Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/yT9Obr-7i0K3xxPJ2TA55I_0n7Y.roa
File: yT9Obr-7i0K3xxPJ2TA55I_0n7Y.roa (raw, json)
Hash identifier: 4qgqagsff8WDge+3SB0JOyfsf93xTAQ6K15ij/OHxUw=
Subject key identifier: C9:3F:4E:6E:BF:BB:8B:42:B7:C7:13:C9:D9:30:39:E4:8F:F4:9F:B6
Certificate issuer: /CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9
Certificate serial: 018CC2DB0F214B39FD1E033237DD5557A184
Authority key identifier: 9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/yT9Obr-7i0K3xxPJ2TA55I_0n7Y.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35067
IP address blocks: 195.16.76.0/24 maxlen: 24
195.16.76.0/22 maxlen: 22
195.16.77.0/24 maxlen: 24
195.16.78.0/24 maxlen: 24
195.16.79.0/24 maxlen: 24
2001:678:5f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0f:21:4b:39:fd:1e:03:32:37:dd:55:57:a1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c93f4e6ebfbb8b42b7c713c9d93039e48ff49fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:04:6c:d7:4f:bb:1f:22:f9:dc:f5:0b:82:
e5:cb:ee:02:e6:9f:7d:87:ce:e2:f0:44:be:d8:5e:
53:62:f3:2a:64:22:1e:35:c5:3f:22:0a:10:cc:25:
53:fa:ca:06:83:44:fd:56:dd:41:14:8e:63:20:29:
59:f7:07:40:56:51:95:74:3f:e3:33:9f:2a:e3:f9:
79:5e:c0:d8:aa:81:ec:bc:60:93:24:24:b9:73:43:
a0:97:d8:bc:78:e6:bf:17:8e:09:39:25:bd:76:a7:
57:73:a8:31:7f:37:f3:ca:55:f3:40:33:06:74:bf:
92:7f:ed:9e:9d:4a:51:46:de:27:5c:3e:0d:a1:34:
1f:e3:bd:fb:90:0a:c2:23:1a:f7:1c:ba:08:a8:fc:
a8:0a:cf:25:ea:5f:ad:ef:16:30:b9:db:89:42:39:
5e:3c:ac:c0:bd:5f:55:d7:37:4c:02:17:d6:3d:85:
ba:e5:89:91:45:ae:84:d7:97:f9:0b:3a:f2:a6:fb:
29:55:17:45:03:2e:71:05:64:00:80:4c:40:e2:6f:
56:42:9f:78:50:9a:5c:2e:a3:73:ff:bf:72:06:83:
92:a0:e4:c3:3b:c6:e8:41:f5:22:b6:a2:6b:10:aa:
cf:a2:8f:9e:e6:e1:de:c1:24:fb:06:5b:66:e9:f0:
68:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3F:4E:6E:BF:BB:8B:42:B7:C7:13:C9:D9:30:39:E4:8F:F4:9F:B6
X509v3 Authority Key Identifier:
keyid:9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/yT9Obr-7i0K3xxPJ2TA55I_0n7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.76.0/22
IPv6:
2001:678:5f0::/48
Signature Algorithm: sha256WithRSAEncryption
1d:f0:83:4e:f6:59:94:bf:67:f3:67:3f:88:4e:55:69:a9:2f:
e7:a6:e2:f8:a3:58:9a:bc:64:a4:e5:a3:ef:d8:82:dc:d2:b1:
9b:7f:72:39:64:6b:b3:fd:ee:e5:65:69:2b:ed:2f:28:bc:cc:
51:76:78:d5:cf:f9:d1:34:df:01:d2:ba:e7:b1:29:d7:6d:fc:
19:1d:86:d1:bc:98:1b:e2:98:c9:36:f6:a1:0b:af:d3:fd:c3:
a8:d2:69:4c:c6:7a:97:97:c4:1c:53:5f:14:e1:9c:7f:dc:b6:
dd:7d:83:73:d9:bf:39:b2:30:52:06:28:8d:b2:eb:59:25:5c:
ad:8d:c7:cf:6a:80:4e:48:d6:5d:69:8d:e1:7b:20:83:d6:ec:
69:87:6e:4a:0b:41:b1:f6:39:1e:09:87:9a:60:75:1c:43:ad:
e4:5b:93:95:5b:a5:95:b1:22:b9:ba:e6:7a:6a:22:27:f9:ac:
65:2e:18:4f:df:53:cf:7b:11:83:9b:de:75:d6:c4:73:01:88:
09:53:a8:c8:09:81:f2:56:b0:bc:5d:d3:a1:ff:77:19:9f:85:
e6:82:d3:bc:a4:fe:b6:fd:42:ba:53:79:ff:44:85:ee:65:c7:
03:5d:29:1f:b6:38:64:a1:68:e8:25:0d:03:3d:03:4d:92:4c:
21:45:6d:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2w8hSzn9HgMyN91VV6GEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNGIzMDg2NjE0ZjQ3ODM4YTNlODBhM2U2ZTA1MWQzZDhh
NjkyZjkwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNmNGU2ZWJmYmI4YjQyYjdjNzEzYzlkOTMwMzllNDhmZjQ5ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BcEbNdPux8i+dz1C4Lly+4C5p99
h87i8ES+2F5TYvMqZCIeNcU/IgoQzCVT+soGg0T9Vt1BFI5jIClZ9wdAVlGVdD/j
M58q4/l5XsDYqoHsvGCTJCS5c0Ogl9i8eOa/F44JOSW9dqdXc6gxfzfzylXzQDMG
dL+Sf+2enUpRRt4nXD4NoTQf4737kArCIxr3HLoIqPyoCs8l6l+t7xYwuduJQjle
PKzAvV9V1zdMAhfWPYW65YmRRa6E15f5CzrypvspVRdFAy5xBWQAgExA4m9WQp94
UJpcLqNz/79yBoOSoOTDO8boQfUitqJrEKrPoo+e5uHewST7Bltm6fBoCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMk/Tm6/u4tCt8cTydkwOeSP9J+2MB8GA1UdIwQY
MBaAFJxLMIZhT0eDij6Ao+bgUdPYppL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2Et
ODRlZjljYWJiOWI2LzEveVQ5T2JyLTdpMEszeHhQSjJUQTU1SV8wbjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2EtODRlZjljYWJiOWI2
LzEvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwxBMMA8E
AgACMAkDBwAgAQZ4BfAwDQYJKoZIhvcNAQELBQADggEBAB3wg072WZS/Z/NnP4hO
VWmpL+em4vijWJq8ZKTlo+/YgtzSsZt/cjlka7P97uVlaSvtLyi8zFF2eNXP+dE0
3wHSuuexKddt/BkdhtG8mBvimMk29qELr9P9w6jSaUzGepeXxBxTXxThnH/ctt19
g3PZvzmyMFIGKI2y61klXK2Nx89qgE5I1l1pjeF7IIPW7GmHbkoLQbH2OR4Jh5pg
dRxDreRbk5VbpZWxIrm65npqIif5rGUuGE/fU897EYOb3nXWxHMBiAlTqMgJgfJW
sLxd06H/dxmfheaC07yk/rb9QrpTef9Ehe5lxwNdKR+2OGShaOglDQM9A02STCFF
ba0=
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:40:46 2024 by rpki-client on console-fra.rpki-client.org