Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/t6wvwVOKSyJLPrNIXqHP_vGksAE.roa
File: t6wvwVOKSyJLPrNIXqHP_vGksAE.roa (raw, json)
Hash identifier: 1yitoRdC+IsX3ahOyh4J12a6Cr3ep2+oJwbd/MJgkRE=
Subject key identifier: B7:AC:2F:C1:53:8A:4B:22:4B:3E:B3:48:5E:A1:CF:FE:F1:A4:B0:01
Certificate issuer: /CN=be547ebb5c056f70296e408621261f3c4e2d4239
Certificate serial: 018CC4937BD1C442B280404A106E64617C4D
Authority key identifier: BE:54:7E:BB:5C:05:6F:70:29:6E:40:86:21:26:1F:3C:4E:2D:42:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlR-u1wFb3ApbkCGISYfPE4tQjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/t6wvwVOKSyJLPrNIXqHP_vGksAE.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39538
IP address blocks: 195.244.0.0/23 maxlen: 23
194.31.221.0/24 maxlen: 24
194.15.191.0/24 maxlen: 24
2001:67c:2308::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/vlR-u1wFb3ApbkCGISYfPE4tQjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/vlR-u1wFb3ApbkCGISYfPE4tQjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vlR-u1wFb3ApbkCGISYfPE4tQjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7b:d1:c4:42:b2:80:40:4a:10:6e:64:61:7c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be547ebb5c056f70296e408621261f3c4e2d4239
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7ac2fc1538a4b224b3eb3485ea1cffef1a4b001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b9:28:13:b5:7e:d9:cf:97:0f:41:ef:5d:06:
68:c5:4e:f8:13:9d:3c:fe:61:9b:62:29:16:9c:6f:
57:d6:83:3e:c0:bd:4a:66:ad:41:af:d8:20:29:05:
94:c2:75:11:e4:af:f7:51:71:cd:43:38:76:15:30:
05:04:47:2f:4a:c3:fc:57:a2:6f:ec:f1:50:cf:b0:
7c:4b:a9:b2:e2:33:60:a4:8b:34:89:34:5c:fa:3e:
a1:61:92:e8:78:10:a7:a9:8c:9a:33:05:22:bb:68:
62:5e:31:82:68:20:a8:e0:6c:64:e5:bf:1e:32:68:
6c:7a:12:4b:35:39:65:6c:f9:be:02:34:45:d6:dc:
e5:f7:ac:f4:34:01:7f:12:f5:3d:d0:c3:b9:d6:b9:
28:ce:e6:08:54:a9:a5:b5:24:55:9f:88:35:2d:3b:
8f:0a:b0:48:12:b0:37:a4:55:a7:a4:a9:db:1f:c1:
00:c3:b5:9a:b0:6d:c5:d1:53:31:8f:a2:a1:01:12:
7b:50:e0:e1:6f:db:b6:52:f5:28:f7:00:e0:b8:b9:
90:1f:b2:94:d9:de:b8:db:cf:25:16:4b:3c:ca:05:
f1:f9:44:8b:6c:bf:cb:55:1b:09:4f:2c:e3:43:b0:
f6:ea:76:b5:0e:1f:8f:f7:69:de:11:19:b6:cc:48:
e9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AC:2F:C1:53:8A:4B:22:4B:3E:B3:48:5E:A1:CF:FE:F1:A4:B0:01
X509v3 Authority Key Identifier:
keyid:BE:54:7E:BB:5C:05:6F:70:29:6E:40:86:21:26:1F:3C:4E:2D:42:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlR-u1wFb3ApbkCGISYfPE4tQjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/t6wvwVOKSyJLPrNIXqHP_vGksAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/759288-10de-4916-b4d9-d0b9dc3aca23/1/vlR-u1wFb3ApbkCGISYfPE4tQjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.191.0/24
194.31.221.0/24
195.244.0.0/23
IPv6:
2001:67c:2308::/48
Signature Algorithm: sha256WithRSAEncryption
1b:1b:e0:4a:25:8d:15:af:77:2e:87:aa:fe:38:6b:91:fc:a2:
61:62:f6:17:72:34:6a:68:d0:84:3e:d3:f4:8e:1b:7a:01:f7:
e4:16:1d:93:7d:b0:d7:5f:7c:59:ba:7e:30:a8:ee:fe:f7:04:
6f:da:d4:33:72:e3:aa:59:0f:7d:11:05:5b:6a:dd:9f:7f:53:
63:24:71:10:d0:ec:d6:af:b1:6e:80:7e:56:28:19:15:0e:99:
7e:b7:cf:46:a1:58:9d:9a:87:d2:89:40:4b:1a:05:69:46:5c:
4a:8d:8a:27:39:84:dd:f2:48:1f:5c:f6:52:d1:75:54:86:80:
f6:81:de:42:76:99:ca:a1:0e:5f:5b:bd:a8:07:35:0b:69:3f:
95:d6:e5:ae:8f:28:1d:b0:86:23:02:54:92:4d:4c:ee:af:f6:
e2:0a:c0:2d:ff:c5:9a:79:5d:97:e8:32:07:6f:51:7a:6d:41:
cd:6a:56:4c:03:6d:14:4b:c7:52:79:1f:64:0a:43:23:e6:d0:
85:08:7b:d0:f0:06:71:ba:5f:07:90:1a:0e:3d:53:54:00:ee:
42:bf:e9:07:c9:10:a2:f7:e1:87:79:67:d0:52:11:ac:af:ad:
24:2a:f5:91:a1:5f:d2:33:79:59:c8:75:8e:0c:12:3b:78:5a:
b4:29:55:84
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEk3vRxEKygEBKEG5kYXxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTQ3ZWJiNWMwNTZmNzAyOTZlNDA4NjIxMjYxZjNjNGUy
ZDQyMzkwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FjMmZjMTUzOGE0YjIyNGIzZWIzNDg1ZWExY2ZmZWYxYTRiMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrkoE7V+2c+XD0HvXQZoxU74E508
/mGbYikWnG9X1oM+wL1KZq1Br9ggKQWUwnUR5K/3UXHNQzh2FTAFBEcvSsP8V6Jv
7PFQz7B8S6my4jNgpIs0iTRc+j6hYZLoeBCnqYyaMwUiu2hiXjGCaCCo4Gxk5b8e
MmhsehJLNTllbPm+AjRF1tzl96z0NAF/EvU90MO51rkozuYIVKmltSRVn4g1LTuP
CrBIErA3pFWnpKnbH8EAw7WasG3F0VMxj6KhARJ7UODhb9u2UvUo9wDguLmQH7KU
2d64288lFks8ygXx+USLbL/LVRsJTyzjQ7D26na1Dh+P92neERm2zEjpeQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLesL8FTiksiSz6zSF6hz/7xpLABMB8GA1UdIwQY
MBaAFL5UfrtcBW9wKW5AhiEmHzxOLUI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxSLXUxd0ZiM0FwYmtDR0lTWWZQRTR0UWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NTkyODgtMTBkZS00OTE2LWI0ZDkt
ZDBiOWRjM2FjYTIzLzEvdDZ3dndWT0tTeUpMUHJOSVhxSFBfdkdrc0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NTkyODgtMTBkZS00OTE2LWI0ZDktZDBiOWRjM2FjYTIz
LzEvdmxSLXUxd0ZiM0FwYmtDR0lTWWZQRTR0UWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwg+/AwQA
wh/dAwQBw/QAMA8EAgACMAkDBwAgAQZ8IwgwDQYJKoZIhvcNAQELBQADggEBABsb
4EoljRWvdy6Hqv44a5H8omFi9hdyNGpo0IQ+0/SOG3oB9+QWHZN9sNdffFm6fjCo
7v73BG/a1DNy46pZD30RBVtq3Z9/U2MkcRDQ7NavsW6AflYoGRUOmX63z0ahWJ2a
h9KJQEsaBWlGXEqNiic5hN3ySB9c9lLRdVSGgPaB3kJ2mcqhDl9bvagHNQtpP5XW
5a6PKB2whiMCVJJNTO6v9uIKwC3/xZp5XZfoMgdvUXptQc1qVkwDbRRLx1J5H2QK
QyPm0IUIe9DwBnG6XweQGg49U1QA7kK/6QfJEKL34Yd5Z9BSEayvrSQq9ZGhX9Iz
eVnIdY4MEjt4WrQpVYQ=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:24:30 2024 by rpki-client on console-ams.rpki-client.org