Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/bJ7sTZ81b4L35weDua7t6Mc3MWs.roa
File: bJ7sTZ81b4L35weDua7t6Mc3MWs.roa (raw, json)
Hash identifier: 6UU5eLSJ8FOSPEcPZCHBCZoV6BajLzEnvrOJ83meyEg=
Subject key identifier: 6C:9E:EC:4D:9F:35:6F:82:F7:E7:07:83:B9:AE:ED:E8:C7:37:31:6B
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 018CC4247B39EC68B81BBC11FCB79CD89BFC
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/bJ7sTZ81b4L35weDua7t6Mc3MWs.roa
Signing time: Mon 01 Jan 2024 08:29:34 +0000
ROA not before: Mon 01 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16191
IP address blocks: 185.127.32.0/22 maxlen: 24
81.30.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:7b:39:ec:68:b8:1b:bc:11:fc:b7:9c:d8:9b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 1 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c9eec4d9f356f82f7e70783b9aeede8c737316b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:94:d7:7d:4b:2e:42:52:c1:d0:2d:40:aa:
40:ac:27:c3:17:f2:b9:bd:98:06:d8:db:01:2f:aa:
44:4a:9d:39:15:33:b8:d3:3b:8f:a4:a9:83:2b:46:
05:65:62:ba:cb:97:72:9b:ef:28:dc:86:51:70:c5:
87:43:53:40:83:6c:b5:04:37:67:37:7e:ea:eb:03:
f2:6c:5a:67:3f:20:23:53:35:ea:4d:8e:6f:e6:02:
7f:ba:b5:88:1a:93:d4:ec:bb:07:e8:c8:38:f5:29:
da:84:bb:f3:00:11:d5:d3:38:9a:90:c0:35:cb:c3:
ba:27:73:2d:eb:99:10:ff:3d:46:62:c7:66:78:0e:
9b:f1:2e:8a:40:7a:45:7c:5f:3c:57:3e:cf:05:af:
88:1e:e6:8d:77:24:12:33:b5:3b:74:17:30:f0:20:
3e:f5:2d:9c:fc:3d:90:35:16:0c:0d:b2:91:8e:21:
20:8d:bd:28:1f:ab:bc:f2:7d:9f:1c:66:b6:cb:4c:
fc:ce:79:01:e1:88:2a:b4:ce:ce:20:1e:eb:17:80:
30:20:93:a1:d4:55:c7:76:36:f6:aa:25:b1:fe:9c:
a7:0a:e5:c1:74:28:6f:bf:bc:b9:f1:d8:28:65:a6:
09:0b:26:4b:14:4b:c1:b7:3f:1b:a9:94:fd:38:0b:
5b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9E:EC:4D:9F:35:6F:82:F7:E7:07:83:B9:AE:ED:E8:C7:37:31:6B
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/bJ7sTZ81b4L35weDua7t6Mc3MWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.0.0/20
185.127.32.0/22
Signature Algorithm: sha256WithRSAEncryption
06:1e:4e:ca:01:95:18:23:10:ab:ce:49:60:95:2e:16:95:2e:
d2:78:d8:70:cf:90:a9:44:26:67:f8:44:db:8f:7e:3a:49:a7:
2e:0b:19:6c:f4:86:58:a7:82:a3:42:98:22:9b:41:aa:37:c8:
d4:a4:a5:24:63:f3:09:3c:54:9e:a1:c6:f6:c0:1f:37:34:7c:
77:e1:d7:08:b3:bd:2d:03:47:b4:71:b3:64:f4:cc:d0:cd:80:
63:20:ec:ab:37:c9:ba:22:95:be:50:d0:a2:df:6d:05:73:52:
ef:27:9f:18:77:17:f8:92:15:2b:7c:4a:d7:e0:81:0f:35:fa:
03:78:43:8d:d7:be:11:1a:6b:63:90:a7:91:ce:2e:ce:59:fa:
a8:ff:15:43:09:7a:d7:4d:ba:a3:6a:34:0c:21:88:6c:e1:b4:
b0:9a:05:d4:1b:71:4b:28:63:38:99:ad:fb:1b:75:d9:fb:36:
e3:83:e7:d2:a7:7d:5c:55:71:4e:8d:83:78:39:ad:c0:d7:ca:
73:b3:75:cb:71:2e:03:f0:88:f3:83:52:71:67:fe:ea:2d:ec:
5d:f2:5c:3a:47:ac:64:82:81:48:65:36:ae:8d:4b:e6:47:0f:
7c:2a:e6:74:32:83:83:56:7c:d5:78:ae:2e:4a:f7:ea:e5:35:
03:a3:56:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJHs57Gi4G7wR/Lec2Jv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzllZWM0ZDlmMzU2ZjgyZjdlNzA3ODNiOWFlZWRlOGM3MzczMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8WU131LLkJSwdAtQKpArCfDF/K5
vZgG2NsBL6pESp05FTO40zuPpKmDK0YFZWK6y5dym+8o3IZRcMWHQ1NAg2y1BDdn
N37q6wPybFpnPyAjUzXqTY5v5gJ/urWIGpPU7LsH6Mg49SnahLvzABHV0ziakMA1
y8O6J3Mt65kQ/z1GYsdmeA6b8S6KQHpFfF88Vz7PBa+IHuaNdyQSM7U7dBcw8CA+
9S2c/D2QNRYMDbKRjiEgjb0oH6u88n2fHGa2y0z8znkB4YgqtM7OIB7rF4AwIJOh
1FXHdjb2qiWx/pynCuXBdChvv7y58dgoZaYJCyZLFEvBtz8bqZT9OAtbQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGye7E2fNW+C9+cHg7mu7ejHNzFrMB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvYko3c1RaODFiNEwzNXdlRHVhN3Q2TWMzTVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUR4AAwQC
uX8gMA0GCSqGSIb3DQEBCwUAA4IBAQAGHk7KAZUYIxCrzklglS4WlS7SeNhwz5Cp
RCZn+ETbj346SacuCxls9IZYp4KjQpgim0GqN8jUpKUkY/MJPFSeocb2wB83NHx3
4dcIs70tA0e0cbNk9MzQzYBjIOyrN8m6IpW+UNCi320Fc1LvJ58Ydxf4khUrfErX
4IEPNfoDeEON174RGmtjkKeRzi7OWfqo/xVDCXrXTbqjajQMIYhs4bSwmgXUG3FL
KGM4ma37G3XZ+zbjg+fSp31cVXFOjYN4Oa3A18pzs3XLcS4D8Ijzg1JxZ/7qLexd
8lw6R6xkgoFIZTaujUvmRw98KuZ0MoODVnzVeK4uSvfq5TUDo1Ya
-----END CERTIFICATE-----
Generated at Fri Nov 15 23:29:47 2024 by rpki-client on console-fra.rpki-client.org