Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/n9kxSBUuOt42G9LzGlnJ-H6MPOg.roa
File: n9kxSBUuOt42G9LzGlnJ-H6MPOg.roa (raw, json)
Hash identifier: IyOWyd6ps+b5PdcyPxuyJXIkzhiYo9EeOA6Zk6X8pNA=
Subject key identifier: 9F:D9:31:48:15:2E:3A:DE:36:1B:D2:F3:1A:59:C9:F8:7E:8C:3C:E8
Certificate issuer: /CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Certificate serial: 018E36CD8F75CDDBF5B7D8B1192811125987
Authority key identifier: 16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/n9kxSBUuOt42G9LzGlnJ-H6MPOg.roa
Signing time: Wed 13 Mar 2024 07:53:45 +0000
ROA not before: Wed 13 Mar 2024 07:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12778
IP address blocks: 77.234.128.0/19 maxlen: 19
212.72.96.0/19 maxlen: 19
2a02:d68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:cd:8f:75:cd:db:f5:b7:d8:b1:19:28:11:12:59:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Validity
Not Before: Mar 13 07:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fd93148152e3ade361bd2f31a59c9f87e8c3ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3e:70:83:e0:f4:c9:cc:5c:70:64:34:79:ed:
bf:27:18:22:dc:e8:5a:72:22:e6:5b:d0:15:ce:74:
80:dc:9f:af:f8:ac:2b:ae:49:26:ab:a3:e9:73:c6:
b6:41:d9:4c:f5:03:e3:d6:b9:ad:5d:b4:62:23:46:
a1:33:fa:c0:2d:0d:fb:5e:6d:28:c6:19:cd:10:47:
00:94:18:8f:46:91:a6:6f:f2:3a:cc:3d:43:b2:68:
39:45:da:60:6e:72:f7:31:40:c8:e2:ae:fb:7e:58:
78:c9:d8:7f:03:1d:68:74:6e:40:9d:37:0a:88:db:
df:d4:c0:8b:35:ae:99:3c:3f:5c:28:af:1e:92:cc:
84:9a:31:0d:ce:9b:ce:6a:45:8a:37:7c:8d:f1:ad:
59:f6:fb:18:43:04:f8:88:24:cb:07:19:0b:08:9e:
96:da:ba:db:4b:51:75:a7:3f:0f:38:2a:d8:5d:2e:
8a:82:48:15:11:5e:5d:75:d5:22:a2:a3:50:a1:c1:
d4:cb:50:b0:f8:74:71:89:21:7a:70:5c:14:b6:11:
98:a3:36:ac:a1:85:2c:56:14:48:ff:08:21:2b:a9:
76:d8:a3:d6:20:86:55:87:86:7c:e9:dc:2e:bb:5d:
d1:bb:06:1f:53:b4:86:9b:e3:50:a2:c3:a9:ed:ff:
4e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D9:31:48:15:2E:3A:DE:36:1B:D2:F3:1A:59:C9:F8:7E:8C:3C:E8
X509v3 Authority Key Identifier:
keyid:16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/n9kxSBUuOt42G9LzGlnJ-H6MPOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.234.128.0/19
212.72.96.0/19
IPv6:
2a02:d68::/32
Signature Algorithm: sha256WithRSAEncryption
49:80:59:94:97:3e:1c:e3:43:99:67:e3:ab:64:19:b9:41:91:
80:9f:b3:6b:9d:79:d6:71:47:f7:ef:e7:15:4e:8d:3b:f3:27:
12:d8:41:40:86:cc:f1:04:f7:b7:7e:03:12:f4:5c:87:e7:4f:
69:e8:da:b4:1a:3a:5e:f8:ce:ad:3d:54:9d:b3:6d:49:8c:02:
61:81:cb:90:17:c3:d4:0f:1b:d2:9e:50:51:be:82:4c:23:ea:
17:24:8e:19:4d:14:db:1b:b4:f7:24:f8:29:eb:44:02:72:23:
c0:56:99:e9:51:14:f9:a8:f3:bb:1d:28:14:00:02:ef:4f:95:
27:ab:c2:02:89:9e:6b:2d:33:06:86:8a:91:79:fb:50:5d:c4:
6e:a1:d9:4a:fb:e4:46:52:c6:e2:95:7c:9e:e9:54:dd:48:f7:
dc:ba:75:b6:62:d3:b6:7d:a8:b3:e9:ea:d0:d7:3d:12:f9:27:
d8:20:d3:8c:3b:10:62:71:a1:05:cf:11:92:46:e5:bf:6a:b6:
c3:8d:c8:e3:6b:41:67:ac:76:5a:08:2f:0b:98:57:e2:2d:c3:
5c:04:8a:40:a7:df:15:33:97:cb:1d:d5:b0:36:bb:6b:16:43:
88:da:f5:59:6c:56:8d:50:7e:35:0e:42:49:75:a3:34:71:7d:
e7:f7:a9:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY42zY91zdv1t9ixGSgRElmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDk2Y2Y0MTA5YTRhODVkMTg2M2JmNTRhYTRmYTNlODFl
MGMwZTYwHhcNMjQwMzEzMDc1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQ5MzE0ODE1MmUzYWRlMzYxYmQyZjMxYTU5YzlmODdlOGMzY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj5wg+D0ycxccGQ0ee2/Jxgi3Oha
ciLmW9AVznSA3J+v+Kwrrkkmq6Ppc8a2QdlM9QPj1rmtXbRiI0ahM/rALQ37Xm0o
xhnNEEcAlBiPRpGmb/I6zD1Dsmg5RdpgbnL3MUDI4q77flh4ydh/Ax1odG5AnTcK
iNvf1MCLNa6ZPD9cKK8eksyEmjENzpvOakWKN3yN8a1Z9vsYQwT4iCTLBxkLCJ6W
2rrbS1F1pz8POCrYXS6KgkgVEV5dddUioqNQocHUy1Cw+HRxiSF6cFwUthGYozas
oYUsVhRI/wghK6l22KPWIIZVh4Z86dwuu13RuwYfU7SGm+NQosOp7f9OwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ/ZMUgVLjreNhvS8xpZyfh+jDzoMB8GA1UdIwQY
MBaAFBbZbPQQmkqF0YY79Uqk+j6B4MDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAt
MTQwN2MwOGRiNTgyLzEvbjlreFNCVXVPdDQyRzlMekdsbkotSDZNUE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAtMTQwN2MwOGRiNTgy
LzEvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFTeqAAwQF
1EhgMA0EAgACMAcDBQAqAg1oMA0GCSqGSIb3DQEBCwUAA4IBAQBJgFmUlz4c40OZ
Z+OrZBm5QZGAn7NrnXnWcUf37+cVTo078ycS2EFAhszxBPe3fgMS9FyH509p6Nq0
Gjpe+M6tPVSds21JjAJhgcuQF8PUDxvSnlBRvoJMI+oXJI4ZTRTbG7T3JPgp60QC
ciPAVpnpURT5qPO7HSgUAALvT5Unq8ICiZ5rLTMGhoqReftQXcRuodlK++RGUsbi
lXye6VTdSPfcunW2YtO2faiz6erQ1z0S+SfYINOMOxBicaEFzxGSRuW/arbDjcjj
a0FnrHZaCC8LmFfiLcNcBIpAp98VM5fLHdWwNrtrFkOI2vVZbFaNUH41DkJJdaM0
cX3n96kP
-----END CERTIFICATE-----
Generated at Fri May 17 05:17:36 2024 by rpki-client on console-fra.rpki-client.org