Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/9R7sWqyVpcKmIZKS5cTvxstP7EU.roa
File: 9R7sWqyVpcKmIZKS5cTvxstP7EU.roa (raw, json)
Hash identifier: O5H16G6IL26RHO4IKopIcSn0PuFpWKkIEPtOgV0oJ/A=
Subject key identifier: F5:1E:EC:5A:AC:95:A5:C2:A6:21:92:92:E5:C4:EF:C6:CB:4F:EC:45
Certificate issuer: /CN=4f123e248e6ec0368e0712345f726d71f60f826b
Certificate serial: 018CC56ECF8D033030374BF335C2501C28F7
Authority key identifier: 4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/9R7sWqyVpcKmIZKS5cTvxstP7EU.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201597
IP address blocks: 185.66.92.0/22 maxlen: 22
185.232.252.0/22 maxlen: 22
185.232.254.0/24 maxlen: 24
2a05:680::/29 maxlen: 29
2a05:687::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:cf:8d:03:30:30:37:4b:f3:35:c2:50:1c:28:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f123e248e6ec0368e0712345f726d71f60f826b
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f51eec5aac95a5c2a6219292e5c4efc6cb4fec45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:f0:23:cd:08:ad:14:06:8e:b4:50:02:ae:
66:e9:1b:ac:b2:47:17:a4:d7:16:24:85:94:38:6e:
e3:69:c0:bb:8d:87:2a:94:44:c3:43:7b:02:e4:47:
6b:cc:8e:c7:a3:7e:13:b0:c3:9c:e4:ce:8e:75:8a:
78:8c:15:ec:93:e9:eb:53:53:bc:6e:68:d2:dd:95:
85:d5:84:fb:7e:16:c9:a6:89:89:dc:7a:bd:e2:06:
50:1a:04:f4:77:21:38:f7:62:32:72:c9:fc:ec:a5:
2d:4d:33:24:e7:50:78:75:9a:12:1a:2b:02:4b:96:
79:b0:76:f2:9a:24:48:ac:ec:d5:48:20:9c:f9:21:
bf:da:4f:e6:a5:83:5c:f6:9f:28:45:bd:2f:10:b6:
59:a2:5b:7d:20:91:82:d1:5f:4f:a5:bd:4f:f6:37:
0e:24:f9:45:9e:88:ed:42:08:b2:79:76:a4:3b:fa:
4c:c4:8c:7c:94:a0:fb:7e:47:1f:56:6c:eb:39:41:
fc:51:3c:fa:13:76:9e:43:2f:c0:7e:cd:30:45:c4:
3a:7e:dd:92:73:42:c1:19:cd:18:c2:96:ce:02:27:
0c:6d:a4:09:7f:94:6e:0e:5f:f9:f2:25:28:51:6a:
f2:1f:ce:41:f7:d8:4c:45:06:50:40:d4:f0:a8:77:
2f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1E:EC:5A:AC:95:A5:C2:A6:21:92:92:E5:C4:EF:C6:CB:4F:EC:45
X509v3 Authority Key Identifier:
keyid:4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/9R7sWqyVpcKmIZKS5cTvxstP7EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.92.0/22
185.232.252.0/22
IPv6:
2a05:680::/29
Signature Algorithm: sha256WithRSAEncryption
21:ec:53:56:35:fd:97:5c:26:92:f7:9d:87:19:c4:79:89:a1:
43:74:20:3e:37:71:93:40:05:84:c3:4c:6f:94:b8:13:a3:ef:
6b:74:27:2a:b2:49:a6:5e:54:5b:14:40:46:11:1f:b2:f4:09:
05:1e:2b:5b:be:d0:1e:56:1e:f7:c2:24:73:e2:a6:f4:40:e2:
fd:37:f9:9e:e9:d8:64:2d:d8:be:51:f7:88:1b:ca:d9:f9:6b:
f0:8f:a9:06:0c:fd:e0:21:dd:14:23:0c:b5:98:db:87:88:f7:
06:5a:ef:b1:4f:c8:69:2f:e8:a7:a2:73:61:9e:02:db:35:08:
9c:ed:10:45:dd:f6:5d:a0:a2:0b:71:61:6b:5f:67:0e:fe:cb:
1d:86:97:c9:dc:e7:40:5a:a7:3c:15:c9:41:43:9e:b2:1f:27:
0d:97:ff:73:0e:f5:f4:3a:c5:ce:eb:90:2f:cf:0b:89:4a:39:
44:a2:db:60:48:8e:80:2e:4c:50:e6:44:9d:1e:9b:df:61:ab:
74:9e:ac:e3:8b:de:8d:cb:11:a9:31:5f:fa:e3:11:e2:04:9e:
c2:5f:d5:b5:49:a1:fd:bf:df:06:58:b6:37:73:46:c7:4c:6e:
86:f2:3f:3b:f7:6c:f9:63:6c:70:d2:57:33:2a:79:09:e1:9c:
d8:59:72:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbs+NAzAwN0vzNcJQHCj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTIzZTI0OGU2ZWMwMzY4ZTA3MTIzNDVmNzI2ZDcxZjYw
ZjgyNmIwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFlZWM1YWFjOTVhNWMyYTYyMTkyOTJlNWM0ZWZjNmNiNGZlYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppTwI80IrRQGjrRQAq5m6RusskcX
pNcWJIWUOG7jacC7jYcqlETDQ3sC5EdrzI7Ho34TsMOc5M6OdYp4jBXsk+nrU1O8
bmjS3ZWF1YT7fhbJpomJ3Hq94gZQGgT0dyE492Iycsn87KUtTTMk51B4dZoSGisC
S5Z5sHbymiRIrOzVSCCc+SG/2k/mpYNc9p8oRb0vELZZolt9IJGC0V9Ppb1P9jcO
JPlFnojtQgiyeXakO/pMxIx8lKD7fkcfVmzrOUH8UTz6E3aeQy/Afs0wRcQ6ft2S
c0LBGc0YwpbOAicMbaQJf5RuDl/58iUoUWryH85B99hMRQZQQNTwqHcvgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPUe7FqslaXCpiGSkuXE78bLT+xFMB8GA1UdIwQY
MBaAFE8SPiSObsA2jgcSNF9ybXH2D4JrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhJLUpJNXV3RGFPQnhJMFgzSnRjZllQZ21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZDljZTItNmQ4OC00OTc3LWFlMDYt
YzFlOTQxZTU5YzE0LzEvOVI3c1dxeVZwY0ttSVpLUzVjVHZ4c3RQN0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZDljZTItNmQ4OC00OTc3LWFlMDYtYzFlOTQxZTU5YzE0
LzEvVHhJLUpJNXV3RGFPQnhJMFgzSnRjZllQZ21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUJcAwQC
uej8MA0EAgACMAcDBQMqBQaAMA0GCSqGSIb3DQEBCwUAA4IBAQAh7FNWNf2XXCaS
952HGcR5iaFDdCA+N3GTQAWEw0xvlLgTo+9rdCcqskmmXlRbFEBGER+y9AkFHitb
vtAeVh73wiRz4qb0QOL9N/me6dhkLdi+UfeIG8rZ+Wvwj6kGDP3gId0UIwy1mNuH
iPcGWu+xT8hpL+inonNhngLbNQic7RBF3fZdoKILcWFrX2cO/ssdhpfJ3OdAWqc8
FclBQ56yHycNl/9zDvX0OsXO65AvzwuJSjlEottgSI6ALkxQ5kSdHpvfYat0nqzj
i96NyxGpMV/64xHiBJ7CX9W1SaH9v98GWLY3c0bHTG6G8j8792z5Y2xw0lczKnkJ
4ZzYWXLj
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:35:42 2024 by rpki-client on console-ams.rpki-client.org