Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/9sAv9OGK9wdQgqsVnlufXrhITqw.roa
File: 9sAv9OGK9wdQgqsVnlufXrhITqw.roa (raw, json)
Hash identifier: IV2QUyayOPkb3Phf7+AlCMtwDHAwXj+ySgmxmVgI2p4=
Subject key identifier: F6:C0:2F:F4:E1:8A:F7:07:50:82:AB:15:9E:5B:9F:5E:B8:48:4E:AC
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018CC3B6B495098F5D05C00AB04AEB454A28
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/9sAv9OGK9wdQgqsVnlufXrhITqw.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208153
IP address blocks: 147.181.62.0/23 maxlen: 24
2a04:9a00:1110::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b4:95:09:8f:5d:05:c0:0a:b0:4a:eb:45:4a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6c02ff4e18af7075082ab159e5b9f5eb8484eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ee:81:74:48:4c:7d:ba:c5:72:3c:e1:97:83:
43:24:5a:22:1f:70:23:12:e1:19:21:3f:b2:4f:ae:
b2:98:8e:00:44:07:ff:be:f2:32:0d:74:ca:f7:69:
1c:82:55:d4:ad:2f:1a:0b:54:cf:b9:8d:fe:bd:fe:
a8:f3:2a:00:35:e9:18:42:6f:77:d4:ea:0a:75:59:
7a:3b:4b:c6:8b:34:f2:7f:2c:aa:0c:aa:c2:50:53:
31:80:f2:8c:11:47:8f:72:2d:7e:5f:f0:16:f3:63:
9a:4c:f0:0b:bc:f5:f9:48:c9:16:04:6a:23:26:19:
97:a6:76:cd:80:f3:8b:2c:a3:bc:5d:d9:b9:b7:af:
ee:e8:e2:40:89:9a:a9:e2:7e:14:cc:b0:75:70:a9:
cc:23:ad:98:bf:1d:4e:ec:40:ab:ff:f3:d9:62:2f:
68:24:be:59:6f:61:54:1a:28:33:cd:3d:06:b6:f2:
1c:33:e1:d1:3f:95:03:d3:83:3e:d2:aa:20:c5:d1:
7b:0a:38:7f:b4:da:a7:a7:1c:02:01:e7:48:69:44:
26:49:e6:f0:66:f9:78:d4:e9:26:11:37:5e:06:6a:
49:d7:b6:fa:c7:eb:34:d4:68:79:d6:37:be:57:9f:
d0:68:79:30:4a:1b:78:02:ba:e1:51:1a:11:ec:d5:
cd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C0:2F:F4:E1:8A:F7:07:50:82:AB:15:9E:5B:9F:5E:B8:48:4E:AC
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/9sAv9OGK9wdQgqsVnlufXrhITqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.62.0/23
IPv6:
2a04:9a00:1110::/46
Signature Algorithm: sha256WithRSAEncryption
a9:ad:c5:6d:5e:f9:ca:54:55:a4:3c:f1:f3:da:5d:c1:52:c7:
d1:9c:53:84:6d:5e:05:4a:ec:f3:ca:eb:05:fe:a0:04:84:40:
77:f5:72:72:7d:f0:eb:4e:3d:39:3f:3b:1f:eb:92:2b:fc:fa:
84:0e:d1:df:4e:8e:6b:1a:3d:07:14:4d:42:8f:d9:09:89:17:
c8:f9:5e:80:a4:0c:1a:f4:5d:20:86:7b:08:af:11:b5:a9:7c:
57:4e:f1:71:ac:32:48:3c:19:f6:ef:b1:f0:50:f8:3b:9d:26:
c2:7c:b3:fc:38:81:9d:b9:c6:51:7b:4a:cd:53:c8:3d:14:01:
92:1b:9d:03:e7:46:bb:26:f5:86:b2:61:a7:fc:d4:aa:ff:11:
33:9a:a7:6e:29:a8:75:37:ea:66:70:b7:ca:21:8d:b8:1d:11:
fc:84:11:53:a1:23:7f:bb:45:76:74:48:4c:35:40:35:c6:e2:
89:e9:ea:53:c9:94:41:2a:2e:d2:a4:48:f0:1e:9e:d8:83:a0:
f1:02:ce:ff:f8:1e:38:29:f0:f1:4a:37:95:e6:46:06:ff:ce:
e2:d3:2c:ba:9b:70:11:fc:e8:fa:0d:05:23:19:9e:1f:49:1d:
5c:a1:e3:d2:18:79:26:cf:52:b0:22:3a:7f:f6:22:c1:09:36:
50:58:93:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtrSVCY9dBcAKsErrRUooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMwMmZmNGUxOGFmNzA3NTA4MmFiMTU5ZTViOWY1ZWI4NDg0ZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+6BdEhMfbrFcjzhl4NDJFoiH3Aj
EuEZIT+yT66ymI4ARAf/vvIyDXTK92kcglXUrS8aC1TPuY3+vf6o8yoANekYQm93
1OoKdVl6O0vGizTyfyyqDKrCUFMxgPKMEUePci1+X/AW82OaTPALvPX5SMkWBGoj
JhmXpnbNgPOLLKO8Xdm5t6/u6OJAiZqp4n4UzLB1cKnMI62Yvx1O7ECr//PZYi9o
JL5Zb2FUGigzzT0GtvIcM+HRP5UD04M+0qogxdF7Cjh/tNqnpxwCAedIaUQmSebw
Zvl41OkmETdeBmpJ17b6x+s01Gh51je+V5/QaHkwSht4ArrhURoR7NXNswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPbAL/ThivcHUIKrFZ5bn164SE6sMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvOXNBdjlPR0s5d2RRZ3FzVm5sdWZYcmhJVHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBk7U+MA8E
AgACMAkDBwIqBJoAERAwDQYJKoZIhvcNAQELBQADggEBAKmtxW1e+cpUVaQ88fPa
XcFSx9GcU4RtXgVK7PPK6wX+oASEQHf1cnJ98OtOPTk/Ox/rkiv8+oQO0d9Ojmsa
PQcUTUKP2QmJF8j5XoCkDBr0XSCGewivEbWpfFdO8XGsMkg8GfbvsfBQ+DudJsJ8
s/w4gZ25xlF7Ss1TyD0UAZIbnQPnRrsm9YayYaf81Kr/ETOap24pqHU36mZwt8oh
jbgdEfyEEVOhI3+7RXZ0SEw1QDXG4onp6lPJlEEqLtKkSPAentiDoPECzv/4Hjgp
8PFKN5XmRgb/zuLTLLqbcBH86PoNBSMZnh9JHVyh49IYeSbPUrAiOn/2IsEJNlBY
kx8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:45 2024 by rpki-client on console-ams.rpki-client.org