Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/tWoJe7_Z7p3CU90SCyB5K0gs6L0.roa
File: tWoJe7_Z7p3CU90SCyB5K0gs6L0.roa (raw, json)
Hash identifier: VLR61oCuFMCpKIep5qLCnQ2saN43gYghVI8qPf/Mtoc=
Subject key identifier: B5:6A:09:7B:BF:D9:EE:9D:C2:53:DD:12:0B:20:79:2B:48:2C:E8:BD
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 018CC3B6E2F00CDE476ED3CA45B88AD6EB1E
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/tWoJe7_Z7p3CU90SCyB5K0gs6L0.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205467
IP address blocks: 81.171.62.0/24 maxlen: 24
81.171.60.0/24 maxlen: 24
81.171.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e2:f0:0c:de:47:6e:d3:ca:45:b8:8a:d6:eb:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b56a097bbfd9ee9dc253dd120b20792b482ce8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5e:7c:39:7f:13:46:c7:ec:4f:75:fa:7d:56:
19:15:20:17:6f:32:8b:e6:98:1c:64:90:30:cd:39:
58:05:05:71:62:7d:50:c0:59:cd:22:ca:22:04:fb:
e1:82:1c:ee:bb:b7:44:93:f5:ce:8e:9f:54:86:90:
cb:b6:da:d9:0c:43:f2:ed:83:66:dd:9a:2b:89:a6:
c3:88:60:d1:92:a5:f7:d2:85:9c:89:d3:77:54:b5:
6f:c8:7e:21:95:74:8a:b9:02:b5:2d:cf:a1:75:bf:
42:71:ad:7c:76:cd:53:97:8a:20:d1:66:f4:5d:39:
82:68:e2:37:6e:8b:77:7c:d7:4a:69:dd:f5:a7:48:
24:2a:11:2c:19:da:76:cc:28:55:3a:b6:aa:d7:5c:
fd:48:8e:bd:8d:7b:04:b8:ea:5e:30:ec:2b:24:8f:
ea:ad:0f:61:48:d5:87:06:78:a0:72:74:6b:b7:bf:
fb:0e:15:2b:1e:52:7a:19:cd:b3:76:59:c8:16:bd:
f0:db:70:c1:62:dc:de:68:4f:3d:44:86:db:b4:42:
62:d8:16:de:27:10:84:e7:17:63:17:99:ae:27:ca:
4c:d1:29:77:3e:0b:1b:f5:a8:15:8d:e6:78:b3:1c:
5d:12:74:45:4a:2f:3f:04:6f:24:ed:40:04:90:d4:
94:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6A:09:7B:BF:D9:EE:9D:C2:53:DD:12:0B:20:79:2B:48:2C:E8:BD
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/tWoJe7_Z7p3CU90SCyB5K0gs6L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.171.60.0/24
81.171.62.0/23
Signature Algorithm: sha256WithRSAEncryption
d1:5a:47:1f:d8:2f:83:b9:b0:45:f8:b2:dd:c2:8f:17:b1:b5:
46:a2:5f:ae:0d:c1:6e:15:fd:9f:02:9f:d8:06:c0:e9:0d:64:
73:b4:1b:56:ab:31:85:25:fa:d0:bf:3c:eb:91:85:b5:a8:66:
09:15:69:32:39:0a:c0:0d:ac:ac:77:88:06:83:b0:ca:59:cb:
04:b1:e8:9d:22:65:bd:7b:94:fc:a4:f9:fe:be:c5:40:b1:ef:
09:cf:38:31:44:99:a5:66:4e:79:49:dc:15:21:fd:65:af:fc:
e5:13:92:78:93:98:46:51:26:f0:16:77:3f:ef:5e:27:c4:e6:
86:e9:22:a3:cd:c0:43:77:3d:1f:88:b4:78:d6:23:c1:6b:d4:
2d:65:7a:e0:56:21:57:9b:f0:6e:98:63:70:2e:5b:6f:7b:f6:
ec:fa:84:6b:06:77:77:fb:54:32:43:26:5c:1c:59:f9:d9:2a:
17:8a:d8:a1:ef:4d:1c:a0:6b:be:41:27:08:e5:2d:4c:f1:a8:
6b:49:42:99:2f:98:7f:b1:f8:17:3c:e9:99:c7:b7:ff:97:e2:
e0:6a:f2:33:59:50:0b:83:bf:67:d9:12:a9:ea:bf:aa:40:85:
d3:89:fe:20:47:73:55:79:87:77:8a:e6:62:d3:ae:b6:75:3d:
4e:1d:bb:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtuLwDN5HbtPKRbiK1useMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZhMDk3YmJmZDllZTlkYzI1M2RkMTIwYjIwNzkyYjQ4MmNlOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl58OX8TRsfsT3X6fVYZFSAXbzKL
5pgcZJAwzTlYBQVxYn1QwFnNIsoiBPvhghzuu7dEk/XOjp9UhpDLttrZDEPy7YNm
3ZoriabDiGDRkqX30oWcidN3VLVvyH4hlXSKuQK1Lc+hdb9Cca18ds1Tl4og0Wb0
XTmCaOI3bot3fNdKad31p0gkKhEsGdp2zChVOraq11z9SI69jXsEuOpeMOwrJI/q
rQ9hSNWHBnigcnRrt7/7DhUrHlJ6Gc2zdlnIFr3w23DBYtzeaE89RIbbtEJi2Bbe
JxCE5xdjF5muJ8pM0Sl3Pgsb9agVjeZ4sxxdEnRFSi8/BG8k7UAEkNSUoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVqCXu/2e6dwlPdEgsgeStILOi9MB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvdFdvSmU3X1o3cDNDVTkwU0N5QjVLMGdzNkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUas8AwQB
Uas+MA0GCSqGSIb3DQEBCwUAA4IBAQDRWkcf2C+DubBF+LLdwo8XsbVGol+uDcFu
Ff2fAp/YBsDpDWRztBtWqzGFJfrQvzzrkYW1qGYJFWkyOQrADaysd4gGg7DKWcsE
seidImW9e5T8pPn+vsVAse8JzzgxRJmlZk55SdwVIf1lr/zlE5J4k5hGUSbwFnc/
714nxOaG6SKjzcBDdz0fiLR41iPBa9QtZXrgViFXm/BumGNwLltve/bs+oRrBnd3
+1QyQyZcHFn52SoXitih700coGu+QScI5S1M8ahrSUKZL5h/sfgXPOmZx7f/l+Lg
avIzWVALg79n2RKp6r+qQIXTif4gR3NVeYd3iuZi0662dT1OHbuL
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:03:51 2024 by rpki-client on console-ams.rpki-client.org