Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/trBMgjBHsYwT_RPjw7hDAapsqwA.roa
File: trBMgjBHsYwT_RPjw7hDAapsqwA.roa (raw, json)
Hash identifier: OL1wg7qcImLmuEXJ06nxA+KbF799qTPQd+dGG1AgT3c=
Subject key identifier: B6:B0:4C:82:30:47:B1:8C:13:FD:13:E3:C3:B8:43:01:AA:6C:AB:00
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DF535029C86F15FF74E946CF0809E39BD
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/trBMgjBHsYwT_RPjw7hDAapsqwA.roa
Signing time: Thu 29 Feb 2024 14:11:48 +0000
ROA not before: Thu 29 Feb 2024 14:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 87.236.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:35:02:9c:86:f1:5f:f7:4e:94:6c:f0:80:9e:39:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 29 14:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6b04c823047b18c13fd13e3c3b84301aa6cab00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:e5:e9:c7:24:8f:24:3e:8a:ef:39:bf:9a:
d3:f8:5d:5b:4c:27:80:b9:16:71:e3:c8:33:2c:61:
9b:fc:e3:f3:e7:01:24:16:45:a6:a4:f9:4b:db:5a:
1f:43:43:6c:3b:86:58:a9:1b:41:3e:79:48:22:1d:
44:7a:ee:6c:15:c9:f9:72:8f:44:4e:5a:52:b2:b7:
61:e0:e7:7a:bb:27:f2:7d:9e:59:4d:ac:bb:20:92:
b6:97:88:26:97:56:e0:4a:02:ec:7b:99:c1:91:43:
23:d0:83:26:56:d0:09:ee:eb:1c:aa:53:81:51:cf:
7c:69:04:20:04:24:93:b5:d7:da:df:6f:fa:1c:89:
25:70:51:db:ca:48:dd:53:0b:d4:af:07:c3:ca:93:
f5:c0:1d:27:5d:09:23:22:26:2d:eb:9b:47:38:94:
40:6d:1d:52:9d:86:c3:59:c6:a0:02:9c:54:16:33:
bb:fc:c9:57:8e:5c:77:42:e9:4a:8a:95:a0:fa:bb:
b4:3a:07:49:c2:e5:1a:f6:d4:73:24:4b:dd:d9:c4:
3c:75:56:fa:31:66:90:37:03:98:d9:30:40:aa:c7:
61:62:eb:6e:ca:f8:10:45:40:0f:12:3a:ee:ba:64:
01:a3:d5:30:07:b4:82:a3:a4:37:cc:19:29:0d:88:
31:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B0:4C:82:30:47:B1:8C:13:FD:13:E3:C3:B8:43:01:AA:6C:AB:00
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/trBMgjBHsYwT_RPjw7hDAapsqwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.167.0/24
Signature Algorithm: sha256WithRSAEncryption
26:72:79:a9:58:33:d8:96:90:a1:52:77:14:a5:16:21:92:db:
3f:68:aa:e1:e6:0a:ff:c5:ea:7a:c5:31:11:83:fa:60:4f:b7:
bf:9f:75:aa:4e:b0:36:e4:0c:76:a5:c4:30:ef:8f:83:5a:92:
c7:04:e5:d6:c5:20:cc:8c:a3:b8:f4:3f:85:54:f5:7c:f1:be:
b7:dc:c2:94:73:55:94:f9:6d:78:a6:32:61:25:be:8a:07:19:
d9:9d:47:cc:7f:ca:7e:73:e7:3c:7b:82:c4:b7:d5:52:72:f4:
79:dc:a6:5b:a1:94:b0:05:64:01:fc:eb:5a:46:55:2a:eb:f8:
ce:12:10:b4:7a:d7:12:f7:c8:84:94:b5:9f:92:61:b3:f3:e1:
bd:5c:7e:1e:48:76:03:69:c6:d0:c9:9e:de:1e:8b:8d:6e:86:
fd:ac:69:b8:d1:ab:f9:41:cd:73:6d:fb:10:34:83:61:af:a0:
ce:41:65:a0:70:b4:65:a9:08:d8:3c:ba:ae:51:0d:78:57:88:
94:91:62:c1:bd:27:be:6b:51:43:a2:24:e3:58:b8:c8:a5:d4:
c3:6e:fd:4a:4f:e1:f2:f5:a5:64:ca:dd:07:66:9b:dd:4e:67:
84:be:7b:37:ac:16:15:f2:46:27:48:ca:2f:2d:86:fb:4c:2d:
87:aa:ac:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY31NQKchvFf906UbPCAnjm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI5MTQxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmIwNGM4MjMwNDdiMThjMTNmZDEzZTNjM2I4NDMwMWFhNmNhYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLLl6cckjyQ+iu85v5rT+F1bTCeA
uRZx48gzLGGb/OPz5wEkFkWmpPlL21ofQ0NsO4ZYqRtBPnlIIh1Eeu5sFcn5co9E
TlpSsrdh4Od6uyfyfZ5ZTay7IJK2l4gml1bgSgLse5nBkUMj0IMmVtAJ7uscqlOB
Uc98aQQgBCSTtdfa32/6HIklcFHbykjdUwvUrwfDypP1wB0nXQkjIiYt65tHOJRA
bR1SnYbDWcagApxUFjO7/MlXjlx3QulKipWg+ru0OgdJwuUa9tRzJEvd2cQ8dVb6
MWaQNwOY2TBAqsdhYutuyvgQRUAPEjruumQBo9UwB7SCo6Q3zBkpDYgxNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLawTIIwR7GME/0T48O4QwGqbKsAMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdHJCTWdqQkhzWXdUX1JQanc3aERBYXBzcXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+ynMA0G
CSqGSIb3DQEBCwUAA4IBAQAmcnmpWDPYlpChUncUpRYhkts/aKrh5gr/xep6xTER
g/pgT7e/n3WqTrA25Ax2pcQw74+DWpLHBOXWxSDMjKO49D+FVPV88b633MKUc1WU
+W14pjJhJb6KBxnZnUfMf8p+c+c8e4LEt9VScvR53KZboZSwBWQB/OtaRlUq6/jO
EhC0etcS98iElLWfkmGz8+G9XH4eSHYDacbQyZ7eHouNbob9rGm40av5Qc1zbfsQ
NINhr6DOQWWgcLRlqQjYPLquUQ14V4iUkWLBvSe+a1FDoiTjWLjIpdTDbv1KT+Hy
9aVkyt0HZpvdTmeEvns3rBYV8kYnSMovLYb7TC2Hqqzc
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:48:03 2024 by rpki-client on console-ams.rpki-client.org