Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/J4KXloaCMP2UDZiDCqkUKvTWBbo.roa
File: J4KXloaCMP2UDZiDCqkUKvTWBbo.roa (raw, json)
Hash identifier: 30RmeVS4RZ18Pc5MOAdCS+cUOWDS9MZ2FqI9hgnQs6o=
Subject key identifier: 27:82:97:96:86:82:30:FD:94:0D:98:83:0A:A9:14:2A:F4:D6:05:BA
Certificate issuer: /CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Certificate serial: 018CC64A3A0563E78BB6275C3B36B9E75B56
Authority key identifier: 6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/J4KXloaCMP2UDZiDCqkUKvTWBbo.roa
Signing time: Mon 01 Jan 2024 18:30:02 +0000
ROA not before: Mon 01 Jan 2024 18:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210017
IP address blocks: 193.58.112.0/22 maxlen: 24
2a0d:e640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:3a:05:63:e7:8b:b6:27:5c:3b:36:b9:e7:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Validity
Not Before: Jan 1 18:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27829796868230fd940d98830aa9142af4d605ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2f:88:5b:14:c8:b3:3a:c5:8e:f2:da:1a:bd:
0a:53:b9:f7:af:f3:77:0f:7f:bf:05:e2:43:13:26:
d4:75:cc:09:75:5c:08:5f:13:94:67:03:fe:19:b1:
29:7b:86:21:46:9c:d4:42:69:d2:a4:c6:e3:b3:f6:
9c:97:46:99:56:0b:4d:c4:63:ca:00:65:45:90:1f:
36:3a:73:c9:79:c0:04:ba:71:d5:89:32:e0:6f:21:
a8:be:5c:0b:96:50:27:88:12:5c:cc:72:a1:e6:cd:
c3:f1:ab:89:8d:4e:00:58:9c:1d:d1:e6:d1:32:0a:
7e:6b:c7:1f:55:f1:b7:16:4e:cf:e8:82:e3:2c:d8:
d1:bc:27:96:ca:1b:57:9c:7a:19:f6:95:46:b5:0f:
79:f3:51:8a:ab:59:4d:04:fa:fc:10:13:12:e6:ba:
30:02:c3:ef:67:19:19:b7:b2:32:65:d1:a3:a3:bf:
0e:98:e5:a2:2d:65:18:a6:93:4b:fc:2f:0b:7d:4b:
b4:14:78:a8:3b:89:74:b1:ed:0b:36:5e:13:7e:40:
14:da:9d:1b:c7:48:9a:fd:a9:2c:ea:1c:8f:a8:33:
fd:81:ee:94:52:9b:b0:88:eb:37:79:88:59:06:fd:
c5:2c:51:b4:fa:fc:e2:b9:f0:8d:1b:cd:12:5f:5c:
c2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:82:97:96:86:82:30:FD:94:0D:98:83:0A:A9:14:2A:F4:D6:05:BA
X509v3 Authority Key Identifier:
keyid:6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/J4KXloaCMP2UDZiDCqkUKvTWBbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.112.0/22
IPv6:
2a0d:e640::/29
Signature Algorithm: sha256WithRSAEncryption
82:0e:43:7c:67:75:2c:c7:f2:3b:8c:12:0d:43:8f:bd:20:51:
38:6c:4f:99:18:e7:a6:94:ea:0c:bc:47:98:b6:92:53:bc:bb:
9a:e8:f7:08:18:62:49:e2:02:16:52:14:32:90:d4:4f:ce:01:
23:ac:db:5b:1c:50:73:a5:aa:e9:c1:b0:38:35:97:d9:07:a3:
65:8e:ee:f8:cc:7e:8d:c5:5e:d4:61:d5:a1:16:15:77:2f:92:
18:8a:b4:ae:a3:64:fe:6b:c9:e6:ec:05:de:e7:f1:d9:e8:a6:
04:40:f9:86:86:67:e1:e1:94:89:d5:a3:2f:a4:f7:cd:98:8d:
b5:3c:58:f1:34:68:42:eb:f3:3f:58:9f:87:b3:37:6a:10:81:
77:77:9d:77:6e:18:2f:2a:00:37:92:3c:dd:96:ec:01:1e:2b:
e6:dc:fc:f6:00:59:29:d3:86:b2:cf:94:f1:36:f6:1a:13:69:
82:8f:c1:fa:50:14:24:37:c4:99:ba:d1:e6:b8:8d:b4:ff:e0:
34:a9:ad:27:83:41:c8:98:8a:8c:d2:b5:5a:41:75:4f:f5:e5:
df:01:9e:95:c4:58:70:41:38:f5:97:23:7c:7f:85:e6:b2:15:
f6:2c:c2:f1:d3:ee:37:6a:6b:da:85:f0:b4:28:76:5d:b0:bb:
87:07:95:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSjoFY+eLtidcOza551tWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZjliMjRmMmMwODQ3ZDA0MWMxZTY2YTEyZjAxZWFiYTQ3
OGI0ZmMwHhcNMjQwMTAxMTgzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgyOTc5Njg2ODIzMGZkOTQwZDk4ODMwYWE5MTQyYWY0ZDYwNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS+IWxTIszrFjvLaGr0KU7n3r/N3
D3+/BeJDEybUdcwJdVwIXxOUZwP+GbEpe4YhRpzUQmnSpMbjs/acl0aZVgtNxGPK
AGVFkB82OnPJecAEunHViTLgbyGovlwLllAniBJczHKh5s3D8auJjU4AWJwd0ebR
Mgp+a8cfVfG3Fk7P6ILjLNjRvCeWyhtXnHoZ9pVGtQ9581GKq1lNBPr8EBMS5row
AsPvZxkZt7IyZdGjo78OmOWiLWUYppNL/C8LfUu0FHioO4l0se0LNl4TfkAU2p0b
x0ia/aks6hyPqDP9ge6UUpuwiOs3eYhZBv3FLFG0+vziufCNG80SX1zCYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCeCl5aGgjD9lA2YgwqpFCr01gW6MB8GA1UdIwQY
MBaAFGz5sk8sCEfQQcHmahLwHqukeLT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWIt
OTQ2ODkyZjg4YmViLzEvSjRLWGxvYUNNUDJVRFppRENxa1VLdlRXQmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWItOTQ2ODkyZjg4YmVi
LzEvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwTpwMA0E
AgACMAcDBQMqDeZAMA0GCSqGSIb3DQEBCwUAA4IBAQCCDkN8Z3Usx/I7jBINQ4+9
IFE4bE+ZGOemlOoMvEeYtpJTvLua6PcIGGJJ4gIWUhQykNRPzgEjrNtbHFBzparp
wbA4NZfZB6Nlju74zH6NxV7UYdWhFhV3L5IYirSuo2T+a8nm7AXe5/HZ6KYEQPmG
hmfh4ZSJ1aMvpPfNmI21PFjxNGhC6/M/WJ+HszdqEIF3d513bhgvKgA3kjzdluwB
Hivm3Pz2AFkp04ayz5TxNvYaE2mCj8H6UBQkN8SZutHmuI20/+A0qa0ng0HImIqM
0rVaQXVP9eXfAZ6VxFhwQTj1lyN8f4XmshX2LMLx0+43amvahfC0KHZdsLuHB5Wy
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:33 2024 by rpki-client on console-ams.rpki-client.org