Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/C2EQTjnk9nuQTWyw6gzAt6ez1K4.roa
File: C2EQTjnk9nuQTWyw6gzAt6ez1K4.roa (raw, json)
Hash identifier: Iz//f8khWGccySIuzhk3CTUvyvV8/wZKWBqxE7ZLXUY=
Subject key identifier: 0B:61:10:4E:39:E4:F6:7B:90:4D:6C:B0:EA:0C:C0:B7:A7:B3:D4:AE
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 018CC56EBED756E789D2EAE9C9939B729924
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/C2EQTjnk9nuQTWyw6gzAt6ez1K4.roa
Signing time: Mon 01 Jan 2024 14:30:18 +0000
ROA not before: Mon 01 Jan 2024 14:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32611
IP address blocks: 141.113.144.0/21 maxlen: 21
141.113.152.0/21 maxlen: 21
141.113.160.0/21 maxlen: 21
141.113.168.0/21 maxlen: 21
141.113.176.0/21 maxlen: 21
141.113.184.0/21 maxlen: 21
2a03:9e41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:be:d7:56:e7:89:d2:ea:e9:c9:93:9b:72:99:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jan 1 14:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b61104e39e4f67b904d6cb0ea0cc0b7a7b3d4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:41:5c:3d:da:36:e4:42:74:53:24:bc:4c:
e8:99:de:d3:0d:8b:e0:60:5e:df:1f:53:4c:ed:4b:
cc:72:ea:ea:9f:b6:fc:b8:60:06:8d:f6:96:e1:96:
af:4b:0d:e4:7f:ae:af:e7:04:fc:5d:a0:8c:de:3a:
a8:95:e9:30:26:57:fc:ff:85:8c:19:14:cd:8e:f7:
6f:b6:cc:d4:7b:c4:bb:02:1a:71:c6:4d:0f:42:d6:
4a:00:64:ac:af:64:04:7b:ab:77:11:53:49:7c:0c:
6f:f9:31:20:82:f5:12:17:08:2f:f2:35:ac:2f:9b:
23:60:32:fa:9d:14:6c:bb:b1:d3:80:2e:fa:89:95:
7d:eb:21:a6:b3:e2:f3:46:fc:c4:a6:30:00:1c:f8:
ea:b4:05:55:ec:36:d1:b1:e1:ae:3c:b3:c5:2b:fd:
76:fc:6f:98:29:fa:45:f4:64:23:80:40:91:4c:f8:
c1:95:2a:9f:8d:da:fd:12:51:a1:1f:db:6a:92:54:
3f:53:13:24:8d:0e:14:7f:05:3b:1e:a8:7c:5c:4a:
6a:1d:10:c0:83:5b:e6:08:92:8b:4f:19:f1:e7:a4:
e3:36:4b:ad:63:89:c8:e7:17:a5:31:06:29:8a:cc:
c4:f7:9b:64:b2:95:d4:ed:b1:23:df:4e:95:42:46:
3a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:61:10:4E:39:E4:F6:7B:90:4D:6C:B0:EA:0C:C0:B7:A7:B3:D4:AE
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/C2EQTjnk9nuQTWyw6gzAt6ez1K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.113.144.0-141.113.191.255
IPv6:
2a03:9e41::/32
Signature Algorithm: sha256WithRSAEncryption
93:2a:a7:a9:14:66:ba:f6:f2:de:aa:f1:35:3d:17:19:2a:d8:
9d:74:91:81:69:59:42:a3:e6:00:2f:51:d1:e2:67:f7:79:5f:
18:28:1b:15:b1:83:3e:78:a5:9a:28:d9:a2:d1:6c:ea:fa:c9:
33:9a:cd:82:4f:80:75:19:0f:02:63:7b:0e:b9:bf:af:f6:e9:
e8:1b:2d:52:ab:71:5c:73:62:e4:1f:9e:79:79:3e:ef:ed:37:
f4:33:98:ae:57:d9:32:95:8e:c7:8e:72:a4:4c:a0:c5:43:28:
6e:46:58:f7:90:e6:07:8f:df:6b:95:1f:34:8a:1c:59:eb:a4:
63:df:e6:9c:28:de:d3:57:4d:2b:d8:77:96:a7:7b:b6:32:a1:
9f:16:8f:59:fa:50:39:84:55:50:df:2c:3f:56:e6:36:03:8b:
95:87:96:88:c3:73:f2:91:8b:a5:c7:c3:a4:be:b9:26:6c:e7:
28:9a:ed:06:7a:70:47:4d:62:34:e1:f7:c7:bf:b6:44:28:dd:
5d:73:6b:e6:22:c4:db:1a:b3:fc:a6:3d:c0:9c:5b:76:db:85:
02:21:8f:1a:29:54:b9:c7:1c:28:29:ac:c2:2a:21:3b:5b:b5:
9b:0c:8c:6a:69:71:9d:a4:8c:bf:ab:40:10:e2:c2:fc:f2:d4:
37:ac:45:01
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbr7XVueJ0urpyZObcpkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjQwMTAxMTQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYxMTA0ZTM5ZTRmNjdiOTA0ZDZjYjBlYTBjYzBiN2E3YjNkNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttFBXD3aNuRCdFMkvEzomd7TDYvg
YF7fH1NM7UvMcurqn7b8uGAGjfaW4ZavSw3kf66v5wT8XaCM3jqolekwJlf8/4WM
GRTNjvdvtszUe8S7Ahpxxk0PQtZKAGSsr2QEe6t3EVNJfAxv+TEggvUSFwgv8jWs
L5sjYDL6nRRsu7HTgC76iZV96yGms+LzRvzEpjAAHPjqtAVV7DbRseGuPLPFK/12
/G+YKfpF9GQjgECRTPjBlSqfjdr9ElGhH9tqklQ/UxMkjQ4UfwU7Hqh8XEpqHRDA
g1vmCJKLTxnx56TjNkutY4nI5xelMQYpiszE95tkspXU7bEj306VQkY6gQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAthEE455PZ7kE1ssOoMwLens9SuMB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvQzJFUVRqbms5bnVRVFd5dzZnekF0NmV6MUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBASNcZAD
BAaNcYAwDQQCAAIwBwMFACoDnkEwDQYJKoZIhvcNAQELBQADggEBAJMqp6kUZrr2
8t6q8TU9Fxkq2J10kYFpWUKj5gAvUdHiZ/d5XxgoGxWxgz54pZoo2aLRbOr6yTOa
zYJPgHUZDwJjew65v6/26egbLVKrcVxzYuQfnnl5Pu/tN/QzmK5X2TKVjseOcqRM
oMVDKG5GWPeQ5geP32uVHzSKHFnrpGPf5pwo3tNXTSvYd5ane7YyoZ8Wj1n6UDmE
VVDfLD9W5jYDi5WHlojDc/KRi6XHw6S+uSZs5yia7QZ6cEdNYjTh98e/tkQo3V1z
a+YixNsas/ymPcCcW3bbhQIhjxopVLnHHCgprMIqITtbtZsMjGppcZ2kjL+rQBDi
wvzy1DesRQE=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:25:55 2024 by rpki-client on console-ams.rpki-client.org