Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/u6XvP21PnOQe9uibNpyplKyit6g.roa
File: u6XvP21PnOQe9uibNpyplKyit6g.roa (raw, json)
Hash identifier: F4FCoejTQtD1/4x/b8MMc7B2Jsua+dr2f3rc75HHa5A=
Subject key identifier: BB:A5:EF:3F:6D:4F:9C:E4:1E:F6:E8:9B:36:9C:A9:94:AC:A2:B7:A8
Certificate issuer: /CN=073cc18fc706df5a9933b0be20dccb04675bf474
Certificate serial: 018CC2DAB88BFC4C5B44513DC28434BD7FE9
Authority key identifier: 07:3C:C1:8F:C7:06:DF:5A:99:33:B0:BE:20:DC:CB:04:67:5B:F4:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzzBj8cG31qZM7C-INzLBGdb9HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/u6XvP21PnOQe9uibNpyplKyit6g.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29686
IP address blocks: 195.43.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/BzzBj8cG31qZM7C-INzLBGdb9HQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/BzzBj8cG31qZM7C-INzLBGdb9HQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/BzzBj8cG31qZM7C-INzLBGdb9HQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b8:8b:fc:4c:5b:44:51:3d:c2:84:34:bd:7f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073cc18fc706df5a9933b0be20dccb04675bf474
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bba5ef3f6d4f9ce41ef6e89b369ca994aca2b7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:61:e6:1f:84:03:c5:15:ed:a0:45:24:15:
a5:b0:a2:ee:c4:4c:f2:f8:14:99:3e:95:ab:3f:83:
fd:5a:1c:cb:47:9d:a9:be:29:db:67:f8:ef:7b:e5:
e5:80:b5:e6:94:86:50:aa:b6:f6:f5:6b:6a:e9:2a:
6d:06:e0:01:20:5d:c2:89:f2:35:d8:ac:5e:6b:48:
cf:29:c1:ef:f5:f9:0c:07:35:b7:d6:3b:51:6b:09:
f7:fb:d0:bb:51:f2:b8:b5:fa:ec:0b:c5:00:f9:f0:
1f:f0:ad:ee:c2:f4:54:48:64:30:e1:49:7e:ea:62:
85:f6:bc:ad:fd:9c:08:4a:d9:80:71:cf:03:44:fd:
83:4e:a0:b3:6a:49:f3:cc:5e:9a:1c:10:8c:6a:c4:
2e:6c:25:0e:58:88:3e:93:bf:4d:83:e7:38:20:99:
a2:ba:e6:64:6a:f8:ce:6a:4d:32:4f:e8:ea:68:93:
3e:22:16:98:1b:04:28:80:8c:14:00:ac:bf:e3:1f:
4b:28:03:5f:86:d8:b1:98:c2:95:7d:48:ae:b1:4d:
24:29:f8:92:0d:41:eb:10:ec:cb:83:80:19:5b:d6:
b4:73:b7:87:9b:16:fb:56:c6:c3:60:90:d7:b8:14:
87:b3:68:95:63:3c:5e:c8:d6:45:18:26:c9:e4:10:
fa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A5:EF:3F:6D:4F:9C:E4:1E:F6:E8:9B:36:9C:A9:94:AC:A2:B7:A8
X509v3 Authority Key Identifier:
keyid:07:3C:C1:8F:C7:06:DF:5A:99:33:B0:BE:20:DC:CB:04:67:5B:F4:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzzBj8cG31qZM7C-INzLBGdb9HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/u6XvP21PnOQe9uibNpyplKyit6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/BzzBj8cG31qZM7C-INzLBGdb9HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.141.0/24
Signature Algorithm: sha256WithRSAEncryption
76:7d:bf:fb:a1:8d:75:c7:26:d6:1d:9d:06:e1:47:6f:51:5e:
72:b9:b6:1e:2b:ee:bb:aa:27:1c:28:58:40:d9:23:4d:c5:9e:
cc:68:f8:94:29:9e:ee:cf:d5:18:87:cd:a3:5d:dc:87:b2:98:
12:ab:70:d4:d1:82:11:62:d0:7b:34:b6:13:1e:d2:4f:85:4f:
f2:be:fb:e0:e2:d7:dd:35:66:c4:49:57:ae:22:60:5d:6d:df:
bd:8a:15:56:28:7d:a6:cc:b8:72:95:aa:bd:df:cb:04:36:45:
ca:55:37:b5:9e:50:63:bf:cd:e6:e8:3a:65:89:ea:8d:8e:00:
c3:66:18:e1:18:54:bc:1f:da:0d:8a:57:e4:62:f0:2e:db:21:
94:42:6b:df:82:ad:b5:bf:1a:4f:c7:a0:15:85:19:7b:69:ba:
c1:13:2f:e6:d8:bb:f5:16:f2:1d:03:12:07:92:92:aa:6e:78:
a4:40:0d:39:e6:fb:8a:e7:c5:a1:7d:92:d4:56:e0:7c:7f:33:
7f:79:76:2a:98:ae:40:cd:62:06:30:7f:ac:40:d3:58:9e:f4:
0b:fa:80:94:69:00:b2:16:9c:09:1a:f3:7a:cf:e7:34:dd:f4:
91:c6:01:81:fe:a1:8f:8f:9f:a8:f8:4e:75:4e:02:b7:bb:71:
3e:43:c8:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2riL/ExbRFE9woQ0vX/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2NjMThmYzcwNmRmNWE5OTMzYjBiZTIwZGNjYjA0Njc1
YmY0NzQwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmE1ZWYzZjZkNGY5Y2U0MWVmNmU4OWIzNjljYTk5NGFjYTJiN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK1h5h+EA8UV7aBFJBWlsKLuxEzy
+BSZPpWrP4P9WhzLR52pvinbZ/jve+XlgLXmlIZQqrb29Wtq6SptBuABIF3CifI1
2Kxea0jPKcHv9fkMBzW31jtRawn3+9C7UfK4tfrsC8UA+fAf8K3uwvRUSGQw4Ul+
6mKF9ryt/ZwIStmAcc8DRP2DTqCzaknzzF6aHBCMasQubCUOWIg+k79Ng+c4IJmi
uuZkavjOak0yT+jqaJM+IhaYGwQogIwUAKy/4x9LKANfhtixmMKVfUiusU0kKfiS
DUHrEOzLg4AZW9a0c7eHmxb7VsbDYJDXuBSHs2iVYzxeyNZFGCbJ5BD6PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLul7z9tT5zkHvbomzacqZSsoreoMB8GA1UdIwQY
MBaAFAc8wY/HBt9amTOwviDcywRnW/R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp6Qmo4Y0czMXFaTTdDLUlOekxCR2RiOUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80MzNjNDctYmYzZS00NzI4LThiOTMt
YjA3MGVjMzRkNGMxLzEvdTZYdlAyMVBuT1FlOXVpYk5weXBsS3lpdDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80MzNjNDctYmYzZS00NzI4LThiOTMtYjA3MGVjMzRkNGMx
LzEvQnp6Qmo4Y0czMXFaTTdDLUlOekxCR2RiOUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuNMA0G
CSqGSIb3DQEBCwUAA4IBAQB2fb/7oY11xybWHZ0G4UdvUV5yubYeK+67qiccKFhA
2SNNxZ7MaPiUKZ7uz9UYh82jXdyHspgSq3DU0YIRYtB7NLYTHtJPhU/yvvvg4tfd
NWbESVeuImBdbd+9ihVWKH2mzLhylaq938sENkXKVTe1nlBjv83m6DplieqNjgDD
ZhjhGFS8H9oNilfkYvAu2yGUQmvfgq21vxpPx6AVhRl7abrBEy/m2Lv1FvIdAxIH
kpKqbnikQA055vuK58WhfZLUVuB8fzN/eXYqmK5AzWIGMH+sQNNYnvQL+oCUaQCy
FpwJGvN6z+c03fSRxgGB/qGPj5+o+E51TgK3u3E+Q8if
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:25 2024 by rpki-client on console-ams.rpki-client.org