Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/D6spK8KMqFW1JVvYsrv00cHdjQs.roa
File: D6spK8KMqFW1JVvYsrv00cHdjQs.roa (raw, json)
Hash identifier: JA7Ek9WqiAbk3YLDic5iYbaYlSHMPNL6KGu+XGtrCWI=
Subject key identifier: 0F:AB:29:2B:C2:8C:A8:55:B5:25:5B:D8:B2:BB:F4:D1:C1:DD:8D:0B
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 019007065748D5FF86B3658C4975FC1FC677
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/D6spK8KMqFW1JVvYsrv00cHdjQs.roa
Signing time: Tue 11 Jun 2024 11:19:34 +0000
ROA not before: Tue 11 Jun 2024 11:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 176.103.224.0/24 maxlen: 24
176.103.225.0/24 maxlen: 24
176.103.226.0/24 maxlen: 24
176.103.227.0/24 maxlen: 24
176.103.232.0/24 maxlen: 24
176.103.233.0/24 maxlen: 24
176.103.234.0/24 maxlen: 24
176.103.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:06:57:48:d5:ff:86:b3:65:8c:49:75:fc:1f:c6:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jun 11 11:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fab292bc28ca855b5255bd8b2bbf4d1c1dd8d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7e:4b:a4:8b:dd:b4:41:6c:37:5d:66:f3:24:
49:18:0a:20:5f:7e:6d:8f:fc:37:5a:08:db:c5:16:
36:8e:61:93:e3:1b:e1:da:b9:fb:45:dc:4d:9b:5d:
2d:04:45:66:8a:be:96:cb:be:c0:4c:0c:bf:28:d6:
57:41:b6:00:df:6a:f2:35:ce:28:cd:46:1c:40:2d:
cc:63:f9:c6:1a:6d:a7:6f:a1:94:a2:ab:63:6f:98:
d4:5f:15:49:ab:ef:ee:b6:67:ad:c1:82:c8:3b:e2:
44:e7:4a:09:51:ea:a6:42:47:2f:0d:44:cd:85:e9:
f5:65:ee:23:85:d1:28:5c:8e:5c:2f:ed:a8:95:5c:
e5:80:4e:94:46:f8:3a:42:31:8b:19:8e:e2:44:c5:
39:4f:02:c5:cb:cd:f4:08:87:fa:e0:d8:ae:2b:3f:
9f:2a:7e:a3:23:22:2c:37:f4:3c:97:0a:1f:c7:5a:
7c:e1:b0:53:10:72:ae:43:83:30:5f:53:6a:1f:53:
32:ef:39:39:74:7a:ea:d9:69:5d:e6:d8:f3:ce:35:
6a:62:19:74:72:d8:4b:89:71:6e:a6:75:ff:b4:52:
3b:ef:93:bd:db:8d:fd:a4:a1:b9:62:29:04:46:50:
af:e3:79:9d:a8:9e:68:1f:39:e5:2b:83:e0:51:11:
4d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AB:29:2B:C2:8C:A8:55:B5:25:5B:D8:B2:BB:F4:D1:C1:DD:8D:0B
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/D6spK8KMqFW1JVvYsrv00cHdjQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.224.0/22
176.103.232.0/22
Signature Algorithm: sha256WithRSAEncryption
49:2b:a3:d9:c0:29:00:6c:b5:fe:70:b1:4d:4d:29:9f:61:f3:
6e:37:b4:bb:4e:2c:cf:9b:77:ad:74:7e:1b:9f:0b:77:be:77:
7d:98:10:d2:1f:3e:6f:1b:3c:d9:9a:6a:ae:79:bc:ce:32:f8:
1c:67:b3:e3:da:8e:5a:8a:4e:e3:76:da:07:3a:6b:98:1b:0b:
b0:f3:6c:b3:7e:74:57:fb:58:eb:f9:31:50:62:f1:a2:77:88:
4d:c7:c1:18:ad:7a:26:be:a0:56:1b:52:27:00:37:1f:6a:3b:
1b:69:5f:59:35:01:a9:99:b6:18:a1:cf:09:a7:5d:3e:35:d1:
ab:93:61:52:21:65:28:62:3b:59:7b:0c:23:71:91:aa:8b:30:
84:a8:5e:35:e4:18:81:05:35:da:76:7d:66:09:48:e9:4c:55:
aa:4e:4d:bb:4f:c9:1c:36:00:ac:40:a7:1e:c3:23:33:b1:3d:
c3:2c:60:56:ac:d2:9f:5d:1a:78:84:1f:a7:53:eb:3d:e3:dc:
af:94:1d:4c:4b:ea:06:8a:b3:2e:68:5f:6e:14:e0:5e:15:f5:
ef:04:da:48:7e:b5:5f:b3:3f:be:38:60:a0:46:7d:19:29:13:
9a:5b:2f:6d:bf:66:4b:00:3d:85:21:17:81:24:c4:d6:f7:eb:
b5:9f:d0:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAHBldI1f+Gs2WMSXX8H8Z3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwNjExMTExOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFiMjkyYmMyOGNhODU1YjUyNTViZDhiMmJiZjRkMWMxZGQ4ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz35LpIvdtEFsN11m8yRJGAogX35t
j/w3WgjbxRY2jmGT4xvh2rn7RdxNm10tBEVmir6Wy77ATAy/KNZXQbYA32ryNc4o
zUYcQC3MY/nGGm2nb6GUoqtjb5jUXxVJq+/utmetwYLIO+JE50oJUeqmQkcvDUTN
hen1Ze4jhdEoXI5cL+2olVzlgE6URvg6QjGLGY7iRMU5TwLFy830CIf64NiuKz+f
Kn6jIyIsN/Q8lwofx1p84bBTEHKuQ4MwX1NqH1My7zk5dHrq2Wld5tjzzjVqYhl0
cthLiXFupnX/tFI775O92439pKG5YikERlCv43mdqJ5oHznlK4PgURFN/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+rKSvCjKhVtSVb2LK79NHB3Y0LMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvRDZzcEs4S01xRlcxSlZ2WXNydjAwY0hkalFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsGfgAwQC
sGfoMA0GCSqGSIb3DQEBCwUAA4IBAQBJK6PZwCkAbLX+cLFNTSmfYfNuN7S7TizP
m3etdH4bnwt3vnd9mBDSHz5vGzzZmmquebzOMvgcZ7Pj2o5aik7jdtoHOmuYGwuw
82yzfnRX+1jr+TFQYvGid4hNx8EYrXomvqBWG1InADcfajsbaV9ZNQGpmbYYoc8J
p10+NdGrk2FSIWUoYjtZewwjcZGqizCEqF415BiBBTXadn1mCUjpTFWqTk27T8kc
NgCsQKcewyMzsT3DLGBWrNKfXRp4hB+nU+s949yvlB1MS+oGirMuaF9uFOBeFfXv
BNpIfrVfsz++OGCgRn0ZKROaWy9tv2ZLAD2FIReBJMTW9+u1n9Ck
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:01 2024 by rpki-client on console-ams.rpki-client.org