Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/b-0w7D7ffiZn8SEcHz6G8QdFOgE.roa
File: b-0w7D7ffiZn8SEcHz6G8QdFOgE.roa (raw, json)
Hash identifier: CIBRtXteHrWNZ/bp25/n3esHZfl0i37SVc/16CnqPqo=
Subject key identifier: 6F:ED:30:EC:3E:DF:7E:26:67:F1:21:1C:1F:3E:86:F1:07:45:3A:01
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F06DDC174E12D13B02E8803D25CC
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/b-0w7D7ffiZn8SEcHz6G8QdFOgE.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3323
IP address blocks: 194.177.196.0/24 maxlen: 24
2001:648:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f0:6d:dc:17:4e:12:d1:3b:02:e8:80:3d:25:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fed30ec3edf7e2667f1211c1f3e86f107453a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:9a:35:18:56:d1:2d:51:9f:a7:a9:11:2c:
0f:6a:78:1e:5d:43:1e:a6:5c:20:5b:7f:65:96:52:
21:79:c1:b8:bf:b6:e5:a9:57:29:fe:5e:c9:60:cd:
92:e2:da:8b:3d:8c:5d:48:be:cb:46:8f:d4:16:6c:
c7:ff:a3:f0:f9:15:18:5c:51:0c:12:39:4c:b2:dc:
0a:e5:27:69:cc:4c:42:18:fb:6f:83:ec:55:ac:02:
3e:15:52:ed:8f:89:b8:08:55:2e:cf:89:56:ac:b9:
9e:c7:43:4f:fe:af:76:da:dc:3b:ad:79:6d:f3:73:
6d:03:da:20:17:e8:98:a2:c1:a0:e6:55:94:47:a5:
28:f4:a9:f5:22:3a:14:d2:2d:64:20:80:16:bd:70:
22:74:02:cf:90:ae:c5:d8:66:2a:5e:e6:c3:89:af:
a1:1d:fe:c7:e8:95:5f:da:0a:8d:a9:76:7e:92:70:
04:02:6b:b7:2c:f1:f5:b3:57:eb:08:12:a3:d6:dd:
58:57:4f:cd:6c:24:3b:3b:f2:86:b0:87:1a:fb:ab:
d1:09:b7:ee:41:74:52:e6:2b:cd:5b:3e:5e:28:63:
9f:34:91:2d:d2:fe:f9:94:eb:fb:57:3a:77:60:a9:
4c:2a:02:84:cf:00:16:76:36:e6:56:4c:97:95:31:
c7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:ED:30:EC:3E:DF:7E:26:67:F1:21:1C:1F:3E:86:F1:07:45:3A:01
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/b-0w7D7ffiZn8SEcHz6G8QdFOgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.177.196.0/24
IPv6:
2001:648:2000::/48
Signature Algorithm: sha256WithRSAEncryption
89:1a:33:9e:27:74:6f:a9:84:9f:d6:d6:26:08:06:6e:9d:76:
ae:1e:46:27:2e:c8:81:81:b5:0f:41:31:21:04:bf:4e:4a:05:
95:7c:d3:36:d3:26:6d:ae:af:c5:9f:59:35:f1:bc:b0:9a:95:
9f:5c:78:5f:83:35:ad:26:84:29:20:38:19:81:d6:4d:f7:79:
b5:53:99:9e:56:37:62:9f:68:09:05:26:80:d9:df:3d:37:48:
f6:16:4b:98:7d:27:c2:b9:53:e2:04:6f:29:86:bc:52:19:81:
8c:43:83:0d:51:55:d9:20:94:5c:bc:38:cf:c0:45:1e:cf:ba:
80:a6:f6:e9:a2:e8:c7:4a:d2:97:b0:15:8e:17:55:e4:54:e2:
f2:89:0a:89:13:66:69:08:f7:cd:e7:f6:83:a2:97:d5:ae:fb:
3d:d8:0a:38:45:31:c7:97:2e:76:6f:d5:56:af:e9:ca:ad:15:
d3:dd:3f:53:b8:62:d9:b7:cb:18:1f:e7:aa:a0:9e:06:53:a5:
61:cf:af:20:85:c4:d5:37:a7:55:78:71:15:ca:eb:e3:41:9e:
c4:df:15:a1:8f:d5:73:ad:8f:15:32:5f:f7:ff:e1:67:2a:75:
04:7a:33:7e:9f:eb:6c:3d:96:5f:db:c5:68:30:75:8a:77:6b:
e7:ee:15:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSPBt3BdOEtE7AuiAPSXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVkMzBlYzNlZGY3ZTI2NjdmMTIxMWMxZjNlODZmMTA3NDUzYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIyaNRhW0S1Rn6epESwPangeXUMe
plwgW39lllIhecG4v7blqVcp/l7JYM2S4tqLPYxdSL7LRo/UFmzH/6Pw+RUYXFEM
EjlMstwK5SdpzExCGPtvg+xVrAI+FVLtj4m4CFUuz4lWrLmex0NP/q922tw7rXlt
83NtA9ogF+iYosGg5lWUR6Uo9Kn1IjoU0i1kIIAWvXAidALPkK7F2GYqXubDia+h
Hf7H6JVf2gqNqXZ+knAEAmu3LPH1s1frCBKj1t1YV0/NbCQ7O/KGsIca+6vRCbfu
QXRS5ivNWz5eKGOfNJEt0v75lOv7Vzp3YKlMKgKEzwAWdjbmVkyXlTHHGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG/tMOw+334mZ/EhHB8+hvEHRToBMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvYi0wdzdEN2ZmaVpuOFNFY0h6Nkc4UWRGT2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwrHEMA8E
AgACMAkDBwAgAQZIIAAwDQYJKoZIhvcNAQELBQADggEBAIkaM54ndG+phJ/W1iYI
Bm6ddq4eRicuyIGBtQ9BMSEEv05KBZV80zbTJm2ur8WfWTXxvLCalZ9ceF+DNa0m
hCkgOBmB1k33ebVTmZ5WN2KfaAkFJoDZ3z03SPYWS5h9J8K5U+IEbymGvFIZgYxD
gw1RVdkglFy8OM/ARR7PuoCm9umi6MdK0pewFY4XVeRU4vKJCokTZmkI983n9oOi
l9Wu+z3YCjhFMceXLnZv1Vav6cqtFdPdP1O4Ytm3yxgf56qgngZTpWHPryCFxNU3
p1V4cRXK6+NBnsTfFaGP1XOtjxUyX/f/4WcqdQR6M36f62w9ll/bxWgwdYp3a+fu
FWc=
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:47:43 2024 by rpki-client on console-ams.rpki-client.org