Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/i9wKAmVhMsyZBj8R5q3SelIcYTU.roa
File: i9wKAmVhMsyZBj8R5q3SelIcYTU.roa (raw, json)
Hash identifier: rmTHE3f6tyDmEcOtltB9QvasjI7KacxL8/Afv6LM458=
Subject key identifier: 8B:DC:0A:02:65:61:32:CC:99:06:3F:11:E6:AD:D2:7A:52:1C:61:35
Certificate issuer: /CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Certificate serial: 018CC56EC71BB980309CA2883DD08019FE83
Authority key identifier: BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/i9wKAmVhMsyZBj8R5q3SelIcYTU.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12333
IP address blocks: 193.23.0.0/23 maxlen: 23
94.143.0.0/21 maxlen: 21
5.61.224.0/21 maxlen: 21
193.23.46.0/23 maxlen: 23
195.70.0.0/19 maxlen: 19
2a00:1840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/v-NULdY_7SUN5ctl9uykh-f0eEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/v-NULdY_7SUN5ctl9uykh-f0eEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c7:1b:b9:80:30:9c:a2:88:3d:d0:80:19:fe:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bdc0a02656132cc99063f11e6add27a521c6135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e5:14:ee:b7:3e:fd:db:7a:63:5c:b9:a4:76:
1e:94:d5:1f:65:a2:d3:d6:94:54:ca:40:47:2b:76:
50:d4:8d:a2:ed:9a:2a:71:19:17:7c:1d:67:37:86:
6d:3d:9a:d7:53:61:49:2d:81:08:9e:f2:f0:18:49:
18:16:21:b9:30:fd:84:b7:3a:86:67:d4:0d:9f:d7:
1c:da:97:bb:33:51:07:1e:ad:26:90:e6:83:ec:6f:
65:57:50:65:2f:0f:6e:63:2d:35:f2:db:0c:9c:5c:
5c:5f:0f:c1:1f:12:83:23:10:c3:66:5c:69:82:ed:
78:a3:f5:68:74:e1:2b:1a:2d:52:ce:3d:da:73:85:
49:1d:3f:3d:73:af:9f:fb:66:cb:84:ca:9d:04:5b:
61:e1:e3:72:52:39:a0:4c:12:48:36:5d:9b:e6:39:
2b:1b:05:31:ae:5e:54:a4:5b:03:94:43:cc:21:0d:
87:ea:fc:fd:49:dd:b3:cc:b1:fa:8c:7e:b5:37:a8:
8d:f6:13:8c:9b:3f:55:63:df:67:dd:39:c3:a8:42:
8d:b1:a8:9d:17:98:29:d4:4c:41:b2:bf:3f:7d:66:
e8:65:77:f2:c7:a3:8a:8f:94:95:b5:2b:39:26:eb:
f7:eb:cc:99:75:30:c9:b7:20:19:b2:eb:c2:ec:31:
f8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DC:0A:02:65:61:32:CC:99:06:3F:11:E6:AD:D2:7A:52:1C:61:35
X509v3 Authority Key Identifier:
keyid:BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/i9wKAmVhMsyZBj8R5q3SelIcYTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/v-NULdY_7SUN5ctl9uykh-f0eEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.224.0/21
94.143.0.0/21
193.23.0.0/23
193.23.46.0/23
195.70.0.0/19
IPv6:
2a00:1840::/32
Signature Algorithm: sha256WithRSAEncryption
58:8d:d7:c0:e4:bd:92:c7:87:6e:eb:21:46:fd:92:b7:1e:49:
97:08:cd:8d:75:53:40:c3:3c:d4:fd:b8:6b:fc:cf:f6:c4:98:
46:61:6b:bf:2c:e9:26:f2:37:24:09:dd:42:dd:16:35:3d:98:
cd:c0:97:f6:16:20:4c:f7:5b:0b:8a:87:58:07:34:d8:a4:0d:
5f:9e:09:5e:48:1b:11:c2:41:03:15:5f:d0:2e:ce:fe:98:92:
9f:ab:8f:0a:ad:cd:b0:0a:35:26:23:7a:36:1d:e0:af:c4:43:
cd:94:39:58:26:b6:bf:ab:ad:39:70:a4:23:99:b3:4a:be:f0:
ae:f4:6b:de:3e:a0:67:3d:fd:d6:b6:a9:66:c3:60:62:dd:06:
ba:1f:28:1d:01:e9:e6:ff:49:72:f9:83:17:a4:64:b0:88:c0:
97:2f:e2:a6:de:0b:ba:80:71:fd:ce:7e:34:d3:bb:6b:e0:5a:
7d:12:aa:20:b2:b1:e0:5b:5a:68:27:74:86:23:60:84:d4:86:
cd:6b:a0:79:b9:fe:e4:97:42:55:00:0b:20:6d:70:9f:e0:45:
4e:90:d8:ea:86:94:77:e8:db:0f:40:4a:e4:70:d2:81:b3:56:
39:c9:d0:ad:b1:7c:b2:e1:e1:0a:85:13:70:c8:94:82:ac:ea:
d4:57:e1:dd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFbscbuYAwnKKIPdCAGf6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM1NDJkZDYzZmVkMjUwZGU1Y2I2NWY2ZWNhNDg3ZTdm
NDc4NDcwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRjMGEwMjY1NjEzMmNjOTkwNjNmMTFlNmFkZDI3YTUyMWM2MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+UU7rc+/dt6Y1y5pHYelNUfZaLT
1pRUykBHK3ZQ1I2i7ZoqcRkXfB1nN4ZtPZrXU2FJLYEInvLwGEkYFiG5MP2EtzqG
Z9QNn9cc2pe7M1EHHq0mkOaD7G9lV1BlLw9uYy018tsMnFxcXw/BHxKDIxDDZlxp
gu14o/VodOErGi1Szj3ac4VJHT89c6+f+2bLhMqdBFth4eNyUjmgTBJINl2b5jkr
GwUxrl5UpFsDlEPMIQ2H6vz9Sd2zzLH6jH61N6iN9hOMmz9VY99n3TnDqEKNsaid
F5gp1ExBsr8/fWboZXfyx6OKj5SVtSs5Juv368yZdTDJtyAZsuvC7DH4PQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIvcCgJlYTLMmQY/Eeat0npSHGE1MB8GA1UdIwQY
MBaAFL/jVC3WP+0lDeXLZfbspIfn9HhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1OVUxkWV83U1VONWN0bDl1eWtoLWYwZUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMTU2NTgtMTBiNi00MDQxLWEzZGEt
OGQzYTZkMTY1ZGEzLzEvaTl3S0FtVmhNc3laQmo4UjVxM1NlbEljWVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMTU2NTgtMTBiNi00MDQxLWEzZGEtOGQzYTZkMTY1ZGEz
LzEvdi1OVUxkWV83U1VONWN0bDl1eWtoLWYwZUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBT3gAwQD
Xo8AAwQBwRcAAwQBwRcuAwQFw0YAMA0EAgACMAcDBQAqABhAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYjdfA5L2Sx4du6yFG/ZK3HkmXCM2NdVNAwzzU/bhr/M/2xJhGYWu/
LOkm8jckCd1C3RY1PZjNwJf2FiBM91sLiodYBzTYpA1fngleSBsRwkEDFV/QLs7+
mJKfq48Krc2wCjUmI3o2HeCvxEPNlDlYJra/q605cKQjmbNKvvCu9GvePqBnPf3W
tqlmw2Bi3Qa6HygdAenm/0ly+YMXpGSwiMCXL+Km3gu6gHH9zn4007tr4Fp9Eqog
srHgW1poJ3SGI2CE1IbNa6B5uf7kl0JVAAsgbXCf4EVOkNjqhpR36NsPQErkcNKB
s1Y5ydCtsXyy4eEKhRNwyJSCrOrUV+Hd
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:31 2024 by rpki-client on console-ams.rpki-client.org