Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/kN176bXZtiQY0c1gvsCfeQUsksU.roa
File: kN176bXZtiQY0c1gvsCfeQUsksU.roa (raw, json)
Hash identifier: Fu0gvxfUbeXX6mJPfmgVUAHzq6TEJAfcWEB+95IJJ4A=
Subject key identifier: 90:DD:7B:E9:B5:D9:B6:24:18:D1:CD:60:BE:C0:9F:79:05:2C:92:C5
Certificate issuer: /CN=0eca1d5bdd50344ff5ef884a660e82eba83bc0db
Certificate serial: 018CC7941EBA0453D37756D4F774D1EDAAD0
Authority key identifier: 0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/kN176bXZtiQY0c1gvsCfeQUsksU.roa
Signing time: Tue 02 Jan 2024 00:30:22 +0000
ROA not before: Tue 02 Jan 2024 00:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 87.98.96.0/20 maxlen: 24
87.98.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1e:ba:04:53:d3:77:56:d4:f7:74:d1:ed:aa:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eca1d5bdd50344ff5ef884a660e82eba83bc0db
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90dd7be9b5d9b62418d1cd60bec09f79052c92c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:04:c4:3f:22:34:30:4b:ff:53:ae:a5:28:0c:
cc:00:a9:13:22:28:b6:67:11:f2:22:c5:42:4d:18:
85:4f:71:39:c7:82:2b:70:e7:e0:6d:89:92:73:65:
e1:82:11:40:1d:5e:a0:29:de:26:a7:16:26:de:40:
72:77:9e:91:2c:7e:00:08:0c:6d:d3:2d:80:a4:73:
ea:0b:17:85:45:b1:6b:87:39:18:3a:9f:4e:da:a2:
dc:e5:c6:37:b4:fb:29:f5:bb:a8:63:62:55:7c:bf:
7a:63:06:c8:11:e3:13:4e:4c:77:32:18:bc:76:bb:
91:e8:34:0c:e8:7f:77:2b:d3:1a:54:f4:93:c1:bd:
e7:ed:7b:15:12:ff:f3:11:d5:36:1c:bf:e5:21:ad:
29:b2:de:db:77:43:cf:e3:ce:97:97:c8:82:41:fe:
e4:39:69:a6:06:97:88:5b:d6:63:73:b0:64:a0:0e:
45:a4:7b:84:ae:f9:4e:07:29:94:55:3b:2e:95:7a:
5d:73:81:2f:8b:7a:f5:cc:6d:7e:d2:d3:bd:3e:17:
5b:80:76:fa:65:2e:22:d0:ea:43:e9:42:39:eb:88:
39:0c:2a:2a:e2:90:b3:83:0c:3e:4e:55:95:c2:d0:
26:5a:b9:d2:55:16:4a:20:cf:a0:df:a7:f2:1a:fa:
91:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DD:7B:E9:B5:D9:B6:24:18:D1:CD:60:BE:C0:9F:79:05:2C:92:C5
X509v3 Authority Key Identifier:
keyid:0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/kN176bXZtiQY0c1gvsCfeQUsksU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.98.96.0-87.98.119.255
Signature Algorithm: sha256WithRSAEncryption
a1:de:06:45:29:4e:70:19:93:fb:84:1e:be:f3:64:13:91:ea:
33:ca:b5:45:db:c2:6b:4b:ca:de:25:56:96:bb:20:be:22:6d:
34:43:2e:af:6d:c2:18:2b:4c:f1:30:ce:da:a9:1e:11:19:c5:
66:d4:4d:f7:71:00:ae:2f:ee:9c:e5:6a:10:f4:0d:81:ab:8c:
6f:32:9f:2b:ee:56:c0:1b:c6:cb:6f:96:e4:79:9e:c3:5c:77:
cf:ca:0a:57:78:8f:0c:69:82:9b:a4:de:19:0a:ed:82:5e:ec:
32:bd:a9:67:43:47:4d:d8:54:18:84:fb:9e:be:fd:17:51:d3:
d7:ad:3d:9f:2b:78:52:97:f1:66:51:4a:bb:df:a6:5a:9d:6d:
e0:a3:77:6d:c3:70:1c:d4:2b:35:e8:ef:34:2e:ef:a5:77:99:
d0:b4:d6:5a:32:3c:71:b3:a2:ac:d7:a8:7e:f9:bd:df:6d:6e:
d5:77:42:fd:71:6e:ab:48:77:ee:4a:22:4b:ea:2a:c9:fb:12:
2b:3d:2c:d5:70:01:eb:1e:c5:1a:2d:57:fd:2a:97:cc:50:dc:
7b:c7:d4:7c:e7:14:07:b8:e9:99:12:23:26:eb:4f:e4:3e:c2:
f9:06:0b:c0:c5:e6:b7:0a:aa:a4:b4:0c:bf:b1:1a:1b:b7:bd:
fc:53:41:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlB66BFPTd1bU93TR7arQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlY2ExZDViZGQ1MDM0NGZmNWVmODg0YTY2MGU4MmViYTgz
YmMwZGIwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGRkN2JlOWI1ZDliNjI0MThkMWNkNjBiZWMwOWY3OTA1MmM5MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gTEPyI0MEv/U66lKAzMAKkTIii2
ZxHyIsVCTRiFT3E5x4IrcOfgbYmSc2XhghFAHV6gKd4mpxYm3kByd56RLH4ACAxt
0y2ApHPqCxeFRbFrhzkYOp9O2qLc5cY3tPsp9buoY2JVfL96YwbIEeMTTkx3Mhi8
druR6DQM6H93K9MaVPSTwb3n7XsVEv/zEdU2HL/lIa0pst7bd0PP486Xl8iCQf7k
OWmmBpeIW9Zjc7BkoA5FpHuErvlOBymUVTsulXpdc4Evi3r1zG1+0tO9PhdbgHb6
ZS4i0OpD6UI564g5DCoq4pCzgww+TlWVwtAmWrnSVRZKIM+g36fyGvqRowIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJDde+m12bYkGNHNYL7An3kFLJLFMB8GA1UdIwQY
MBaAFA7KHVvdUDRP9e+ISmYOguuoO8DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHNvZFc5MVFORV8xNzRoS1pnNkM2Nmc3d05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZTdmY2ItMDc1NS00YzFlLWFjNzct
N2M3ZjAwYTk1M2UxLzEva04xNzZiWFp0aVFZMGMxZ3ZzQ2ZlUVVza3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZTdmY2ItMDc1NS00YzFlLWFjNzctN2M3ZjAwYTk1M2Ux
LzEvRHNvZFc5MVFORV8xNzRoS1pnNkM2Nmc3d05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVXYmAD
BANXYnAwDQYJKoZIhvcNAQELBQADggEBAKHeBkUpTnAZk/uEHr7zZBOR6jPKtUXb
wmtLyt4lVpa7IL4ibTRDLq9twhgrTPEwztqpHhEZxWbUTfdxAK4v7pzlahD0DYGr
jG8ynyvuVsAbxstvluR5nsNcd8/KCld4jwxpgpuk3hkK7YJe7DK9qWdDR03YVBiE
+56+/RdR09etPZ8reFKX8WZRSrvfplqdbeCjd23DcBzUKzXo7zQu76V3mdC01loy
PHGzoqzXqH75vd9tbtV3Qv1xbqtId+5KIkvqKsn7Eis9LNVwAesexRotV/0ql8xQ
3HvH1HznFAe46ZkSIybrT+Q+wvkGC8DF5rcKqqS0DL+xGhu3vfxTQfk=
-----END CERTIFICATE-----
Generated at Thu May 2 08:36:45 2024 by rpki-client on console-ams.rpki-client.org