Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/0B653Bwp-T7zyVMlFO97lNzyR8U.roa
File: 0B653Bwp-T7zyVMlFO97lNzyR8U.roa (raw, json)
Hash identifier: Qic65GI8SChWv9eQHoHZmDGA7LbQqFyyQqLRUTkWFbk=
Subject key identifier: D0:1E:B9:DC:1C:29:F9:3E:F3:C9:53:25:14:EF:7B:94:DC:F2:47:C5
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 018CC725A6989360ABF8CDA81ADB5E7F9435
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/0B653Bwp-T7zyVMlFO97lNzyR8U.roa
Signing time: Mon 01 Jan 2024 22:29:42 +0000
ROA not before: Mon 01 Jan 2024 22:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2134
IP address blocks: 62.164.0.0/17 maxlen: 24
193.127.0.0/16 maxlen: 24
195.234.166.0/24 maxlen: 24
193.201.108.0/24 maxlen: 24
2a00:dc80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a6:98:93:60:ab:f8:cd:a8:1a:db:5e:7f:94:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Jan 1 22:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d01eb9dc1c29f93ef3c9532514ef7b94dcf247c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:71:a8:e6:f0:83:81:21:36:f8:44:66:c7:da:
5b:1f:8e:da:df:71:20:56:62:66:8f:fd:10:46:5f:
48:1c:cc:55:68:49:97:32:34:5d:dd:7a:59:61:38:
2b:33:54:97:bc:07:ba:de:62:5f:b3:60:82:80:cd:
94:bb:40:45:83:25:8b:e3:b9:fa:98:32:89:69:e5:
06:b0:39:d7:2c:32:79:01:a5:74:14:cf:ee:67:87:
89:92:e0:fe:c3:25:0a:2d:1e:90:5e:ec:04:2c:bc:
58:a1:e3:26:98:62:78:d4:bd:b8:66:6d:60:7d:09:
d2:15:5f:6f:71:78:ea:f0:cd:44:e9:73:0d:e6:4d:
90:ca:f5:f3:67:0a:e3:bd:18:21:43:57:c6:42:83:
cc:55:17:dd:db:67:6b:a6:23:d0:c0:f2:7e:ad:91:
1f:dd:57:59:9b:e3:cb:b3:6e:13:60:a2:76:ce:45:
f3:bd:53:73:d5:5e:4e:eb:fc:a6:fc:68:3b:b6:11:
ef:97:e9:04:6d:d2:de:f1:78:24:e3:e5:28:6f:87:
51:ef:f9:2c:98:56:8c:58:4b:7e:0e:8a:f4:e7:57:
16:11:f8:71:40:07:31:a1:6c:a0:28:ca:dd:b8:ac:
78:6a:a3:30:f5:32:30:8d:dd:79:02:6e:72:d1:23:
d9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1E:B9:DC:1C:29:F9:3E:F3:C9:53:25:14:EF:7B:94:DC:F2:47:C5
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/0B653Bwp-T7zyVMlFO97lNzyR8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.0.0/17
193.127.0.0/16
193.201.108.0/24
195.234.166.0/24
IPv6:
2a00:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
96:bb:b3:54:28:89:9b:9a:73:7a:fe:ec:62:79:be:bf:01:6f:
b1:a8:cd:35:58:42:71:87:1c:00:55:f7:66:2f:f4:61:82:cb:
30:06:ad:79:7a:51:ef:3a:ef:ba:97:63:eb:41:3d:bb:4b:04:
1e:9f:53:de:41:bc:f8:9f:ae:07:9c:d5:8c:48:bc:13:ef:f7:
e0:38:d2:f9:df:e7:8e:f0:70:98:b7:96:54:91:92:b3:ca:8e:
ff:ec:95:5c:8e:09:3b:d4:3d:e0:ce:f6:d9:62:76:07:42:be:
f8:be:a1:e3:ea:9e:e8:e6:29:af:2e:6c:6c:8b:95:d5:8a:ac:
bb:06:e0:73:4e:8d:bc:c6:aa:13:37:80:bb:ce:59:7b:c7:3c:
e9:65:ed:1e:6e:7e:9c:65:e8:d0:1b:81:bb:58:5c:58:92:a3:
0c:54:11:12:c6:91:3b:0e:1d:be:ed:86:b9:86:df:05:93:fb:
8f:46:7e:eb:e6:d3:2c:16:77:03:27:c2:db:2c:f8:a5:a9:3d:
6f:c6:20:66:04:4a:c8:ab:db:13:04:ed:83:53:ae:e7:df:d8:
11:fc:98:8b:76:9b:8e:46:5d:0d:e5:be:fa:ed:54:c0:2c:74:
63:bb:e0:b4:4a:ec:ac:d3:39:52:bd:f0:d4:a9:62:10:47:5f:
de:11:c6:73
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJaaYk2Cr+M2oGttef5Q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjQwMTAxMjIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFlYjlkYzFjMjlmOTNlZjNjOTUzMjUxNGVmN2I5NGRjZjI0N2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3Go5vCDgSE2+ERmx9pbH47a33Eg
VmJmj/0QRl9IHMxVaEmXMjRd3XpZYTgrM1SXvAe63mJfs2CCgM2Uu0BFgyWL47n6
mDKJaeUGsDnXLDJ5AaV0FM/uZ4eJkuD+wyUKLR6QXuwELLxYoeMmmGJ41L24Zm1g
fQnSFV9vcXjq8M1E6XMN5k2QyvXzZwrjvRghQ1fGQoPMVRfd22drpiPQwPJ+rZEf
3VdZm+PLs24TYKJ2zkXzvVNz1V5O6/ym/Gg7thHvl+kEbdLe8Xgk4+Uob4dR7/ks
mFaMWEt+Dor051cWEfhxQAcxoWygKMrduKx4aqMw9TIwjd15Am5y0SPZvQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNAeudwcKfk+88lTJRTve5Tc8kfFMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvMEI2NTNCd3AtVDd6eVZNbEZPOTdsTnp5UjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQHPqQAAwMA
wX8DBADByWwDBADD6qYwDQQCAAIwBwMFACoA3IAwDQYJKoZIhvcNAQELBQADggEB
AJa7s1QoiZuac3r+7GJ5vr8Bb7GozTVYQnGHHABV92Yv9GGCyzAGrXl6Ue8677qX
Y+tBPbtLBB6fU95BvPifrgec1YxIvBPv9+A40vnf547wcJi3llSRkrPKjv/slVyO
CTvUPeDO9tlidgdCvvi+oePqnujmKa8ubGyLldWKrLsG4HNOjbzGqhM3gLvOWXvH
POll7R5ufpxl6NAbgbtYXFiSowxUERLGkTsOHb7thrmG3wWT+49Gfuvm0ywWdwMn
wtss+KWpPW/GIGYESsir2xME7YNTruff2BH8mIt2m45GXQ3lvvrtVMAsdGO74LRK
7KzTOVK98NSpYhBHX94RxnM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:27:15 2024 by rpki-client on console-fra.rpki-client.org