Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/0WZ9_a6vUr91kl3GevJ-4ENahak.roa
File: 0WZ9_a6vUr91kl3GevJ-4ENahak.roa (raw, json)
Hash identifier: 3bX4GdW0zwO2dMFLNuDwzKWah2Ba/YetxHRH020nOlc=
Subject key identifier: D1:66:7D:FD:AE:AF:52:BF:75:92:5D:C6:7A:F2:7E:E0:43:5A:85:A9
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F974A8D21EF875A10B369ADCFCF6CC9
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/0WZ9_a6vUr91kl3GevJ-4ENahak.roa
Signing time: Wed 27 Mar 2024 11:06:45 +0000
ROA not before: Wed 27 Mar 2024 11:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12874
IP address blocks: 2.16.17.0/24 maxlen: 24
2.19.179.0/24 maxlen: 24
80.67.66.0/24 maxlen: 24
84.53.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 13:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:97:4a:8d:21:ef:87:5a:10:b3:69:ad:cf:cf:6c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1667dfdaeaf52bf75925dc67af27ee0435a85a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:18:23:07:a0:de:bc:cd:bd:11:2d:cc:67:fb:
1b:89:c0:01:38:d1:72:54:d2:c2:6d:a5:72:94:4b:
b8:ea:5e:79:ec:51:f7:d8:b4:49:cc:48:19:49:70:
a0:b6:df:e4:3b:69:dd:f6:d0:37:48:65:87:25:5a:
a9:9e:48:63:d8:e3:e8:19:a1:69:6e:0b:c2:2c:80:
88:f9:08:88:14:28:09:17:db:e2:aa:a0:e6:85:d7:
9e:47:ae:5c:83:a1:a6:1b:0c:f5:fa:06:c6:97:ef:
6e:f4:a5:a9:4c:fe:5c:35:31:f7:96:be:73:15:3b:
ac:26:a7:9e:fe:a4:b7:25:4e:3b:22:fd:13:5d:b0:
b2:55:08:3c:50:2b:37:49:6e:ce:09:26:18:7c:13:
37:a0:73:26:64:dd:ba:5d:f1:49:12:c3:d6:0c:b2:
6c:3b:b9:d2:5c:a6:14:21:73:1b:83:7c:cf:86:53:
c0:0d:7c:ee:62:cd:7a:bc:ca:d2:31:f7:0c:35:e3:
f4:67:5b:e6:bc:75:79:51:79:60:dc:a9:d1:f4:ac:
15:78:3f:ed:68:73:9f:37:a6:fc:2c:ea:06:19:63:
bf:13:a9:5b:19:24:2a:73:84:9c:88:b7:fe:27:e5:
e1:2c:36:2f:13:4a:01:e9:c5:26:f0:07:b3:84:a2:
9a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:66:7D:FD:AE:AF:52:BF:75:92:5D:C6:7A:F2:7E:E0:43:5A:85:A9
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/0WZ9_a6vUr91kl3GevJ-4ENahak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.17.0/24
2.19.179.0/24
80.67.66.0/24
84.53.184.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9e:bc:bd:89:74:b9:63:bb:36:17:da:0d:fe:9f:37:d7:a0:
c7:72:0b:7d:7a:25:24:5f:57:cc:de:34:2a:6d:b9:3a:c8:dd:
8f:3c:5b:e5:72:7b:6f:9c:6f:4f:ff:a5:06:f3:63:5c:5a:61:
bd:7b:be:62:76:54:78:0f:66:73:24:8e:34:da:0d:10:40:3f:
a4:24:95:5c:19:28:ae:03:85:4f:26:f2:54:87:21:e6:35:4b:
b4:dc:38:53:89:f7:3d:07:1f:d6:60:40:28:fb:e8:96:4b:a1:
86:61:62:a8:c5:90:48:94:64:5c:27:0b:ef:59:07:a3:ad:5f:
54:81:80:4d:1e:6f:89:9f:83:ad:b8:db:f5:d9:b4:22:71:0a:
fb:1a:6d:b5:aa:24:ea:33:15:a9:aa:7d:bd:ee:23:af:28:12:
c0:96:4f:7d:88:7d:f5:58:fb:7b:47:c6:ec:d3:b6:1e:5a:53:
b2:2f:ee:ce:38:ec:2a:ed:12:72:42:f5:93:81:6e:8a:40:b8:
e4:b7:05:e7:a1:03:bf:23:40:2b:cb:d0:6d:2b:f8:ce:8b:38:
a1:90:07:9f:61:22:49:89:4b:88:b8:a2:64:64:7e:c5:d0:54:
c7:70:6f:94:8d:8a:f5:ec:b0:d8:ab:c0:da:54:61:9b:7f:d7:
e9:45:de:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5/l0qNIe+HWhCzaa3Pz2zJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTY2N2RmZGFlYWY1MmJmNzU5MjVkYzY3YWYyN2VlMDQzNWE4NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxgjB6DevM29ES3MZ/sbicABONFy
VNLCbaVylEu46l557FH32LRJzEgZSXCgtt/kO2nd9tA3SGWHJVqpnkhj2OPoGaFp
bgvCLICI+QiIFCgJF9viqqDmhdeeR65cg6GmGwz1+gbGl+9u9KWpTP5cNTH3lr5z
FTusJqee/qS3JU47Iv0TXbCyVQg8UCs3SW7OCSYYfBM3oHMmZN26XfFJEsPWDLJs
O7nSXKYUIXMbg3zPhlPADXzuYs16vMrSMfcMNeP0Z1vmvHV5UXlg3KnR9KwVeD/t
aHOfN6b8LOoGGWO/E6lbGSQqc4SciLf+J+XhLDYvE0oB6cUm8AezhKKaRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNFmff2ur1K/dZJdxnryfuBDWoWpMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvMFdaOV9hNnZVcjkxa2wzR2V2Si00RU5haGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAhARAwQA
AhOzAwQAUENCAwQAVDW4MA0GCSqGSIb3DQEBCwUAA4IBAQBynry9iXS5Y7s2F9oN
/p8316DHcgt9eiUkX1fM3jQqbbk6yN2PPFvlcntvnG9P/6UG82NcWmG9e75idlR4
D2ZzJI402g0QQD+kJJVcGSiuA4VPJvJUhyHmNUu03DhTifc9Bx/WYEAo++iWS6GG
YWKoxZBIlGRcJwvvWQejrV9UgYBNHm+Jn4OtuNv12bQicQr7Gm21qiTqMxWpqn29
7iOvKBLAlk99iH31WPt7R8bs07YeWlOyL+7OOOwq7RJyQvWTgW6KQLjktwXnoQO/
I0Ary9BtK/jOizihkAefYSJJiUuIuKJkZH7F0FTHcG+UjYr17LDYq8DaVGGbf9fp
Rd4H
-----END CERTIFICATE-----
Generated at Wed May 29 19:17:46 2024 by rpki-client on console-fra.rpki-client.org