Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/K7vVGRu1FugRIPmJ8B3z8E19qBU.roa
File: K7vVGRu1FugRIPmJ8B3z8E19qBU.roa (raw, json)
Hash identifier: m5V3nBe0qPlqrMl+yFj+xAXwLLzQS9GU9Oglwo6YORs=
Subject key identifier: 2B:BB:D5:19:1B:B5:16:E8:11:20:F9:89:F0:1D:F3:F0:4D:7D:A8:15
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018CC94AAE9534C1211E41AA637D77705D54
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/K7vVGRu1FugRIPmJ8B3z8E19qBU.roa
Signing time: Tue 02 Jan 2024 08:29:23 +0000
ROA not before: Tue 02 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 168.75.224.0/20 maxlen: 24
66.9.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 May 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ae:95:34:c1:21:1e:41:aa:63:7d:77:70:5d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 2 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bbbd5191bb516e81120f989f01df3f04d7da815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8a:c1:8c:ec:53:30:f9:ec:18:2c:4d:49:56:
16:90:59:2f:cd:d9:6a:a9:5e:97:0e:c9:0b:8b:64:
a0:07:8f:51:69:98:e6:7b:43:7e:bb:e9:67:fd:41:
e8:07:06:e7:a0:5d:09:5b:58:e2:d5:3d:3d:d1:7f:
57:d3:b7:1b:af:dc:56:0f:5b:44:da:35:05:9d:63:
11:2f:a5:c5:85:e4:68:a9:d3:80:39:b8:5d:98:c1:
6c:5a:e0:e2:22:35:ce:79:5e:41:5d:42:3f:1d:39:
28:13:95:52:9b:1d:54:cf:a5:25:10:ea:90:f2:34:
8b:7c:ed:f3:39:8e:5a:03:0a:53:24:57:1f:06:b2:
23:c5:aa:52:6f:a9:e3:24:be:27:b9:47:19:38:18:
e8:02:2e:56:7f:d2:af:5f:d2:67:81:43:d6:f8:09:
81:b1:b8:09:2c:d5:92:62:50:ed:4e:ba:99:2e:e3:
79:02:c9:e7:c7:5c:b8:9e:81:b1:88:65:56:be:6a:
76:21:9b:b4:ec:fa:98:ff:76:13:fe:83:fc:d6:e4:
8f:d1:79:7c:4a:89:d8:90:be:e9:69:25:c6:2d:62:
8e:f3:2e:15:c1:2e:58:7a:d1:22:3d:46:d0:af:65:
e4:6f:71:38:da:66:3d:a8:04:4a:1d:4f:5b:5b:6a:
b8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BB:D5:19:1B:B5:16:E8:11:20:F9:89:F0:1D:F3:F0:4D:7D:A8:15
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/K7vVGRu1FugRIPmJ8B3z8E19qBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.9.96.0/20
168.75.224.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:c8:93:a2:0b:6d:a7:1d:5f:2a:37:44:fc:eb:75:cc:03:df:
61:a1:6b:b9:de:04:f4:1b:f1:8d:82:97:eb:8f:7d:86:73:1f:
95:48:71:70:9c:67:4f:d5:eb:a7:3a:79:15:33:3b:f3:fe:06:
77:0f:2e:c7:3e:be:10:d8:d1:f6:15:4f:54:e4:8d:35:f5:14:
fb:1b:88:5f:91:7e:42:27:43:a8:08:c0:51:c8:c8:0d:49:e4:
e3:a9:16:69:86:0e:72:d5:9e:44:12:dd:3f:14:d4:5c:69:f3:
1c:03:3f:d7:85:b9:96:03:a9:eb:28:52:57:3d:37:39:e4:9b:
ee:d8:0a:ea:8a:b7:8f:b4:3a:4b:e6:4c:e4:61:8a:65:ca:fc:
df:df:38:53:de:26:6d:f6:78:35:46:79:99:30:e1:63:ee:ee:
66:23:e7:6a:b3:6c:4e:f7:e4:32:a6:67:26:47:5b:99:69:3d:
f8:da:55:d4:41:b4:77:5b:dd:07:01:4e:5e:65:ac:f9:db:5a:
51:43:14:df:c9:35:52:9a:f7:f7:6a:8e:4b:8e:72:1b:5c:e6:
55:69:5c:4d:fd:dd:c0:47:b8:11:6d:50:3e:d6:c6:cd:00:f1:
06:d7:f5:6a:d4:dc:42:65:34:3f:bc:76:e2:05:53:d8:84:92:
7d:42:87:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJSq6VNMEhHkGqY313cF1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMTAyMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmJiZDUxOTFiYjUxNmU4MTEyMGY5ODlmMDFkZjNmMDRkN2RhODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzorBjOxTMPnsGCxNSVYWkFkvzdlq
qV6XDskLi2SgB49RaZjme0N+u+ln/UHoBwbnoF0JW1ji1T090X9X07cbr9xWD1tE
2jUFnWMRL6XFheRoqdOAObhdmMFsWuDiIjXOeV5BXUI/HTkoE5VSmx1Uz6UlEOqQ
8jSLfO3zOY5aAwpTJFcfBrIjxapSb6njJL4nuUcZOBjoAi5Wf9KvX9JngUPW+AmB
sbgJLNWSYlDtTrqZLuN5Asnnx1y4noGxiGVWvmp2IZu07PqY/3YT/oP81uSP0Xl8
SonYkL7paSXGLWKO8y4VwS5YetEiPUbQr2Xkb3E42mY9qARKHU9bW2q41wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCu71RkbtRboESD5ifAd8/BNfagVMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvSzd2VkdSdTFGdWdSSVBtSjhCM3o4RTE5cUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEQglgAwQE
qEvgMA0GCSqGSIb3DQEBCwUAA4IBAQBvyJOiC22nHV8qN0T863XMA99hoWu53gT0
G/GNgpfrj32Gcx+VSHFwnGdP1eunOnkVMzvz/gZ3Dy7HPr4Q2NH2FU9U5I019RT7
G4hfkX5CJ0OoCMBRyMgNSeTjqRZphg5y1Z5EEt0/FNRcafMcAz/XhbmWA6nrKFJX
PTc55Jvu2ArqirePtDpL5kzkYYplyvzf3zhT3iZt9ng1RnmZMOFj7u5mI+dqs2xO
9+QypmcmR1uZaT342lXUQbR3W90HAU5eZaz521pRQxTfyTVSmvf3ao5LjnIbXOZV
aVxN/d3AR7gRbVA+1sbNAPEG1/Vq1NxCZTQ/vHbiBVPYhJJ9QodG
-----END CERTIFICATE-----
Generated at Sun May 26 23:29:47 2024 by rpki-client on console-ams.rpki-client.org