Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/t_B_ZIIj3xsBbs-h-d6F9BueiA8.roa
File: t_B_ZIIj3xsBbs-h-d6F9BueiA8.roa (raw, json)
Hash identifier: so4iW6qxFxX1sfnyzYBYSlz0plUvecnBqz1Kz3uVfhA=
Subject key identifier: B7:F0:7F:64:82:23:DF:1B:01:6E:CF:A1:F9:DE:85:F4:1B:9E:88:0F
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018DC624DA5AF71E233D524D28A8E8A21889
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/t_B_ZIIj3xsBbs-h-d6F9BueiA8.roa
Signing time: Tue 20 Feb 2024 10:52:00 +0000
ROA not before: Tue 20 Feb 2024 10:52:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212669
IP address blocks: 2.58.232.0/22 maxlen: 22
178.239.30.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:24:da:5a:f7:1e:23:3d:52:4d:28:a8:e8:a2:18:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Feb 20 10:52:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7f07f648223df1b016ecfa1f9de85f41b9e880f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:00:5c:8b:aa:8a:4b:26:41:0c:cf:66:b5:61:
73:47:6a:b4:70:70:b3:cc:00:55:b7:fc:9d:9b:59:
e3:4f:4e:97:d4:9e:cf:79:8b:a4:67:8e:a5:0a:ea:
8b:e8:0a:ca:ea:20:d5:2e:69:b5:d7:fa:e6:de:19:
91:bf:89:7a:5e:d9:c1:22:ee:46:6e:56:ae:bc:4f:
ef:cf:2c:ca:03:55:25:ce:c9:c2:42:7e:04:ac:b8:
f6:8d:e3:2d:de:56:4f:89:3b:ce:af:6d:59:76:62:
7f:5a:b7:bd:aa:f6:0f:97:57:09:7b:93:d3:88:8e:
e8:ca:e1:6a:9f:ce:9e:8a:1e:99:ee:f1:9b:48:9f:
b3:61:d5:d4:0e:94:c6:11:0c:93:01:15:1d:86:93:
8b:45:bb:be:3b:3c:0e:e0:3e:a0:52:3f:60:ee:28:
c4:dd:01:b5:88:fa:f3:0f:64:30:5e:77:bb:d2:7f:
2c:d4:da:24:72:cc:32:32:16:45:71:d3:14:2f:6c:
c2:f4:8f:a1:4f:9d:21:73:af:df:2a:55:0a:f8:26:
93:30:9e:ec:31:2c:f7:ca:0f:95:ab:2b:48:cd:04:
85:39:4e:fd:cd:52:01:79:a9:3a:ae:f1:97:d8:a1:
a0:9c:8e:b8:da:52:8d:9b:74:50:bc:1e:8a:9a:2f:
f7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F0:7F:64:82:23:DF:1B:01:6E:CF:A1:F9:DE:85:F4:1B:9E:88:0F
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/t_B_ZIIj3xsBbs-h-d6F9BueiA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.232.0/22
178.239.30.0/23
Signature Algorithm: sha256WithRSAEncryption
03:1e:e9:e7:dd:74:47:f2:14:57:10:29:68:52:b3:f6:51:71:
4d:33:2b:bc:ae:d5:2f:d7:99:54:0d:aa:8d:bc:3f:c4:d2:a5:
6e:ab:15:7f:e6:52:15:ab:68:54:fc:b4:a6:36:05:25:2c:f9:
c5:b7:86:2c:ab:eb:c8:1a:95:17:94:67:d7:65:2f:9e:d8:52:
88:6c:c2:ee:a9:58:ad:98:d2:80:9e:db:ac:6d:5d:b0:13:a8:
5b:86:6d:2d:7b:38:ab:52:dc:f1:c0:92:09:5c:eb:a1:e6:0d:
69:ba:f3:8a:10:c2:b6:47:84:a0:de:e3:2d:b6:de:b1:11:15:
eb:1f:b2:5f:25:1a:03:03:84:62:07:91:cf:e6:07:25:40:c4:
da:72:6a:49:01:d0:b3:b6:6d:8f:55:68:5f:db:ea:23:46:5d:
7c:95:3e:6e:59:d4:cb:7b:82:2b:30:8c:2b:f8:b8:d7:90:f3:
b2:a1:d6:79:e9:bb:d4:e4:f9:52:27:95:18:27:84:f5:26:d9:
22:58:4d:fa:60:03:3c:23:07:0b:b2:aa:d8:5e:71:29:36:df:
af:0d:27:c4:00:57:67:d8:fc:f7:22:e9:50:71:c6:73:54:4e:
51:c2:42:07:66:95:06:b5:98:eb:14:97:39:59:2a:11:a4:35:
e9:15:fd:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3GJNpa9x4jPVJNKKjoohiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMjIwMTA1MjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YwN2Y2NDgyMjNkZjFiMDE2ZWNmYTFmOWRlODVmNDFiOWU4ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgBci6qKSyZBDM9mtWFzR2q0cHCz
zABVt/ydm1njT06X1J7PeYukZ46lCuqL6ArK6iDVLmm11/rm3hmRv4l6XtnBIu5G
blauvE/vzyzKA1UlzsnCQn4ErLj2jeMt3lZPiTvOr21ZdmJ/Wre9qvYPl1cJe5PT
iI7oyuFqn86eih6Z7vGbSJ+zYdXUDpTGEQyTARUdhpOLRbu+OzwO4D6gUj9g7ijE
3QG1iPrzD2QwXne70n8s1NokcswyMhZFcdMUL2zC9I+hT50hc6/fKlUK+CaTMJ7s
MSz3yg+VqytIzQSFOU79zVIBeak6rvGX2KGgnI642lKNm3RQvB6Kmi/36wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfwf2SCI98bAW7PofnehfQbnogPMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvdF9CX1pJSWozeHNCYnMtaC1kNkY5QnVlaUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjroAwQB
su8eMA0GCSqGSIb3DQEBCwUAA4IBAQADHunn3XRH8hRXECloUrP2UXFNMyu8rtUv
15lUDaqNvD/E0qVuqxV/5lIVq2hU/LSmNgUlLPnFt4Ysq+vIGpUXlGfXZS+e2FKI
bMLuqVitmNKAntusbV2wE6hbhm0tezirUtzxwJIJXOuh5g1puvOKEMK2R4Sg3uMt
tt6xERXrH7JfJRoDA4RiB5HP5gclQMTacmpJAdCztm2PVWhf2+ojRl18lT5uWdTL
e4IrMIwr+LjXkPOyodZ56bvU5PlSJ5UYJ4T1JtkiWE36YAM8IwcLsqrYXnEpNt+v
DSfEAFdn2Pz3IulQccZzVE5RwkIHZpUGtZjrFJc5WSoRpDXpFf0G
-----END CERTIFICATE-----
Generated at Thu May 23 00:51:58 2024 by rpki-client on console-ams.rpki-client.org