Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/8y8qnR73e2h5wKw2WxePeKzP140.roa
File: 8y8qnR73e2h5wKw2WxePeKzP140.roa (raw, json)
Hash identifier: dTBLHKE1+Ovn+slYv9Vmud4Zlas1QujOD24F5gLEd4k=
Subject key identifier: F3:2F:2A:9D:1E:F7:7B:68:79:C0:AC:36:5B:17:8F:78:AC:CF:D7:8D
Certificate issuer: /CN=afe4a0d5fda600c5d5b7f618f686d7e93051b4d7
Certificate serial: 018CC7275A1270958CF43B1BE947C362AA25
Authority key identifier: AF:E4:A0:D5:FD:A6:00:C5:D5:B7:F6:18:F6:86:D7:E9:30:51:B4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-Sg1f2mAMXVt_YY9obX6TBRtNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/8y8qnR73e2h5wKw2WxePeKzP140.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60003
IP address blocks: 185.60.72.0/22 maxlen: 22
2a02:71a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/r-Sg1f2mAMXVt_YY9obX6TBRtNc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/r-Sg1f2mAMXVt_YY9obX6TBRtNc.mft
rsync://rpki.ripe.net/repository/DEFAULT/r-Sg1f2mAMXVt_YY9obX6TBRtNc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5a:12:70:95:8c:f4:3b:1b:e9:47:c3:62:aa:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe4a0d5fda600c5d5b7f618f686d7e93051b4d7
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f32f2a9d1ef77b6879c0ac365b178f78accfd78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1b:6c:60:5d:94:87:18:c3:36:f6:a0:a4:99:
73:68:5e:b1:0d:59:01:f8:28:e4:fb:08:b3:82:1e:
d6:bb:9f:bf:20:03:42:17:37:78:20:ed:6d:64:8b:
32:2d:f5:30:2c:be:00:7f:ed:48:ed:e2:96:03:7d:
7d:70:8d:e6:eb:fe:8c:1e:b4:04:5c:7e:ed:fa:ea:
fa:c1:a1:1f:01:6e:a5:4b:49:a7:e3:7c:51:7c:09:
07:eb:ec:01:57:c2:4a:e9:40:51:3f:83:eb:07:bd:
2e:0a:89:f6:c6:c5:7d:c0:6d:d7:ce:b0:fd:c4:bd:
a2:3a:68:f8:87:a2:41:2e:ee:44:8e:9d:29:18:30:
b8:a8:bf:10:24:ee:b2:16:e3:16:17:c2:7c:77:b7:
b4:61:76:30:31:91:41:87:eb:d0:40:1a:cd:7e:77:
60:dc:6f:08:57:13:4a:20:40:54:99:17:f4:75:6d:
dd:44:bb:ab:9e:92:15:7a:3b:a3:08:a1:87:60:e9:
19:ec:fa:ff:7d:7f:d3:0f:2c:ad:bd:7a:ca:e7:80:
9f:64:9e:3d:4e:38:d2:c7:da:6e:08:41:ae:78:65:
34:5e:97:86:b4:43:7f:a8:30:43:be:b5:3c:cf:b8:
a5:3f:fd:21:71:e1:e1:46:dd:05:95:57:b8:3d:18:
d2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2F:2A:9D:1E:F7:7B:68:79:C0:AC:36:5B:17:8F:78:AC:CF:D7:8D
X509v3 Authority Key Identifier:
keyid:AF:E4:A0:D5:FD:A6:00:C5:D5:B7:F6:18:F6:86:D7:E9:30:51:B4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-Sg1f2mAMXVt_YY9obX6TBRtNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/8y8qnR73e2h5wKw2WxePeKzP140.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/r-Sg1f2mAMXVt_YY9obX6TBRtNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.72.0/22
IPv6:
2a02:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
b9:6f:14:77:1b:f9:3f:5a:05:24:6d:a6:5b:4d:db:f3:8b:8a:
67:5a:71:43:bd:cc:57:f8:74:a8:34:81:02:de:80:05:ef:a0:
e9:63:30:fb:26:68:42:e3:ec:88:fc:04:f4:64:2a:aa:75:ac:
42:b9:51:4c:5e:4d:e4:22:da:64:da:22:fc:22:bd:bb:08:52:
db:9e:cd:24:ad:98:c2:d3:ee:66:2d:c0:1a:4f:46:e4:0b:e7:
90:0a:52:8e:49:2c:ba:6a:15:30:1a:43:52:c1:0e:df:c9:ea:
e1:df:9e:20:72:ef:0a:a0:c5:41:15:aa:da:21:84:83:92:54:
d7:3b:4a:b3:17:80:02:fb:70:5b:0c:c5:26:e0:49:65:a6:a6:
66:8f:5a:e9:7d:0e:1b:21:32:21:70:5c:86:29:35:fb:ea:e9:
79:cd:4c:64:cf:48:bd:c4:2a:0d:d4:0a:25:b8:a0:41:91:67:
a2:75:f2:db:ee:d1:ba:45:db:b7:25:72:75:2f:71:a3:08:13:
5d:37:f6:70:03:d6:7d:c8:18:cb:4d:8b:56:96:4b:32:64:2a:
8c:06:a8:e0:dd:4e:9d:a0:90:da:f9:52:df:84:06:c2:8c:f1:
d1:d4:17:5e:02:f6:dd:2e:f8:3e:d6:9a:45:8f:90:cc:15:72:
09:62:bd:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJ1oScJWM9Dsb6UfDYqolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZTRhMGQ1ZmRhNjAwYzVkNWI3ZjYxOGY2ODZkN2U5MzA1
MWI0ZDcwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzJmMmE5ZDFlZjc3YjY4NzljMGFjMzY1YjE3OGY3OGFjY2ZkNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBtsYF2UhxjDNvagpJlzaF6xDVkB
+Cjk+wizgh7Wu5+/IANCFzd4IO1tZIsyLfUwLL4Af+1I7eKWA319cI3m6/6MHrQE
XH7t+ur6waEfAW6lS0mn43xRfAkH6+wBV8JK6UBRP4PrB70uCon2xsV9wG3XzrD9
xL2iOmj4h6JBLu5Ejp0pGDC4qL8QJO6yFuMWF8J8d7e0YXYwMZFBh+vQQBrNfndg
3G8IVxNKIEBUmRf0dW3dRLurnpIVejujCKGHYOkZ7Pr/fX/TDyytvXrK54CfZJ49
TjjSx9puCEGueGU0XpeGtEN/qDBDvrU8z7ilP/0hceHhRt0FlVe4PRjSHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPMvKp0e93toecCsNlsXj3isz9eNMB8GA1UdIwQY
MBaAFK/koNX9pgDF1bf2GPaG1+kwUbTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1TZzFmMm1BTVhWdF9ZWTlvYlg2VEJSdE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85NDY3YzgtMGM5MC00NmUxLTkxYzAt
ZTEwN2Q5ZjE2YzJkLzEvOHk4cW5SNzNlMmg1d0t3Mld4ZVBlS3pQMTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85NDY3YzgtMGM5MC00NmUxLTkxYzAtZTEwN2Q5ZjE2YzJk
LzEvci1TZzFmMm1BTVhWdF9ZWTlvYlg2VEJSdE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTxIMA0E
AgACMAcDBQAqAnGgMA0GCSqGSIb3DQEBCwUAA4IBAQC5bxR3G/k/WgUkbaZbTdvz
i4pnWnFDvcxX+HSoNIEC3oAF76DpYzD7JmhC4+yI/AT0ZCqqdaxCuVFMXk3kItpk
2iL8Ir27CFLbns0krZjC0+5mLcAaT0bkC+eQClKOSSy6ahUwGkNSwQ7fyerh354g
cu8KoMVBFaraIYSDklTXO0qzF4AC+3BbDMUm4EllpqZmj1rpfQ4bITIhcFyGKTX7
6ul5zUxkz0i9xCoN1AoluKBBkWeidfLb7tG6Rdu3JXJ1L3GjCBNdN/ZwA9Z9yBjL
TYtWlksyZCqMBqjg3U6doJDa+VLfhAbCjPHR1BdeAvbdLvg+1ppFj5DMFXIJYr3X
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:10 2024 by rpki-client on console-fra.rpki-client.org