Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/Dx6BBI_ZqARp7brbxZiNJJ0FpqQ.roa
File: Dx6BBI_ZqARp7brbxZiNJJ0FpqQ.roa (raw, json)
Hash identifier: 6Rs1sSm+weeZVji2YDMax9smq1txfdkx/Albn35jFms=
Subject key identifier: 0F:1E:81:04:8F:D9:A8:04:69:ED:BA:DB:C5:98:8D:24:9D:05:A6:A4
Certificate issuer: /CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Certificate serial: 018CC94D52A3C0422C0D6993E8E33939FC6F
Authority key identifier: 09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/Dx6BBI_ZqARp7brbxZiNJJ0FpqQ.roa
Signing time: Tue 02 Jan 2024 08:32:16 +0000
ROA not before: Tue 02 Jan 2024 08:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25591
IP address blocks: 5.188.144.0/22 maxlen: 22
185.104.4.0/22 maxlen: 22
5.183.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/CWv35rMqViP1S7nHN9uPgU6TrTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/CWv35rMqViP1S7nHN9uPgU6TrTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:52:a3:c0:42:2c:0d:69:93:e8:e3:39:39:fc:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Validity
Not Before: Jan 2 08:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f1e81048fd9a80469edbadbc5988d249d05a6a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7c:16:8d:30:12:37:ef:33:3e:72:40:77:5b:
68:dc:fd:87:93:61:9c:8a:6d:b4:18:d9:d4:6e:aa:
f2:2d:8a:a8:d2:52:2d:f6:98:ed:b4:44:75:12:d5:
5b:59:a6:d1:19:6d:25:a4:28:99:0e:ed:ec:ca:02:
ce:bc:23:49:ac:d1:b5:36:1a:f1:2e:af:17:9a:03:
3e:fc:7f:08:7a:96:57:a6:03:60:a5:41:84:a9:80:
e8:8f:87:b2:70:fd:d8:a4:90:e9:5e:5e:ad:11:96:
10:cd:f2:e2:5a:fe:db:7c:d7:1b:1d:25:19:f4:2f:
1b:e1:0e:c8:b2:43:ac:33:d7:25:c2:ba:fe:df:69:
6c:c9:b3:47:8d:c6:10:61:c3:61:34:85:c7:7a:01:
3a:93:ea:e3:42:20:a7:b4:46:24:42:4a:86:88:04:
ec:09:48:5d:51:7c:66:6f:2a:b3:16:5a:b0:52:07:
96:76:11:1b:ea:cb:b6:64:51:5d:c8:11:59:ac:98:
ef:b1:91:a1:d3:64:b4:11:af:44:01:b8:53:32:32:
c8:50:ba:5a:16:0c:18:77:6e:99:97:96:bb:aa:0d:
0a:3c:76:20:8d:44:bd:9c:bc:0f:03:0e:c2:d9:9f:
e4:56:ad:57:be:97:ed:fb:4e:bb:92:98:8d:c7:bf:
7d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1E:81:04:8F:D9:A8:04:69:ED:BA:DB:C5:98:8D:24:9D:05:A6:A4
X509v3 Authority Key Identifier:
keyid:09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/Dx6BBI_ZqARp7brbxZiNJJ0FpqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/CWv35rMqViP1S7nHN9uPgU6TrTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.64.0/22
5.188.144.0/22
185.104.4.0/22
Signature Algorithm: sha256WithRSAEncryption
35:61:6d:08:3c:c6:df:4b:f7:1c:b2:2c:ac:af:d1:f6:d1:c6:
1a:84:91:fa:a5:cb:21:ea:42:6b:e6:a7:fb:2e:67:fc:a7:5e:
e0:79:7d:4b:40:4f:06:dc:ee:63:35:a3:87:38:e3:ba:48:80:
ca:0e:d2:7b:88:f9:4d:18:22:01:00:d6:09:2b:fa:d1:5e:6c:
bc:32:d3:e9:05:67:1b:5a:ca:9d:b1:db:6b:0a:a6:8f:d5:b6:
79:d0:75:d3:c1:06:bf:7f:fa:ba:cd:ff:6d:61:0e:60:83:cf:
64:0f:fa:e0:01:04:fb:49:d2:d0:ee:d4:2d:2a:fa:e8:69:2f:
4b:16:82:9c:a3:1f:2c:66:2b:ce:e7:ee:7e:ce:82:30:df:eb:
f4:fe:09:67:27:6e:d3:29:80:13:62:02:44:0a:2c:06:96:fa:
82:9c:9c:28:8f:79:cc:e5:58:dd:57:c6:ee:6f:50:b0:fb:6b:
66:cc:3b:92:8c:99:c3:1a:eb:89:63:f4:17:70:0c:b4:6e:fd:
ac:f1:85:a6:fd:70:7e:ac:32:64:da:c6:ab:58:65:07:99:e0:
8e:39:77:85:8f:03:df:7b:10:72:04:de:09:76:46:45:58:4a:
43:13:7f:63:a9:7e:f9:c6:63:55:ed:ef:84:52:0d:c8:93:6d:
e5:89:a1:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTVKjwEIsDWmT6OM5OfxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmJmN2U2YjMyYTU2MjNmNTRiYjljNzM3ZGI4ZjgxNGU5
M2FkMzkwHhcNMjQwMTAyMDgzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjFlODEwNDhmZDlhODA0NjllZGJhZGJjNTk4OGQyNDlkMDVhNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHwWjTASN+8zPnJAd1to3P2Hk2Gc
im20GNnUbqryLYqo0lIt9pjttER1EtVbWabRGW0lpCiZDu3sygLOvCNJrNG1Nhrx
Lq8XmgM+/H8IepZXpgNgpUGEqYDoj4eycP3YpJDpXl6tEZYQzfLiWv7bfNcbHSUZ
9C8b4Q7IskOsM9clwrr+32lsybNHjcYQYcNhNIXHegE6k+rjQiCntEYkQkqGiATs
CUhdUXxmbyqzFlqwUgeWdhEb6su2ZFFdyBFZrJjvsZGh02S0Ea9EAbhTMjLIULpa
FgwYd26Zl5a7qg0KPHYgjUS9nLwPAw7C2Z/kVq1Xvpft+067kpiNx799/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA8egQSP2agEae2628WYjSSdBaakMB8GA1UdIwQY
MBaAFAlr9+azKlYj9Uu5xzfbj4FOk605MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1d2MzVyTXFWaVAxUzduSE45dVBnVTZUclRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iNTZiMDEtMjkyZi00YTFkLWJhYTIt
YmNkNmFkYTFiOWRhLzEvRHg2QkJJX1pxQVJwN2JyYnhaaU5KSjBGcHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iNTZiMDEtMjkyZi00YTFkLWJhYTItYmNkNmFkYTFiOWRh
LzEvQ1d2MzVyTXFWaVAxUzduSE45dVBnVTZUclRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBbdAAwQC
BbyQAwQCuWgEMA0GCSqGSIb3DQEBCwUAA4IBAQA1YW0IPMbfS/ccsiysr9H20cYa
hJH6pcsh6kJr5qf7Lmf8p17geX1LQE8G3O5jNaOHOOO6SIDKDtJ7iPlNGCIBANYJ
K/rRXmy8MtPpBWcbWsqdsdtrCqaP1bZ50HXTwQa/f/q6zf9tYQ5gg89kD/rgAQT7
SdLQ7tQtKvroaS9LFoKcox8sZivO5+5+zoIw3+v0/glnJ27TKYATYgJECiwGlvqC
nJwoj3nM5VjdV8bub1Cw+2tmzDuSjJnDGuuJY/QXcAy0bv2s8YWm/XB+rDJk2sar
WGUHmeCOOXeFjwPfexByBN4JdkZFWEpDE39jqX75xmNV7e+EUg3Ik23liaG+
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:11:47 2024 by rpki-client on console-ams.rpki-client.org