Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/b-49N0MafHtldcWRMuIjUEiTSAE.roa
File: b-49N0MafHtldcWRMuIjUEiTSAE.roa (raw, json)
Hash identifier: kPaR5Q+7WOXlASzgsf57xxz9ar75eNBNIyBvCekUVsc=
Subject key identifier: 6F:EE:3D:37:43:1A:7C:7B:65:75:C5:91:32:E2:23:50:48:93:48:01
Certificate issuer: /CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Certificate serial: 018CCA2B99610510148835EE879205E8AAD2
Authority key identifier: A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/b-49N0MafHtldcWRMuIjUEiTSAE.roa
Signing time: Tue 02 Jan 2024 12:35:04 +0000
ROA not before: Tue 02 Jan 2024 12:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207021
IP address blocks: 176.97.158.0/24 maxlen: 24
192.174.68.0/24 maxlen: 24
2001:67c:10b8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:99:61:05:10:14:88:35:ee:87:92:05:e8:aa:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Validity
Not Before: Jan 2 12:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fee3d37431a7c7b6575c59132e2235048934801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:00:fc:bc:9e:1d:ab:ed:7f:4c:d9:da:80:17:
7f:a4:f9:57:cb:e6:07:c3:8c:a4:fe:44:75:15:2c:
a6:15:c3:65:56:a4:73:67:bf:ae:88:5b:cc:f7:e5:
bd:dd:8b:ac:39:35:cd:2a:d6:30:85:db:f5:06:a1:
ba:b6:9e:8a:07:61:44:1a:fa:65:15:69:65:2c:a6:
eb:6a:5a:f1:35:24:86:54:99:97:a3:34:f9:77:3b:
4d:04:79:1d:e6:5c:07:17:c9:77:bb:8f:cf:ea:06:
66:e6:dc:d4:9e:bb:46:31:67:b1:cb:6d:17:9e:25:
99:34:d2:3b:65:aa:36:95:a2:a4:ed:48:45:ae:27:
75:4a:7b:4f:fe:be:31:34:26:aa:a3:f8:51:26:30:
ef:cb:35:62:1c:d1:54:07:8e:4a:43:f0:ed:1e:ed:
3d:2e:9b:3f:44:23:db:2d:22:d1:e5:e0:62:59:0b:
fd:26:84:67:ba:88:07:5a:de:a5:d7:06:68:e0:55:
e3:53:a9:20:81:ee:a5:66:92:d7:5f:7e:d5:06:c9:
e1:f8:01:71:cf:81:54:72:f4:22:60:d5:1c:82:cd:
ee:6e:28:f9:ff:28:05:02:8b:ee:05:0f:87:2c:f4:
57:87:73:3c:2a:3c:f3:55:9e:c6:7e:dd:cd:af:5d:
48:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EE:3D:37:43:1A:7C:7B:65:75:C5:91:32:E2:23:50:48:93:48:01
X509v3 Authority Key Identifier:
keyid:A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/b-49N0MafHtldcWRMuIjUEiTSAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.158.0/24
192.174.68.0/24
IPv6:
2001:67c:10b8::/48
Signature Algorithm: sha256WithRSAEncryption
96:10:7e:8f:c6:20:a9:95:e3:c4:9a:53:2e:2d:16:1d:8d:7d:
22:33:43:ef:69:94:2d:1a:04:64:23:3a:cc:b7:e0:e5:15:59:
04:16:8f:59:1d:4b:32:d2:c3:ed:fd:9e:dc:21:02:b5:4c:59:
40:8f:63:27:d2:6f:2a:89:20:5e:ff:e3:ea:dd:93:47:59:c9:
86:7f:51:81:21:48:ea:1e:11:69:a8:3b:5b:77:ed:af:c9:c6:
cd:d6:4d:01:a9:6b:ae:59:f2:bb:d5:20:cf:08:6b:bb:e0:86:
83:b3:dc:4c:6a:8c:7e:ab:57:1e:fa:b6:88:0b:ca:78:f8:02:
09:32:53:55:2e:6a:20:3a:0d:fd:44:37:3f:b8:45:fb:e1:8e:
ab:bd:04:0a:2e:42:28:4e:a7:01:b3:ea:6e:03:7c:55:88:d4:
20:c7:d9:d6:ae:a2:7c:f8:7a:13:5e:2f:63:eb:51:3a:c2:1c:
e3:b8:0e:96:b8:1e:29:37:74:bf:3f:e7:66:e2:4d:2d:a9:df:
3f:4f:75:c5:0c:ae:74:b1:38:84:5b:78:73:20:4d:75:eb:11:
66:65:c1:ca:ce:47:58:e2:bb:5b:3f:16:13:7d:6b:64:10:64:
05:1c:a5:49:3f:d9:c5:73:a7:44:29:cb:b1:16:42:a9:91:c7:
ae:b5:63:40
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK5lhBRAUiDXuh5IF6KrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MmZjNjBkMzZlMjhiYjhkZjE0NWM4NGFjYWIxOWNmYTUz
YjAyNWEwHhcNMjQwMTAyMTIzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVlM2QzNzQzMWE3YzdiNjU3NWM1OTEzMmUyMjM1MDQ4OTM0ODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQD8vJ4dq+1/TNnagBd/pPlXy+YH
w4yk/kR1FSymFcNlVqRzZ7+uiFvM9+W93YusOTXNKtYwhdv1BqG6tp6KB2FEGvpl
FWllLKbralrxNSSGVJmXozT5dztNBHkd5lwHF8l3u4/P6gZm5tzUnrtGMWexy20X
niWZNNI7Zao2laKk7UhFrid1SntP/r4xNCaqo/hRJjDvyzViHNFUB45KQ/DtHu09
Lps/RCPbLSLR5eBiWQv9JoRnuogHWt6l1wZo4FXjU6kgge6lZpLXX37VBsnh+AFx
z4FUcvQiYNUcgs3ubij5/ygFAovuBQ+HLPRXh3M8KjzzVZ7Gft3Nr11IbQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG/uPTdDGnx7ZXXFkTLiI1BIk0gBMB8GA1UdIwQY
MBaAFKUvxg024ou43xRchKyrGc+lOwJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTct
OWI0YTJkNWYzYTc2LzEvYi00OU4wTWFmSHRsZGNXUk11SWpVRWlUU0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTctOWI0YTJkNWYzYTc2
LzEvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsGGeAwQA
wK5EMA8EAgACMAkDBwAgAQZ8ELgwDQYJKoZIhvcNAQELBQADggEBAJYQfo/GIKmV
48SaUy4tFh2NfSIzQ+9plC0aBGQjOsy34OUVWQQWj1kdSzLSw+39ntwhArVMWUCP
YyfSbyqJIF7/4+rdk0dZyYZ/UYEhSOoeEWmoO1t37a/Jxs3WTQGpa65Z8rvVIM8I
a7vghoOz3ExqjH6rVx76togLynj4AgkyU1UuaiA6Df1ENz+4Rfvhjqu9BAouQihO
pwGz6m4DfFWI1CDH2dauonz4ehNeL2PrUTrCHOO4Dpa4Hik3dL8/52biTS2p3z9P
dcUMrnSxOIRbeHMgTXXrEWZlwcrOR1jiu1s/FhN9a2QQZAUcpUk/2cVzp0Qpy7EW
QqmRx661Y0A=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:42 2024 by rpki-client on console-ams.rpki-client.org