Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/fY7myP6WtQ5vqe-SDtjbiiWxiVs.roa
File: fY7myP6WtQ5vqe-SDtjbiiWxiVs.roa (raw, json)
Hash identifier: YKTNRxlsb184yeKebODcclGvQy68Qe4ZTJiOsdTk8Sk=
Subject key identifier: 7D:8E:E6:C8:FE:96:B5:0E:6F:A9:EF:92:0E:D8:DB:8A:25:B1:89:5B
Certificate issuer: /CN=3831e5d98ceee34d783a51cccb6ee4dc4ee43793
Certificate serial: 018CC94DAC4906933BBC7D00541B6D24D9EE
Authority key identifier: 38:31:E5:D9:8C:EE:E3:4D:78:3A:51:CC:CB:6E:E4:DC:4E:E4:37:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ODHl2Yzu4014OlHMy27k3E7kN5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/fY7myP6WtQ5vqe-SDtjbiiWxiVs.roa
Signing time: Tue 02 Jan 2024 08:32:39 +0000
ROA not before: Tue 02 Jan 2024 08:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134743
IP address blocks: 192.145.74.0/23 maxlen: 23
192.145.72.0/22 maxlen: 24
2a09:7080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/ODHl2Yzu4014OlHMy27k3E7kN5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/ODHl2Yzu4014OlHMy27k3E7kN5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ODHl2Yzu4014OlHMy27k3E7kN5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ac:49:06:93:3b:bc:7d:00:54:1b:6d:24:d9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3831e5d98ceee34d783a51cccb6ee4dc4ee43793
Validity
Not Before: Jan 2 08:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8ee6c8fe96b50e6fa9ef920ed8db8a25b1895b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:83:75:a3:0e:a2:95:ef:b7:15:9e:68:13:52:
5d:86:b8:70:85:26:9f:ea:7f:cd:6e:7d:92:07:f7:
60:99:e9:4a:7b:b0:04:8d:7f:ea:45:dd:6b:cf:ec:
df:ae:ee:fe:2c:48:4b:1c:b6:35:1d:c4:61:ab:c6:
12:6f:48:d0:78:6b:3e:7d:4d:53:61:79:97:6c:7e:
95:9b:31:66:d5:54:8f:89:50:e7:9b:fd:a6:cc:d6:
0a:fb:ed:a4:b7:10:9e:08:5a:6d:9a:2c:ae:52:f4:
67:04:04:cd:ef:3e:49:3a:56:0b:1e:a2:ef:8a:f7:
24:9d:35:e7:bc:d9:7d:a2:c9:d2:d0:f4:e0:02:21:
38:04:1e:e0:b4:a0:74:96:dd:fe:e1:a3:a4:ba:86:
22:b1:a0:df:8a:9f:c5:68:83:c3:a3:6e:49:cf:e0:
c1:15:0c:42:a2:33:72:1c:c0:6a:eb:60:49:a7:17:
06:45:14:cc:84:d4:72:03:af:48:0b:3d:23:58:2f:
8d:a0:fd:1f:c9:45:e5:5f:9b:b0:46:51:e6:04:8e:
82:ee:fb:3a:40:6a:a1:3d:4f:07:69:60:24:24:c9:
df:67:16:cd:68:05:c7:c8:21:53:f1:70:c2:02:7d:
63:e1:16:57:a2:b1:5e:39:8e:a2:e7:14:1e:d5:ec:
9e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8E:E6:C8:FE:96:B5:0E:6F:A9:EF:92:0E:D8:DB:8A:25:B1:89:5B
X509v3 Authority Key Identifier:
keyid:38:31:E5:D9:8C:EE:E3:4D:78:3A:51:CC:CB:6E:E4:DC:4E:E4:37:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODHl2Yzu4014OlHMy27k3E7kN5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/fY7myP6WtQ5vqe-SDtjbiiWxiVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f41e52-0f25-4cc0-ac87-352cd296ebb8/1/ODHl2Yzu4014OlHMy27k3E7kN5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.72.0/22
IPv6:
2a09:7080::/29
Signature Algorithm: sha256WithRSAEncryption
71:ab:57:a9:71:1d:ea:72:d9:fb:73:48:4f:36:07:78:25:20:
cf:c5:4a:9d:f8:dd:be:07:17:41:6a:05:e9:99:3c:c3:92:ca:
e1:3e:5f:69:3b:ad:1d:98:4f:2c:05:5c:bf:cc:c8:98:0a:01:
a7:6e:84:73:d6:86:df:28:27:f9:24:18:de:e3:cf:46:c5:d9:
6f:95:f5:28:bd:6f:f5:a8:e9:27:09:37:1c:36:b3:d7:e8:ee:
7a:cd:2c:63:c4:35:41:05:48:8a:42:1b:b6:07:6d:b2:35:b0:
83:31:e4:25:88:d0:f6:af:98:f1:44:66:24:6a:82:50:dc:cf:
df:49:42:48:b3:6a:13:7b:e3:23:61:1a:ef:34:9b:1a:29:7e:
48:c0:72:d9:9e:8c:65:b7:86:e8:a8:19:4e:5d:7e:51:0f:b4:
7b:04:0a:65:64:c9:58:22:aa:99:68:63:46:6b:2d:e9:01:ff:
2d:a1:8e:78:f0:47:97:ae:a5:bd:ff:37:a5:8e:ba:e4:36:8e:
5c:5c:73:7e:7d:b5:79:9b:9c:a3:32:2a:4b:ca:94:a8:60:ee:
7b:54:cf:ad:03:71:e4:78:18:63:25:73:61:c7:51:a0:46:ca:
d8:a7:66:98:36:a6:19:a1:3b:ac:40:33:5c:e2:b8:c9:47:7c:
c7:14:8c:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTaxJBpM7vH0AVBttJNnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFlNWQ5OGNlZWUzNGQ3ODNhNTFjY2NiNmVlNGRjNGVl
NDM3OTMwHhcNMjQwMTAyMDgzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhlZTZjOGZlOTZiNTBlNmZhOWVmOTIwZWQ4ZGI4YTI1YjE4OTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4N1ow6ile+3FZ5oE1JdhrhwhSaf
6n/Nbn2SB/dgmelKe7AEjX/qRd1rz+zfru7+LEhLHLY1HcRhq8YSb0jQeGs+fU1T
YXmXbH6VmzFm1VSPiVDnm/2mzNYK++2ktxCeCFptmiyuUvRnBATN7z5JOlYLHqLv
ivcknTXnvNl9osnS0PTgAiE4BB7gtKB0lt3+4aOkuoYisaDfip/FaIPDo25Jz+DB
FQxCojNyHMBq62BJpxcGRRTMhNRyA69ICz0jWC+NoP0fyUXlX5uwRlHmBI6C7vs6
QGqhPU8HaWAkJMnfZxbNaAXHyCFT8XDCAn1j4RZXorFeOY6i5xQe1eyeGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH2O5sj+lrUOb6nvkg7Y24olsYlbMB8GA1UdIwQY
MBaAFDgx5dmM7uNNeDpRzMtu5NxO5DeTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RIbDJZenU0MDE0T2xITXkyN2szRTdrTjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9mNDFlNTItMGYyNS00Y2MwLWFjODct
MzUyY2QyOTZlYmI4LzEvZlk3bXlQNld0UTV2cWUtU0R0amJpaVd4aVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9mNDFlNTItMGYyNS00Y2MwLWFjODctMzUyY2QyOTZlYmI4
LzEvT0RIbDJZenU0MDE0T2xITXkyN2szRTdrTjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwJFIMA0E
AgACMAcDBQMqCXCAMA0GCSqGSIb3DQEBCwUAA4IBAQBxq1epcR3qctn7c0hPNgd4
JSDPxUqd+N2+BxdBagXpmTzDksrhPl9pO60dmE8sBVy/zMiYCgGnboRz1obfKCf5
JBje489GxdlvlfUovW/1qOknCTccNrPX6O56zSxjxDVBBUiKQhu2B22yNbCDMeQl
iND2r5jxRGYkaoJQ3M/fSUJIs2oTe+MjYRrvNJsaKX5IwHLZnoxlt4boqBlOXX5R
D7R7BAplZMlYIqqZaGNGay3pAf8toY548EeXrqW9/zeljrrkNo5cXHN+fbV5m5yj
MipLypSoYO57VM+tA3HkeBhjJXNhx1GgRsrYp2aYNqYZoTusQDNc4rjJR3zHFIyZ
-----END CERTIFICATE-----
Generated at Mon May 6 18:46:35 2024 by rpki-client on console-ams.rpki-client.org