Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/d6qJL2e6GhWheL3pQLHktbiT_t0.roa
File: d6qJL2e6GhWheL3pQLHktbiT_t0.roa (raw, json)
Hash identifier: S8jtpon3AzveFcImakBk6u8fH44XPkQDFwYlgkXEvOY=
Subject key identifier: 77:AA:89:2F:67:BA:1A:15:A1:78:BD:E9:40:B1:E4:B5:B8:93:FE:DD
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 018CC801650570E12B93222C686D489144F4
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/d6qJL2e6GhWheL3pQLHktbiT_t0.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60571
IP address blocks: 194.104.148.0/24 maxlen: 24
2a06:1c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:65:05:70:e1:2b:93:22:2c:68:6d:48:91:44:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77aa892f67ba1a15a178bde940b1e4b5b893fedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:30:2a:44:a4:6c:05:22:11:49:a7:d3:eb:51:
f7:c2:8b:09:a2:3f:e4:51:32:35:c6:d0:88:e8:bd:
d9:29:0a:f7:1d:ae:d3:26:e0:20:43:be:db:40:2e:
30:35:d9:28:bf:b1:75:65:f8:9c:97:4e:f5:ae:15:
c8:f6:66:fe:00:99:bc:0b:5e:99:d7:f1:d0:32:db:
c3:e4:40:02:7f:f7:f9:55:22:a7:3b:ae:40:f0:ce:
4b:e1:44:4c:ba:3a:ed:a8:2d:f4:d1:94:70:e2:60:
d2:69:16:e1:cc:5f:75:9d:e8:a4:4a:33:c0:17:4b:
61:2b:23:3f:86:07:e8:48:89:4c:07:6b:dd:5d:57:
10:2f:0c:c4:ad:2f:00:8c:0a:c6:c0:94:16:4a:7a:
2d:a8:c3:c3:d7:81:31:67:32:c5:67:64:70:4b:64:
65:79:8f:78:50:95:e3:71:66:db:d8:8f:09:e8:b9:
c0:7b:f8:ce:25:d9:d4:f5:48:0b:4b:77:3f:de:3c:
10:2b:12:74:a5:f1:f2:69:7e:ac:8f:f3:06:66:10:
69:12:c6:a7:03:f2:9d:5e:08:22:40:b8:02:d8:44:
2d:f8:bb:c2:39:e4:69:82:0b:dc:c4:dd:d9:0e:3f:
5b:f4:e7:ad:e6:2c:0c:94:d0:29:bb:f7:9e:83:ba:
52:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AA:89:2F:67:BA:1A:15:A1:78:BD:E9:40:B1:E4:B5:B8:93:FE:DD
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/d6qJL2e6GhWheL3pQLHktbiT_t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.148.0/24
IPv6:
2a06:1c4::/32
Signature Algorithm: sha256WithRSAEncryption
2a:e4:44:da:f5:8b:84:9e:f6:07:dd:de:37:b1:01:38:32:75:
f1:ac:fc:f3:61:a8:ce:f7:23:17:cf:2d:43:45:7e:ff:e8:35:
3b:1c:0a:e4:85:0a:92:09:cf:f1:76:54:48:c2:41:c3:e1:91:
69:44:f0:1a:b9:cb:e4:b0:1f:bb:41:57:3d:6f:8c:e9:95:73:
a9:9b:64:2b:a3:3e:5e:f1:3c:0a:a2:ed:13:fe:bb:85:af:53:
78:65:c1:a8:a2:37:dc:66:8d:a6:56:70:23:5c:53:9b:73:dc:
3c:f2:7e:31:2b:8c:b2:35:69:c9:8b:c8:7c:16:73:47:a4:8d:
7b:b4:ce:03:a4:d8:ee:f9:27:5e:c7:78:96:85:df:be:6a:47:
c3:65:c7:c0:94:64:9e:c7:11:f7:12:41:75:d7:b9:df:97:3e:
c8:72:e0:a8:d9:32:ab:fe:9a:3a:44:07:41:68:2a:f2:24:8d:
a1:bc:df:94:bd:aa:45:9b:c2:f4:9f:ce:dc:d3:f4:b1:f3:2c:
0d:77:62:3e:b7:35:31:a5:09:8e:fd:0e:4c:c4:7c:c2:5d:65:
d9:5d:be:96:dc:3b:0e:90:ac:c3:47:27:c2:df:5b:a5:28:a3:
53:7f:09:0d:a5:50:6d:7a:e4:e4:ff:26:05:23:16:a8:ef:db:
3d:42:1f:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAWUFcOErkyIsaG1IkUT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FhODkyZjY3YmExYTE1YTE3OGJkZTk0MGIxZTRiNWI4OTNmZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDAqRKRsBSIRSafT61H3wosJoj/k
UTI1xtCI6L3ZKQr3Ha7TJuAgQ77bQC4wNdkov7F1Zficl071rhXI9mb+AJm8C16Z
1/HQMtvD5EACf/f5VSKnO65A8M5L4URMujrtqC300ZRw4mDSaRbhzF91neikSjPA
F0thKyM/hgfoSIlMB2vdXVcQLwzErS8AjArGwJQWSnotqMPD14ExZzLFZ2RwS2Rl
eY94UJXjcWbb2I8J6LnAe/jOJdnU9UgLS3c/3jwQKxJ0pfHyaX6sj/MGZhBpEsan
A/KdXggiQLgC2EQt+LvCOeRpggvcxN3ZDj9b9Oet5iwMlNApu/eeg7pSiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHeqiS9nuhoVoXi96UCx5LW4k/7dMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvZDZxSkwyZTZHaFdoZUwzcFFMSGt0YmlUX3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmiUMA0E
AgACMAcDBQAqBgHEMA0GCSqGSIb3DQEBCwUAA4IBAQAq5ETa9YuEnvYH3d43sQE4
MnXxrPzzYajO9yMXzy1DRX7/6DU7HArkhQqSCc/xdlRIwkHD4ZFpRPAaucvksB+7
QVc9b4zplXOpm2Qroz5e8TwKou0T/ruFr1N4ZcGoojfcZo2mVnAjXFObc9w88n4x
K4yyNWnJi8h8FnNHpI17tM4DpNju+Sdex3iWhd++akfDZcfAlGSexxH3EkF117nf
lz7IcuCo2TKr/po6RAdBaCryJI2hvN+UvapFm8L0n87c0/Sx8ywNd2I+tzUxpQmO
/Q5MxHzCXWXZXb6W3DsOkKzDRyfC31ulKKNTfwkNpVBteuTk/yYFIxao79s9Qh8R
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:48 2024 by rpki-client on console-fra.rpki-client.org