e:91:22:4c:6c:1e:20:35:10:9e:8d:cc:68:cf:1e:64:
54:2d:61:37:87:26:c0:dc:98:50:6d:9e:5c:ec:16:28:df:af:
b3:0c:6c:e5:8c:fa:e1:06:a4:ed:85:02:71:b1:c7:09:c7:e9:
c7:49:21:97:b4:75:d5:b7:da:fc:b2:3e:f1:66:87:75:10:96:
21:6c:f6:43:de:e1:9f:b8:a7:a4:0a:64:a4:55:bc:6c:b5:d2:
8b:74:7c:65:d8:35:1d:9b:ab:f8:03:a4:04:e0:89:15:2b:95:
81:8f:f5:99:41:82:ac:b4:8d:d3:e0:95:56:b8:56:3f:e6:90:
bb:88:30:b4:7c:f6:53:f0:45:dd:70:a6:7e:7e:b8:32:e5:9d:
64:93:42:49:90:44:b9:03:84:33:d7:4f:93:eb:66:2e:e5:61:
98:10:16:f8:4b:fd:4d:72:63:70:3b:1a:0a:06:b1:1f:d6:63:
32:17:72:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTVoixwCW9wcNKJifi9JSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0
YjYxYTgwHhcNMjQwMTAyMDgzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjJkZjAxMjk1OGQzOTdiMzg0YjliMGNjYzgzZWU4Y2M0ZGY1Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVLFZeUywatqO4O1m/gaGNyZsaK2
trymH8SicOEAcVQHvJd2tz+Cnc+n/25foMOyIVu/YXMMaAIDj1M7xi+m4to7OM0k
32YRwWXAnMH/Ej8tGBOWvpapNLjVf8TsnwSYsGPxkq9sS2/2Hm0Zi+f1whYKGuWv
dleaeHRVlzg4Ikm3qmrlz0PnvCHPXWHntxI2H2ESBxHSS50IOac9OOCxCH2N4o2A
0J5++HYUOV9LrI6OPSPwYgRXbruUBk8h7E7PwgpHgfEiuIRBw8QRwr/p7JMYwXAg
UMgfIRaVpz0mbqrSXlh8yRa9BotCmDOkUeYHKKxi7bVd2tp1TRLPFCboFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEYt8BKVjTl7OEubDMyD7ozE31zzMB8GA1UdIwQY
MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt
OGQzNGY1NTc4MjJhLzEvUmkzd0VwV05PWHM0UzVzTXpJUHVqTVRmWFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh
LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwgBcMA8E
AgACMAkDBwAgAQZ8LawwDQYJKoZIhvcNAQELBQADggEBACtOZWnNvViEiZKU37lq
Hmoph7HyvensYxYidcogJjys4XcqUpqm5bEDOrw5b/LhK/7mZ6KxCo3wawrNP5cn
bmfjfeDs2gueqk2jLpEiTGweIDUQno3MaM8eZFQtYTeHJsDcmFBtnlzsFijfr7MM
bOWM+uEGpO2FAnGxxwnH6cdJIZe0ddW32vyyPvFmh3UQliFs9kPe4Z+4p6QKZKRV
vGy10ot0fGXYNR2bq/gDpATgiRUrlYGP9ZlBgqy0jdPglVa4Vj/mkLuIMLR89lPw
Rd1wpn5+uDLlnWSTQkmQRLkDhDPXT5PrZi7lYZgQFvhL/U1yY3A7GgoGsR/WYzIX
chw=
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:07:32 2024 by rpki-client on console-fra.rpki-client.org