Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/9z8yesdQDaakV7eFodyeaXffF2U.roa
File: 9z8yesdQDaakV7eFodyeaXffF2U.roa (raw, json)
Hash identifier: 2Oqz1mNeSW6Jl2J+rZ/uMCdFBLQAWqmMztTp2zOYrU4=
Subject key identifier: F7:3F:32:7A:C7:50:0D:A6:A4:57:B7:85:A1:DC:9E:69:77:DF:17:65
Certificate issuer: /CN=9256db3487b4c5bacb300177057cf3174cf77477
Certificate serial: 018CC8DED2E0ACCE2EF00A31F38F08DB7278
Authority key identifier: 92:56:DB:34:87:B4:C5:BA:CB:30:01:77:05:7C:F3:17:4C:F7:74:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/9z8yesdQDaakV7eFodyeaXffF2U.roa
Signing time: Tue 02 Jan 2024 06:31:35 +0000
ROA not before: Tue 02 Jan 2024 06:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51263
IP address blocks: 62.56.176.0/20 maxlen: 20
168.86.192.0/19 maxlen: 19
178.251.178.0/24 maxlen: 24
178.251.177.0/24 maxlen: 24
178.251.176.0/24 maxlen: 24
178.251.176.0/21 maxlen: 21
178.251.179.0/24 maxlen: 24
178.251.183.0/24 maxlen: 24
178.251.182.0/24 maxlen: 24
178.251.181.0/24 maxlen: 24
178.251.180.0/24 maxlen: 24
185.25.56.0/22 maxlen: 22
213.244.200.0/21 maxlen: 21
2a03:e240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d2:e0:ac:ce:2e:f0:0a:31:f3:8f:08:db:72:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256db3487b4c5bacb300177057cf3174cf77477
Validity
Not Before: Jan 2 06:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f73f327ac7500da6a457b785a1dc9e6977df1765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:16:32:d1:02:ee:9b:97:ff:ee:7f:73:e1:6b:
c7:dc:fc:9d:24:14:77:e4:64:66:c0:28:bb:1a:4f:
18:7d:04:9b:3c:73:f7:5c:29:64:cb:3d:02:ee:1b:
83:19:cd:f2:d5:90:27:6c:ff:37:a2:2b:c4:87:b6:
bf:81:f8:a5:3b:cb:2e:7e:9b:0f:ed:a9:0c:ca:e5:
8f:1e:44:87:a6:75:b8:30:30:0e:51:8f:de:bf:3c:
97:68:e0:82:64:7d:15:f7:c6:b3:75:36:78:60:e6:
b8:64:24:4a:5d:48:68:b0:d4:e3:18:a4:aa:b4:84:
85:b4:67:6c:33:ff:ff:91:13:d9:c3:c4:ec:01:3b:
87:ca:32:96:bc:1c:f6:39:4a:91:40:6e:7e:07:a1:
35:22:32:35:1c:f7:9d:1f:e7:49:d1:aa:13:ac:f7:
93:16:2d:2e:a5:ee:fa:08:75:20:ef:bc:b4:1b:4f:
21:31:03:2e:f3:62:a3:df:3a:49:26:2d:b6:93:08:
cb:fe:e3:83:1f:70:f4:f8:61:69:61:f9:b9:70:6c:
bf:e4:a1:0a:bb:22:3c:c8:18:dd:a6:c8:5f:7b:d6:
f4:98:85:4f:2a:a1:ee:61:a2:cc:c4:09:7b:06:a6:
56:19:80:4f:40:12:04:fb:22:f8:56:5d:02:5c:18:
f4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3F:32:7A:C7:50:0D:A6:A4:57:B7:85:A1:DC:9E:69:77:DF:17:65
X509v3 Authority Key Identifier:
keyid:92:56:DB:34:87:B4:C5:BA:CB:30:01:77:05:7C:F3:17:4C:F7:74:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/9z8yesdQDaakV7eFodyeaXffF2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.56.176.0/20
168.86.192.0/19
178.251.176.0/21
185.25.56.0/22
213.244.200.0/21
IPv6:
2a03:e240::/32
Signature Algorithm: sha256WithRSAEncryption
65:57:ee:56:28:be:30:bd:11:6e:05:21:9e:9b:24:10:2e:f3:
61:93:6b:f8:28:1f:96:fa:1a:ab:b4:eb:2e:62:c6:f8:7a:5b:
d0:35:51:2c:11:f4:e2:35:d3:73:cc:f1:38:79:d2:fe:2f:bf:
94:c8:bd:97:a9:0d:c7:8b:dd:12:54:ad:88:22:a3:f8:39:a8:
0a:82:36:5a:32:59:b0:6c:f4:59:32:7b:22:f5:0b:89:51:75:
63:fc:56:aa:71:b2:53:da:1a:16:69:e3:24:67:88:3d:ec:ee:
71:d3:2c:fd:41:62:a0:ce:b9:6f:11:ac:c5:c6:cf:40:07:ea:
d9:e6:be:93:b8:e2:b3:7e:ca:0d:05:ca:a5:7a:9c:a1:8e:34:
17:58:79:4a:27:9a:77:7a:a0:17:0e:22:b1:0d:6b:2f:ef:47:
dd:de:ee:1e:8d:59:74:50:5b:93:cd:fb:2d:7f:e3:f4:d6:b8:
fa:12:9b:dc:96:3f:bb:1a:1a:de:94:7c:de:c9:07:e8:78:d8:
93:ab:c8:22:0e:5c:b4:0f:45:94:cc:cd:c5:5c:24:cb:04:bb:
60:ff:c9:68:f3:07:44:72:92:ba:26:1f:49:8b:fc:f7:eb:33:
2a:1f:73:80:1d:9e:1e:32:a9:13:81:b9:b1:96:a7:c9:00:18:
82:13:d3:71
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzI3tLgrM4u8Aox848I23J4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTZkYjM0ODdiNGM1YmFjYjMwMDE3NzA1N2NmMzE3NGNm
Nzc0NzcwHhcNMjQwMTAyMDYzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNmMzI3YWM3NTAwZGE2YTQ1N2I3ODVhMWRjOWU2OTc3ZGYxNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxYy0QLum5f/7n9z4WvH3PydJBR3
5GRmwCi7Gk8YfQSbPHP3XClkyz0C7huDGc3y1ZAnbP83oivEh7a/gfilO8sufpsP
7akMyuWPHkSHpnW4MDAOUY/evzyXaOCCZH0V98azdTZ4YOa4ZCRKXUhosNTjGKSq
tISFtGdsM///kRPZw8TsATuHyjKWvBz2OUqRQG5+B6E1IjI1HPedH+dJ0aoTrPeT
Fi0upe76CHUg77y0G08hMQMu82Kj3zpJJi22kwjL/uODH3D0+GFpYfm5cGy/5KEK
uyI8yBjdpshfe9b0mIVPKqHuYaLMxAl7BqZWGYBPQBIE+yL4Vl0CXBj0vwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPc/MnrHUA2mpFe3haHcnml33xdlMB8GA1UdIwQY
MBaAFJJW2zSHtMW6yzABdwV88xdM93R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xiYk5JZTB4YnJMTUFGM0JYenpGMHozZEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83YjQ1YjktOTkwYi00NjE0LWE2NGUt
MGY1MmVhNTIyOWZjLzEvOXo4eWVzZFFEYWFrVjdlRm9keWVhWGZmRjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83YjQ1YjktOTkwYi00NjE0LWE2NGUtMGY1MmVhNTIyOWZj
LzEva2xiYk5JZTB4YnJMTUFGM0JYenpGMHozZEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEPjiwAwQF
qFbAAwQDsvuwAwQCuRk4AwQD1fTIMA0EAgACMAcDBQAqA+JAMA0GCSqGSIb3DQEB
CwUAA4IBAQBlV+5WKL4wvRFuBSGemyQQLvNhk2v4KB+W+hqrtOsuYsb4elvQNVEs
EfTiNdNzzPE4edL+L7+UyL2XqQ3Hi90SVK2IIqP4OagKgjZaMlmwbPRZMnsi9QuJ
UXVj/FaqcbJT2hoWaeMkZ4g97O5x0yz9QWKgzrlvEazFxs9AB+rZ5r6TuOKzfsoN
BcqlepyhjjQXWHlKJ5p3eqAXDiKxDWsv70fd3u4ejVl0UFuTzfstf+P01rj6Epvc
lj+7GhrelHzeyQfoeNiTq8giDly0D0WUzM3FXCTLBLtg/8lo8wdEcpK6Jh9Ji/z3
6zMqH3OAHZ4eMqkTgbmxlqfJABiCE9Nx
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:28:07 2024 by rpki-client on console-ams.rpki-client.org