Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/C_l3Vko-E6JBvGyoK4QFZnyCteA.roa
File: C_l3Vko-E6JBvGyoK4QFZnyCteA.roa (raw, json)
Hash identifier: aXwkNJC2Jd32tbzRoIQEbfZ9nUl2cyQmalGbhI2VheY=
Subject key identifier: 0B:F9:77:56:4A:3E:13:A2:41:BC:6C:A8:2B:84:05:66:7C:82:B5:E0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D9EE0B1666E0606692DF418032EE70C4D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/C_l3Vko-E6JBvGyoK4QFZnyCteA.roa
Signing time: Mon 12 Feb 2024 19:52:22 +0000
ROA not before: Mon 12 Feb 2024 19:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.178.0/23 maxlen: 23
84.32.214.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:e0:b1:66:6e:06:06:69:2d:f4:18:03:2e:e7:0c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 12 19:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bf977564a3e13a241bc6ca82b8405667c82b5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:11:ec:2f:4d:bb:28:6b:9a:df:ac:45:7e:65:
81:75:a5:48:dd:7d:16:6b:e8:91:8a:5c:90:a4:cc:
71:40:8c:94:bd:54:93:5a:e9:1e:2f:21:e8:45:47:
b8:4a:da:11:bd:b4:42:31:88:df:de:2e:d4:fb:50:
76:fb:54:da:7d:e4:cc:ce:60:e9:a2:c6:a8:52:8f:
77:06:ce:3d:cc:89:ee:e4:b8:5c:fc:4d:96:20:f4:
3a:14:48:0c:ba:0a:39:3a:31:ac:b6:56:80:2d:0c:
e2:52:8b:0f:c1:a4:47:15:f8:99:bc:cc:13:9a:21:
ad:cf:f7:c7:45:f3:73:0b:8c:ee:db:d0:27:5f:47:
87:36:46:0c:1c:3d:77:08:60:47:bb:64:d6:5f:36:
af:8d:7c:44:51:af:a7:a4:77:b5:01:62:0a:9b:68:
17:f1:bc:37:70:c8:8b:40:40:fe:76:27:02:1d:84:
2a:d3:46:2a:a2:ee:f7:9e:01:bc:30:79:6e:42:18:
8c:3c:bc:a4:8b:5c:f0:1d:96:3a:38:00:6b:4a:dd:
74:81:f9:7d:88:29:33:27:81:dc:a5:d4:02:a7:c7:
c0:58:74:c0:c1:31:4e:04:44:9c:8b:3c:e9:2c:ce:
c8:86:11:af:d7:b0:a2:36:9b:c6:68:30:0a:91:0a:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F9:77:56:4A:3E:13:A2:41:BC:6C:A8:2B:84:05:66:7C:82:B5:E0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/C_l3Vko-E6JBvGyoK4QFZnyCteA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.178.0/23
84.32.214.0/23
84.32.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:07:a4:78:ea:6a:d6:30:1b:f7:1e:16:40:8a:05:70:fc:88:
e0:12:ac:00:ff:c3:c5:57:68:21:34:88:28:1e:8d:d7:42:4f:
b4:11:ed:08:73:8e:fe:06:79:cf:88:26:4d:2d:e6:3d:39:37:
a3:5f:6c:a2:83:21:60:60:89:81:a2:fd:7b:be:a2:e0:2e:27:
93:5b:94:34:fa:e4:99:38:35:45:e1:c7:1e:99:17:09:6f:43:
44:35:92:d6:13:de:27:dd:17:dc:94:ec:2f:af:b6:ad:e4:31:
8a:6f:79:73:c6:c0:44:f5:77:0b:f9:b7:bb:82:3b:28:16:77:
1c:f9:58:6a:57:4b:ef:83:06:81:6c:00:d3:1c:c6:6b:de:47:
e6:21:06:91:52:32:4f:4f:97:61:c9:26:33:55:bd:f4:be:46:
59:97:45:51:86:39:6c:aa:59:a7:0f:9b:53:40:e6:52:d5:94:
85:84:28:71:b7:d5:e7:19:d4:87:1f:78:01:85:65:eb:d4:ac:
7f:9c:79:e7:05:d1:52:f7:d2:25:6e:a0:16:9d:6d:36:d5:c3:
70:42:94:74:93:2a:4e:91:e9:66:15:38:42:f0:5d:14:93:1a:
88:1f:3b:de:68:64:d2:b0:66:69:86:41:d0:fa:2c:f4:7b:76:
34:13:4e:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2e4LFmbgYGaS30GAMu5wxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMjEyMTk1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmY5Nzc1NjRhM2UxM2EyNDFiYzZjYTgyYjg0MDU2NjdjODJiNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxHsL027KGua36xFfmWBdaVI3X0W
a+iRilyQpMxxQIyUvVSTWukeLyHoRUe4StoRvbRCMYjf3i7U+1B2+1TafeTMzmDp
osaoUo93Bs49zInu5Lhc/E2WIPQ6FEgMugo5OjGstlaALQziUosPwaRHFfiZvMwT
miGtz/fHRfNzC4zu29AnX0eHNkYMHD13CGBHu2TWXzavjXxEUa+npHe1AWIKm2gX
8bw3cMiLQED+dicCHYQq00Yqou73ngG8MHluQhiMPLyki1zwHZY6OABrSt10gfl9
iCkzJ4HcpdQCp8fAWHTAwTFOBEScizzpLM7IhhGv17CiNpvGaDAKkQoivQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAv5d1ZKPhOiQbxsqCuEBWZ8grXgMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ19sM1Zrby1FNkpCdkd5b0s0UUZabnlDdGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVCCyAwQB
VCDWAwQAVCD4MA0GCSqGSIb3DQEBCwUAA4IBAQCNB6R46mrWMBv3HhZAigVw/Ijg
EqwA/8PFV2ghNIgoHo3XQk+0Ee0Ic47+BnnPiCZNLeY9OTejX2yigyFgYImBov17
vqLgLieTW5Q0+uSZODVF4ccemRcJb0NENZLWE94n3RfclOwvr7at5DGKb3lzxsBE
9XcL+be7gjsoFncc+VhqV0vvgwaBbADTHMZr3kfmIQaRUjJPT5dhySYzVb30vkZZ
l0VRhjlsqlmnD5tTQOZS1ZSFhChxt9XnGdSHH3gBhWXr1Kx/nHnnBdFS99IlbqAW
nW021cNwQpR0kypOkelmFThC8F0UkxqIHzveaGTSsGZphkHQ+iz0e3Y0E07U
-----END CERTIFICATE-----
Generated at Sat May 4 22:24:59 2024 by rpki-client on console-ams.rpki-client.org