Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e9169a-ee06-4e4a-b21e-849417ae634d/1/9tU3y2geCUDLasrk6ieYzxld4qk.roa
File: 9tU3y2geCUDLasrk6ieYzxld4qk.roa (raw, json)
Hash identifier: uZKss6VTDVQu/jjjUNwxO8BRwHWKBQP0+peOJpgHLEE=
Subject key identifier: F6:D5:37:CB:68:1E:09:40:CB:6A:CA:E4:EA:27:98:CF:19:5D:E2:A9
Certificate issuer: /CN=cdf62cbd6cf7e808224f6cf8725e36e2a965352c
Certificate serial: 018CC801779489E590D87C617CB9C0E5EF2A
Authority key identifier: CD:F6:2C:BD:6C:F7:E8:08:22:4F:6C:F8:72:5E:36:E2:A9:65:35:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfYsvWz36AgiT2z4cl424qllNSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e9169a-ee06-4e4a-b21e-849417ae634d/1/9tU3y2geCUDLasrk6ieYzxld4qk.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8298
IP address blocks: 194.1.163.0/24 maxlen: 24
2001:678:d78::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/e9169a-ee06-4e4a-b21e-849417ae634d/1/zfYsvWz36AgiT2z4cl424qllNSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/e9169a-ee06-4e4a-b21e-849417ae634d/1/zfYsvWz36AgiT2z4cl424qllNSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/zfYsvWz36AgiT2z4cl424qllNSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 10:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:77:94:89:e5:90:d8:7c:61:7c:b9:c0:e5:ef:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf62cbd6cf7e808224f6cf8725e36e2a965352c
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6d537cb681e0940cb6acae4ea2798cf195de2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5a:ad:9a:b6:1e:08:79:6b:29:e2:a2:f6:4f:
08:13:fd:ad:2f:76:38:e0:7e:53:9e:bc:f6:b3:c9:
73:76:4f:f9:ce:57:47:97:ed:ba:66:ad:5a:1e:7c:
77:32:5e:8a:fd:26:39:31:ae:40:38:4f:72:0f:25:
fc:d9:ce:08:78:4c:e7:5d:49:0e:c8:01:5f:03:3e:
a6:ca:24:2b:36:1b:65:a1:fb:60:f9:b2:0a:a2:b2:
5b:dc:76:fb:18:f9:4b:2b:33:02:71:8a:93:bd:ae:
95:71:fc:f2:15:7c:18:0d:7b:17:b4:3f:ea:07:d6:
d0:cb:81:3c:ce:2e:06:e7:70:c3:f2:20:fc:b4:a7:
f1:53:36:cc:71:b1:9f:3c:16:6f:c4:b2:58:77:1f:
4e:c4:fd:ce:f1:da:f1:06:d6:26:1f:dd:b4:e0:d1:
71:3d:e5:af:84:3f:3a:41:4e:c4:14:59:81:84:d3:
9e:7b:3f:28:ca:1d:a0:bb:67:60:f4:33:14:3a:21:
34:6c:9b:ad:2c:d2:b4:98:ba:05:a5:ed:b9:43:89:
fb:36:e1:52:80:ce:1f:c0:25:8d:3e:e6:17:78:98:
4a:9b:7e:07:7a:8a:d4:e7:c6:66:26:8e:be:7b:fa:
3a:1e:95:0e:1c:33:81:33:2c:4c:e4:55:5b:fd:0e:
48:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D5:37:CB:68:1E:09:40:CB:6A:CA:E4:EA:27:98:CF:19:5D:E2:A9
X509v3 Authority Key Identifier:
keyid:CD:F6:2C:BD:6C:F7:E8:08:22:4F:6C:F8:72:5E:36:E2:A9:65:35:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfYsvWz36AgiT2z4cl424qllNSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e9169a-ee06-4e4a-b21e-849417ae634d/1/9tU3y2geCUDLasrk6ieYzxld4qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e9169a-ee06-4e4a-b21e-849417ae634d/1/zfYsvWz36AgiT2z4cl424qllNSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.163.0/24
IPv6:
2001:678:d78::/48
Signature Algorithm: sha256WithRSAEncryption
6e:d1:79:ff:81:bd:5a:74:17:ba:25:82:84:c7:c5:df:4f:9d:
a3:80:b6:a2:83:4d:de:18:a7:01:11:f3:a9:6e:b8:cb:f8:37:
b8:94:21:a2:ce:b0:6d:f4:a7:f1:b9:42:5c:2e:22:aa:b3:07:
2b:dd:1f:f6:31:6c:6a:d2:06:f3:9f:a0:f6:d7:e0:58:58:a4:
1d:0c:80:08:2a:ca:b1:e1:ac:f3:bf:b4:97:84:e0:44:78:39:
d1:8c:ea:6a:34:c2:3f:50:0e:83:01:2f:62:b7:51:a4:61:38:
d8:21:de:73:1a:2a:6d:74:50:9f:80:5d:b8:a9:30:e1:40:22:
b3:d4:a7:1f:95:8c:43:7e:da:d7:24:af:fb:42:00:61:06:8a:
29:5f:60:06:89:39:d9:58:5e:0b:42:b4:35:f7:73:be:4c:7a:
6f:5f:2e:97:e3:48:dc:3e:7c:b8:79:92:ed:2f:e8:d8:02:7b:
b0:e6:9b:5b:90:0f:af:1f:fc:11:ab:f8:d0:06:69:d6:2f:b1:
4b:68:6b:be:35:f3:5c:a9:8f:45:b6:2a:b4:32:07:20:4a:e1:
36:8e:43:81:07:d8:3a:85:d7:10:a0:6b:e6:3a:3d:52:ed:a0:
9b:3a:19:bf:6b:30:fa:a8:fb:94:08:01:39:14:1f:7c:42:0f:
8f:fd:ac:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAXeUieWQ2HxhfLnA5e8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjYyY2JkNmNmN2U4MDgyMjRmNmNmODcyNWUzNmUyYTk2
NTM1MmMwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ1MzdjYjY4MWUwOTQwY2I2YWNhZTRlYTI3OThjZjE5NWRlMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1qtmrYeCHlrKeKi9k8IE/2tL3Y4
4H5Tnrz2s8lzdk/5zldHl+26Zq1aHnx3Ml6K/SY5Ma5AOE9yDyX82c4IeEznXUkO
yAFfAz6myiQrNhtloftg+bIKorJb3Hb7GPlLKzMCcYqTva6VcfzyFXwYDXsXtD/q
B9bQy4E8zi4G53DD8iD8tKfxUzbMcbGfPBZvxLJYdx9OxP3O8drxBtYmH9204NFx
PeWvhD86QU7EFFmBhNOeez8oyh2gu2dg9DMUOiE0bJutLNK0mLoFpe25Q4n7NuFS
gM4fwCWNPuYXeJhKm34HeorU58ZmJo6+e/o6HpUOHDOBMyxM5FVb/Q5IHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPbVN8toHglAy2rK5OonmM8ZXeKpMB8GA1UdIwQY
MBaAFM32LL1s9+gIIk9s+HJeNuKpZTUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZZc3ZXejM2QWdpVDJ6NGNsNDI0cWxsTlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lOTE2OWEtZWUwNi00ZTRhLWIyMWUt
ODQ5NDE3YWU2MzRkLzEvOXRVM3kyZ2VDVURMYXNyazZpZVl6eGxkNHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lOTE2OWEtZWUwNi00ZTRhLWIyMWUtODQ5NDE3YWU2MzRk
LzEvemZZc3ZXejM2QWdpVDJ6NGNsNDI0cWxsTlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgGjMA8E
AgACMAkDBwAgAQZ4DXgwDQYJKoZIhvcNAQELBQADggEBAG7Ref+BvVp0F7olgoTH
xd9PnaOAtqKDTd4YpwER86luuMv4N7iUIaLOsG30p/G5QlwuIqqzByvdH/YxbGrS
BvOfoPbX4FhYpB0MgAgqyrHhrPO/tJeE4ER4OdGM6mo0wj9QDoMBL2K3UaRhONgh
3nMaKm10UJ+AXbipMOFAIrPUpx+VjEN+2tckr/tCAGEGiilfYAaJOdlYXgtCtDX3
c75Mem9fLpfjSNw+fLh5ku0v6NgCe7Dmm1uQD68f/BGr+NAGadYvsUtoa74181yp
j0W2KrQyByBK4TaOQ4EH2DqF1xCga+Y6PVLtoJs6Gb9rMPqo+5QIATkUH3xCD4/9
rCU=
-----END CERTIFICATE-----
Generated at Mon Jun 17 16:35:27 2024 by rpki-client on console-ams.rpki-client.org