Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/60OZGqbdIA3xp1MCKmT04tIbSUs.roa
File: 60OZGqbdIA3xp1MCKmT04tIbSUs.roa (raw, json)
Hash identifier: ZZWuWvA/QU/EBhEjocxiupa3ENX71OYDCFObvTFDqq0=
Subject key identifier: EB:43:99:1A:A6:DD:20:0D:F1:A7:53:02:2A:64:F4:E2:D2:1B:49:4B
Certificate issuer: /CN=cd3dbd5fc6f91b807b7bc4cf6e646e345862af3e
Certificate serial: 018D6561AB78286DEE5E5B16AE9376315D87
Authority key identifier: CD:3D:BD:5F:C6:F9:1B:80:7B:7B:C4:CF:6E:64:6E:34:58:62:AF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zT29X8b5G4B7e8TPbmRuNFhirz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/60OZGqbdIA3xp1MCKmT04tIbSUs.roa
Signing time: Thu 01 Feb 2024 15:55:16 +0000
ROA not before: Thu 01 Feb 2024 15:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211621
IP address blocks: 195.96.143.0/24 maxlen: 24
2a12:e800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/zT29X8b5G4B7e8TPbmRuNFhirz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/zT29X8b5G4B7e8TPbmRuNFhirz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zT29X8b5G4B7e8TPbmRuNFhirz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:61:ab:78:28:6d:ee:5e:5b:16:ae:93:76:31:5d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3dbd5fc6f91b807b7bc4cf6e646e345862af3e
Validity
Not Before: Feb 1 15:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb43991aa6dd200df1a753022a64f4e2d21b494b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:09:26:2f:8d:3a:8b:54:51:84:17:49:94:2f:
db:43:2a:8c:0a:be:41:17:10:03:3d:93:7a:ee:e1:
75:5a:02:fb:47:27:95:89:ba:ea:d4:9b:87:89:73:
d9:06:c3:05:c5:41:02:38:1c:ab:ba:04:50:9c:a1:
c8:05:53:b7:73:e9:29:1a:b3:63:e4:94:d7:83:33:
ed:28:ae:2d:8d:da:b1:4f:ce:67:16:b9:c9:e6:c9:
e8:e0:e7:28:ac:34:ef:d3:31:a1:ed:9d:60:24:45:
0d:41:a5:4c:fc:f4:29:29:f0:69:83:97:19:dc:3b:
11:6c:30:07:fb:78:6a:35:33:29:f5:01:0f:fc:69:
c7:8f:55:0f:79:9e:6b:2e:88:93:2e:6d:4b:4c:fa:
d1:ac:bf:99:d9:74:8f:8f:18:5b:9f:f8:a3:e5:cb:
1e:c7:7d:bc:3f:3b:43:15:de:7d:95:33:f6:5e:61:
c6:84:c8:74:62:5c:6d:f7:93:ca:40:ab:87:25:37:
05:8a:5f:31:d6:65:63:6a:41:1b:43:87:66:77:35:
97:ee:96:f9:e0:32:ca:a1:4a:f0:90:ad:31:90:78:
1c:84:b8:3b:5b:01:c7:4f:df:c5:19:3f:22:df:e7:
70:b5:61:18:18:9e:f8:8e:8b:17:ba:ef:af:48:42:
de:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:43:99:1A:A6:DD:20:0D:F1:A7:53:02:2A:64:F4:E2:D2:1B:49:4B
X509v3 Authority Key Identifier:
keyid:CD:3D:BD:5F:C6:F9:1B:80:7B:7B:C4:CF:6E:64:6E:34:58:62:AF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zT29X8b5G4B7e8TPbmRuNFhirz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/60OZGqbdIA3xp1MCKmT04tIbSUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/zT29X8b5G4B7e8TPbmRuNFhirz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.143.0/24
IPv6:
2a12:e800::/29
Signature Algorithm: sha256WithRSAEncryption
82:ff:09:af:b4:82:ed:31:4d:85:ca:8d:5e:87:45:ce:b2:e4:
98:55:16:5f:5f:27:65:33:d4:61:d8:07:9c:0c:c6:62:86:f2:
e9:6d:c6:86:31:66:58:8a:07:d3:5e:40:87:8d:79:3d:4d:50:
fd:97:35:bb:c7:a6:18:9c:ba:49:19:8b:dd:a0:62:56:3c:fe:
b5:c5:8f:b8:39:37:09:d4:c4:71:ed:c3:32:1e:48:04:95:ae:
95:69:97:3c:19:96:c2:89:67:d0:ea:9b:61:fb:d3:1b:00:a3:
11:54:7d:7d:c4:31:a4:34:36:fe:34:05:27:4e:7d:79:11:ab:
b7:29:4c:69:a3:40:9f:fe:a3:c3:b6:ce:79:62:39:3f:5b:b5:
67:dc:26:5e:2d:3d:83:18:b7:4b:10:b0:97:34:6e:93:1a:6f:
fd:8f:3f:c8:32:e2:12:2d:e3:86:2a:29:ea:4a:31:a3:f5:1a:
a1:ee:0d:a7:e0:42:80:04:b2:0a:4f:44:dd:9c:d0:81:c6:c1:
af:37:5d:c4:be:db:bc:c5:4f:5d:36:d9:0b:7d:97:5a:bb:12:
ea:3b:cf:6b:c3:37:f2:9c:d1:fb:bf:bc:72:b5:19:65:d6:ba:
d6:be:07:85:88:a5:e8:26:98:1f:ad:e0:a9:98:71:42:d9:48:
78:d7:a6:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1lYat4KG3uXlsWrpN2MV2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2RiZDVmYzZmOTFiODA3YjdiYzRjZjZlNjQ2ZTM0NTg2
MmFmM2UwHhcNMjQwMjAxMTU1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQzOTkxYWE2ZGQyMDBkZjFhNzUzMDIyYTY0ZjRlMmQyMWI0OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwkmL406i1RRhBdJlC/bQyqMCr5B
FxADPZN67uF1WgL7RyeVibrq1JuHiXPZBsMFxUECOByrugRQnKHIBVO3c+kpGrNj
5JTXgzPtKK4tjdqxT85nFrnJ5sno4OcorDTv0zGh7Z1gJEUNQaVM/PQpKfBpg5cZ
3DsRbDAH+3hqNTMp9QEP/GnHj1UPeZ5rLoiTLm1LTPrRrL+Z2XSPjxhbn/ij5cse
x328PztDFd59lTP2XmHGhMh0Ylxt95PKQKuHJTcFil8x1mVjakEbQ4dmdzWX7pb5
4DLKoUrwkK0xkHgchLg7WwHHT9/FGT8i3+dwtWEYGJ74josXuu+vSELeXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOtDmRqm3SAN8adTAipk9OLSG0lLMB8GA1UdIwQY
MBaAFM09vV/G+RuAe3vEz25kbjRYYq8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelQyOVg4YjVHNEI3ZThUUGJtUnVORmhpcno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xNGI5MzMtN2UzNC00YTg3LWIyMTUt
OGNhYWQzZTMxYWRjLzEvNjBPWkdxYmRJQTN4cDFNQ0ttVDA0dEliU1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xNGI5MzMtN2UzNC00YTg3LWIyMTUtOGNhYWQzZTMxYWRj
LzEvelQyOVg4YjVHNEI3ZThUUGJtUnVORmhpcno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw2CPMA0E
AgACMAcDBQMqEugAMA0GCSqGSIb3DQEBCwUAA4IBAQCC/wmvtILtMU2Fyo1eh0XO
suSYVRZfXydlM9Rh2AecDMZihvLpbcaGMWZYigfTXkCHjXk9TVD9lzW7x6YYnLpJ
GYvdoGJWPP61xY+4OTcJ1MRx7cMyHkgEla6VaZc8GZbCiWfQ6pth+9MbAKMRVH19
xDGkNDb+NAUnTn15Eau3KUxpo0Cf/qPDts55Yjk/W7Vn3CZeLT2DGLdLELCXNG6T
Gm/9jz/IMuISLeOGKinqSjGj9Rqh7g2n4EKABLIKT0TdnNCBxsGvN13Evtu8xU9d
NtkLfZdauxLqO89rwzfynNH7v7xytRll1rrWvgeFiKXoJpgfreCpmHFC2Uh416ZV
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:06 2024 by rpki-client on console-ams.rpki-client.org