Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/v9jUvXCc6z64bwiQ1DLhE0I8fDU.roa
File: v9jUvXCc6z64bwiQ1DLhE0I8fDU.roa (raw, json)
Hash identifier: tWy/H20VGAZgBF5GQVdK9hzbP9MHoN6e7FQrhgB2tCU=
Subject key identifier: BF:D8:D4:BD:70:9C:EB:3E:B8:6F:08:90:D4:32:E1:13:42:3C:7C:35
Certificate issuer: /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial: 018CC3B70731A7D19AE9834A9D070359920B
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/v9jUvXCc6z64bwiQ1DLhE0I8fDU.roa
Signing time: Mon 01 Jan 2024 06:30:00 +0000
ROA not before: Mon 01 Jan 2024 06:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 176.122.211.0/24 maxlen: 24
176.122.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:07:31:a7:d1:9a:e9:83:4a:9d:07:03:59:92:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Validity
Not Before: Jan 1 06:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfd8d4bd709ceb3eb86f0890d432e113423c7c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:25:3f:0e:c2:cb:ef:88:f8:c9:dd:e9:08:b6:
a9:71:f9:cb:39:2d:3a:c6:46:39:85:a0:a8:d7:3e:
f9:26:58:1f:90:73:38:a6:10:c4:5d:a9:2a:4d:d5:
b0:7d:f0:23:48:1f:1e:7b:49:91:04:b7:d9:da:1d:
da:1b:18:9f:6e:2b:50:20:03:58:6e:3d:4a:96:4f:
7a:9b:e0:d5:49:21:4b:8b:e3:8b:e1:48:97:f4:92:
be:d1:c0:c4:82:65:26:95:e3:c9:85:3b:24:0a:84:
71:57:12:c6:2f:c0:0a:48:be:68:15:70:64:61:2e:
15:cd:15:79:4d:79:5d:eb:3a:cd:ad:c4:da:e1:97:
7c:57:38:52:32:44:ca:fb:ce:36:ba:a8:38:67:60:
f4:53:f4:23:40:f8:ea:ae:bb:4d:ca:70:2c:15:1e:
bd:f1:cd:cd:c0:df:bf:2c:93:7a:c5:3c:29:52:58:
2d:7f:02:71:2b:8d:9f:fa:f4:0a:17:1e:b9:ec:f8:
65:55:df:ed:48:53:df:16:e9:c1:91:11:54:17:27:
cd:8d:d6:38:b6:4a:65:ee:8b:87:92:58:82:ef:83:
d6:68:8a:21:5b:1e:db:ce:41:54:36:7d:4a:07:15:
0f:5e:26:6c:c2:ed:53:10:cb:60:49:d4:e7:f8:e7:
02:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D8:D4:BD:70:9C:EB:3E:B8:6F:08:90:D4:32:E1:13:42:3C:7C:35
X509v3 Authority Key Identifier:
keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/v9jUvXCc6z64bwiQ1DLhE0I8fDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.210.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:a9:43:ea:a0:bc:98:a1:26:80:44:25:91:c7:9a:e4:4c:da:
17:6e:7e:27:55:07:95:ca:a0:62:31:44:fc:12:e7:4a:7b:a0:
c2:72:91:1f:cc:dc:4a:60:c5:d6:dc:c9:58:36:c1:a3:10:41:
d9:10:5c:57:d4:ad:c6:f5:37:a3:37:28:a5:f7:73:25:19:be:
61:9a:b7:fb:d0:fc:d5:db:6b:4a:f5:7c:d0:c0:35:3d:a6:9d:
44:36:8f:9d:f5:b6:32:5b:7f:7a:5a:13:e9:c9:8d:39:b4:2e:
1c:e1:d1:15:80:90:f7:74:48:b1:43:5a:e6:a2:6d:3f:66:a7:
2c:36:97:80:47:ec:6b:60:e4:00:52:05:e1:19:c3:5c:dd:d6:
57:be:d6:08:58:af:39:95:8e:7a:dc:39:8c:fd:fd:07:16:ae:
9a:e3:cb:4a:22:33:89:d2:1a:df:d6:b4:a8:7b:44:79:15:00:
32:af:f9:40:7d:09:7e:14:1c:a9:5b:17:df:a0:be:7c:e9:a3:
41:0a:c2:72:7f:84:bc:22:84:fb:f7:a7:a2:f3:2f:10:07:b5:
93:0c:ec:7e:25:c8:b6:03:41:24:06:93:71:c4:6d:50:99:87:
c8:cb:fc:36:12:78:88:f7:73:36:49:a2:5c:32:d2:04:fa:ba:
80:73:1a:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtwcxp9Ga6YNKnQcDWZILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2
Zjg4MzIwHhcNMjQwMTAxMDYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQ4ZDRiZDcwOWNlYjNlYjg2ZjA4OTBkNDMyZTExMzQyM2M3YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyU/DsLL74j4yd3pCLapcfnLOS06
xkY5haCo1z75JlgfkHM4phDEXakqTdWwffAjSB8ee0mRBLfZ2h3aGxifbitQIANY
bj1Klk96m+DVSSFLi+OL4UiX9JK+0cDEgmUmlePJhTskCoRxVxLGL8AKSL5oFXBk
YS4VzRV5TXld6zrNrcTa4Zd8VzhSMkTK+842uqg4Z2D0U/QjQPjqrrtNynAsFR69
8c3NwN+/LJN6xTwpUlgtfwJxK42f+vQKFx657PhlVd/tSFPfFunBkRFUFyfNjdY4
tkpl7ouHkliC74PWaIohWx7bzkFUNn1KBxUPXiZswu1TEMtgSdTn+OcC5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/Y1L1wnOs+uG8IkNQy4RNCPHw1MB8GA1UdIwQY
MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt
Y2I5ZTFlZDc3OWFjLzEvdjlqVXZYQ2M2ejY0YndpUTFETGhFMEk4ZkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj
LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G
CSqGSIb3DQEBCwUAA4IBAQBtqUPqoLyYoSaARCWRx5rkTNoXbn4nVQeVyqBiMUT8
EudKe6DCcpEfzNxKYMXW3MlYNsGjEEHZEFxX1K3G9TejNyil93MlGb5hmrf70PzV
22tK9XzQwDU9pp1ENo+d9bYyW396WhPpyY05tC4c4dEVgJD3dEixQ1rmom0/Zqcs
NpeAR+xrYOQAUgXhGcNc3dZXvtYIWK85lY563DmM/f0HFq6a48tKIjOJ0hrf1rSo
e0R5FQAyr/lAfQl+FBypWxffoL586aNBCsJyf4S8IoT796ei8y8QB7WTDOx+Jci2
A0EkBpNxxG1QmYfIy/w2EniI93M2SaJcMtIE+rqAcxrP
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:15:10 2024 by rpki-client on console-ams.rpki-client.org