Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/IX-RBpCdfCQwvz_Dwo9q7PNLUBM.roa
File: IX-RBpCdfCQwvz_Dwo9q7PNLUBM.roa (raw, json)
Hash identifier: 5Fa5nYHp9KHPzgaKfLTPXwtj6/bdRfI2yuXMpwJ8RbQ=
Subject key identifier: 21:7F:91:06:90:9D:7C:24:30:BF:3F:C3:C2:8F:6A:EC:F3:4B:50:13
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 018CC56EBFA5C36F43613238E294C26E5E59
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/IX-RBpCdfCQwvz_Dwo9q7PNLUBM.roa
Signing time: Mon 01 Jan 2024 14:30:18 +0000
ROA not before: Mon 01 Jan 2024 14:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141760
IP address blocks: 141.113.128.0/21 maxlen: 21
141.113.136.0/21 maxlen: 21
141.113.192.0/21 maxlen: 21
2a03:9e43::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:bf:a5:c3:6f:43:61:32:38:e2:94:c2:6e:5e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jan 1 14:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=217f9106909d7c2430bf3fc3c28f6aecf34b5013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:91:99:da:2b:24:ec:89:00:3f:71:56:ba:16:
1e:21:07:c4:ee:71:8b:d8:e0:75:de:e1:e3:0f:9f:
22:91:ce:a5:d1:30:ee:02:18:31:8f:ef:32:7f:84:
3f:aa:0c:a8:2d:3b:b5:33:0a:52:a0:8d:dd:c6:14:
39:bb:d1:16:21:5f:4f:18:c3:b7:52:0b:de:10:02:
fc:68:2d:ab:f7:3f:c4:e5:bd:4f:72:2b:61:6e:7a:
ed:52:ba:85:3b:cd:37:bb:b9:8c:6b:d6:da:02:62:
8c:0a:7a:04:c9:4a:f0:47:b1:86:a8:27:37:f2:31:
3b:6d:74:7f:95:6d:94:24:f9:8d:50:e4:94:3e:9b:
b2:94:e0:5a:e6:ee:e5:e4:3e:36:1f:75:89:5e:4f:
d2:29:5e:a0:9a:87:fb:e6:00:a5:54:14:64:12:f1:
d4:6c:a5:8f:3b:1a:12:b0:e7:20:0e:60:fb:85:36:
82:da:67:08:82:5c:f6:60:76:1a:df:49:aa:03:31:
e7:5b:7a:f7:a3:de:4a:4f:38:0a:b7:67:c9:18:50:
b0:3d:46:1f:85:5f:36:40:2e:88:03:46:90:a5:57:
db:fe:c3:72:c2:6a:32:23:05:2f:38:50:8d:c2:bc:
8e:05:49:80:76:e0:73:01:e2:a9:ca:65:3d:a7:39:
54:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7F:91:06:90:9D:7C:24:30:BF:3F:C3:C2:8F:6A:EC:F3:4B:50:13
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/IX-RBpCdfCQwvz_Dwo9q7PNLUBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.113.128.0/20
141.113.192.0/21
IPv6:
2a03:9e43::/32
Signature Algorithm: sha256WithRSAEncryption
58:54:e4:1c:e0:34:cd:45:e6:26:3d:11:54:35:03:7f:2e:99:
52:1c:38:e4:21:2f:d0:f6:62:51:ce:a3:05:56:03:49:1c:ab:
ac:b7:21:a4:ea:66:f9:24:53:5e:eb:a2:0d:75:45:8b:07:3a:
26:e8:a8:56:80:d3:f8:2e:cc:c6:bc:9b:15:db:77:76:f9:b6:
aa:ae:c6:c4:77:cc:ed:09:64:c0:b2:7f:ad:18:84:2d:57:d2:
f2:a4:d7:30:96:76:e1:df:5c:8e:67:20:0a:f5:9e:9f:99:ed:
20:b9:f6:af:42:8a:d0:44:cc:a2:af:f7:cb:ac:63:7f:81:38:
ad:1c:1d:ca:ff:ef:01:10:be:bd:56:a4:ba:38:8d:aa:37:5a:
c1:c2:04:29:33:7c:de:76:50:cf:51:28:29:90:58:66:17:a6:
7d:e5:e7:b8:8b:a3:8b:66:50:2d:b5:a6:9f:4b:a8:dc:5e:ea:
de:d6:27:43:63:41:94:64:4b:b6:37:e5:86:2a:ed:57:b1:a9:
b7:31:2e:f6:c1:b6:45:e4:bf:9f:08:e8:aa:7b:91:06:a5:74:
e5:65:46:f6:8a:9c:85:ba:58:7b:fc:ea:7d:b8:de:ee:df:d1:
0d:31:9e:a6:be:a6:02:29:ed:26:f5:e7:2f:83:8a:d9:9a:c1:
a3:58:ed:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbr+lw29DYTI44pTCbl5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjQwMTAxMTQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdmOTEwNjkwOWQ3YzI0MzBiZjNmYzNjMjhmNmFlY2YzNGI1MDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpGZ2isk7IkAP3FWuhYeIQfE7nGL
2OB13uHjD58ikc6l0TDuAhgxj+8yf4Q/qgyoLTu1MwpSoI3dxhQ5u9EWIV9PGMO3
UgveEAL8aC2r9z/E5b1PcithbnrtUrqFO803u7mMa9baAmKMCnoEyUrwR7GGqCc3
8jE7bXR/lW2UJPmNUOSUPpuylOBa5u7l5D42H3WJXk/SKV6gmof75gClVBRkEvHU
bKWPOxoSsOcgDmD7hTaC2mcIglz2YHYa30mqAzHnW3r3o95KTzgKt2fJGFCwPUYf
hV82QC6IA0aQpVfb/sNywmoyIwUvOFCNwryOBUmAduBzAeKpymU9pzlU+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCF/kQaQnXwkML8/w8KPauzzS1ATMB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvSVgtUkJwQ2RmQ1F3dnpfRHdvOXE3UE5MVUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEjXGAAwQD
jXHAMA0EAgACMAcDBQAqA55DMA0GCSqGSIb3DQEBCwUAA4IBAQBYVOQc4DTNReYm
PRFUNQN/LplSHDjkIS/Q9mJRzqMFVgNJHKustyGk6mb5JFNe66INdUWLBzom6KhW
gNP4LszGvJsV23d2+baqrsbEd8ztCWTAsn+tGIQtV9LypNcwlnbh31yOZyAK9Z6f
me0gufavQorQRMyir/fLrGN/gTitHB3K/+8BEL69VqS6OI2qN1rBwgQpM3zedlDP
USgpkFhmF6Z95ee4i6OLZlAttaafS6jcXure1idDY0GUZEu2N+WGKu1Xsam3MS72
wbZF5L+fCOiqe5EGpXTlZUb2ipyFulh7/Op9uN7u39ENMZ6mvqYCKe0m9ecvg4rZ
msGjWO0I
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:56:27 2024 by rpki-client on console-ams.rpki-client.org