Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/B2ht_7e4mOA7I1W2JfYh0U7SQUI.roa
File: B2ht_7e4mOA7I1W2JfYh0U7SQUI.roa (raw, json)
Hash identifier: kqzS0DQsr0fWRSHApX0zlWBIcc/8ZtLc3+nRSaxJK/s=
Subject key identifier: 07:68:6D:FF:B7:B8:98:E0:3B:23:55:B6:25:F6:21:D1:4E:D2:41:42
Certificate issuer: /CN=13669c0c085cc978a372a0e4f05648398e1e7fe8
Certificate serial: 019341A236B79BD9F54312E70E8702DC8C9C
Authority key identifier: 13:66:9C:0C:08:5C:C9:78:A3:72:A0:E4:F0:56:48:39:8E:1E:7F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2acDAhcyXijcqDk8FZIOY4ef-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/B2ht_7e4mOA7I1W2JfYh0U7SQUI.roa
Signing time: Mon 18 Nov 2024 23:36:09 +0000
ROA not before: Mon 18 Nov 2024 23:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 193.178.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/E2acDAhcyXijcqDk8FZIOY4ef-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/E2acDAhcyXijcqDk8FZIOY4ef-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/E2acDAhcyXijcqDk8FZIOY4ef-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:41:a2:36:b7:9b:d9:f5:43:12:e7:0e:87:02:dc:8c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13669c0c085cc978a372a0e4f05648398e1e7fe8
Validity
Not Before: Nov 18 23:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07686dffb7b898e03b2355b625f621d14ed24142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:c7:b2:93:37:18:de:fe:f8:a7:60:c7:f4:
c3:a8:1b:09:6f:8d:de:11:bc:a3:ee:51:b6:ea:10:
e3:ce:17:2d:e0:67:61:00:db:dd:2e:fd:aa:2d:e6:
f1:18:f3:7f:a3:87:89:b3:bf:73:55:db:2d:9a:1a:
74:89:81:57:89:54:aa:b6:66:90:23:48:ff:04:77:
07:61:ef:83:09:66:c3:7d:8f:df:86:c9:de:d4:66:
ea:9d:1a:c7:c3:ef:e0:d0:19:95:61:be:ce:66:59:
30:65:4f:20:56:0f:11:75:fc:37:3e:2f:98:e3:1b:
4e:f0:01:1a:ce:5f:02:9b:59:9a:3f:2a:14:5e:7d:
7f:49:1d:31:62:ff:4c:e8:aa:b5:7c:62:6d:a8:2a:
c0:7c:0b:da:5e:6e:73:92:76:f7:1a:2b:2c:b1:cb:
97:f9:ce:a2:5d:a7:9a:b0:bb:09:65:48:24:4c:ad:
df:70:c7:7d:0a:56:c9:ee:db:9a:1f:9f:7e:3e:c6:
a4:37:e5:5e:52:f8:d2:28:00:74:ae:ca:9d:5c:1f:
4d:17:01:0b:ae:0a:46:65:88:9e:79:2c:7e:c7:b1:
32:b9:4f:28:8f:49:a4:90:9d:36:f5:7b:9f:63:8a:
28:32:e1:22:46:47:0e:dc:23:03:8e:1f:7a:3c:a0:
97:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:68:6D:FF:B7:B8:98:E0:3B:23:55:B6:25:F6:21:D1:4E:D2:41:42
X509v3 Authority Key Identifier:
keyid:13:66:9C:0C:08:5C:C9:78:A3:72:A0:E4:F0:56:48:39:8E:1E:7F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2acDAhcyXijcqDk8FZIOY4ef-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/B2ht_7e4mOA7I1W2JfYh0U7SQUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/E2acDAhcyXijcqDk8FZIOY4ef-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.227.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:e0:52:9d:e0:27:42:e2:27:82:40:ed:8c:f7:51:a3:9d:ae:
a2:5c:c7:9e:e6:00:84:a9:36:c5:80:95:10:00:32:50:41:bd:
03:41:4c:11:80:ed:13:76:8d:fe:2b:06:bf:50:fb:70:ef:ca:
c1:7f:c9:60:27:8d:69:f5:87:64:75:ab:b3:ba:2d:2e:5b:78:
26:76:e6:da:25:09:5f:fc:cc:ab:f0:dc:e4:dd:a3:e2:39:a9:
06:66:f4:e7:83:22:dc:43:12:ac:ce:9e:72:8a:46:99:a3:e1:
30:60:83:67:dd:77:34:de:66:1e:a3:d8:f9:55:01:83:d1:5b:
4f:18:15:a0:e8:06:13:e8:cd:0c:5a:45:dd:92:d2:3f:30:f1:
11:8e:bf:dd:a9:e0:a6:98:7a:84:f8:6d:11:57:c2:c7:e3:b9:
bd:8c:3f:a4:d1:c7:1d:83:00:eb:fe:9b:52:8e:53:d7:a7:fc:
77:4a:c6:85:5a:1e:1f:43:47:46:c0:fd:d9:63:b9:3f:43:1d:
5d:a1:06:76:98:b8:8b:9a:e7:86:94:4b:ad:e9:01:b1:da:fb:
4e:f1:6e:cd:19:28:59:78:65:37:59:ac:aa:c3:40:7d:73:61:
1a:6c:01:c7:eb:94:7e:a1:c6:8d:bd:58:c3:9b:2f:ba:fb:21:
89:0e:21:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNBoja3m9n1QxLnDocC3IycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjY5YzBjMDg1Y2M5NzhhMzcyYTBlNGYwNTY0ODM5OGUx
ZTdmZTgwHhcNMjQxMTE4MjMzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzY4NmRmZmI3Yjg5OGUwM2IyMzU1YjYyNWY2MjFkMTRlZDI0MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1DHspM3GN7++Kdgx/TDqBsJb43e
Ebyj7lG26hDjzhct4GdhANvdLv2qLebxGPN/o4eJs79zVdstmhp0iYFXiVSqtmaQ
I0j/BHcHYe+DCWbDfY/fhsne1GbqnRrHw+/g0BmVYb7OZlkwZU8gVg8Rdfw3Pi+Y
4xtO8AEazl8Cm1maPyoUXn1/SR0xYv9M6Kq1fGJtqCrAfAvaXm5zknb3GissscuX
+c6iXaeasLsJZUgkTK3fcMd9ClbJ7tuaH59+PsakN+VeUvjSKAB0rsqdXB9NFwEL
rgpGZYieeSx+x7EyuU8oj0mkkJ029XufY4ooMuEiRkcO3CMDjh96PKCXdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdobf+3uJjgOyNVtiX2IdFO0kFCMB8GA1UdIwQY
MBaAFBNmnAwIXMl4o3Kg5PBWSDmOHn/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhY0RBaGN5WGlqY3FEazhGWklPWTRlZi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMzkzZDgtMTI1Mi00YzI3LWJhYWEt
NTNiMDQzNDI3ODNkLzEvQjJodF83ZTRtT0E3STFXMkpmWWgwVTdTUVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMzkzZDgtMTI1Mi00YzI3LWJhYWEtNTNiMDQzNDI3ODNk
LzEvRTJhY0RBaGN5WGlqY3FEazhGWklPWTRlZi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbLjMA0G
CSqGSIb3DQEBCwUAA4IBAQBe4FKd4CdC4ieCQO2M91Gjna6iXMee5gCEqTbFgJUQ
ADJQQb0DQUwRgO0Tdo3+Kwa/UPtw78rBf8lgJ41p9Ydkdauzui0uW3gmdubaJQlf
/Myr8Nzk3aPiOakGZvTngyLcQxKszp5yikaZo+EwYINn3Xc03mYeo9j5VQGD0VtP
GBWg6AYT6M0MWkXdktI/MPERjr/dqeCmmHqE+G0RV8LH47m9jD+k0ccdgwDr/ptS
jlPXp/x3SsaFWh4fQ0dGwP3ZY7k/Qx1doQZ2mLiLmueGlEut6QGx2vtO8W7NGShZ
eGU3Wayqw0B9c2EabAHH65R+ocaNvVjDmy+6+yGJDiEU
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:45 2024 by rpki-client on console-ams.rpki-client.org