Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/9__bBAqAfHq7lYKTKg8DgtrWFkY.roa
File: 9__bBAqAfHq7lYKTKg8DgtrWFkY.roa (raw, json)
Hash identifier: zvrReFZSNA2EcgcT+fOHQi4Cm+soi1uTf7w4CanUxOQ=
Subject key identifier: F7:FF:DB:04:0A:80:7C:7A:BB:95:82:93:2A:0F:03:82:DA:D6:16:46
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 0192EC932DB7C962F09378E3DF7D31D20259
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/9__bBAqAfHq7lYKTKg8DgtrWFkY.roa
Signing time: Sat 02 Nov 2024 11:12:01 +0000
ROA not before: Sat 02 Nov 2024 11:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208976
IP address blocks: 194.147.211.0/24 maxlen: 24
2a12:66c0::/32 maxlen: 32
2a12:66c7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.mft
rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:93:2d:b7:c9:62:f0:93:78:e3:df:7d:31:d2:02:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Nov 2 11:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7ffdb040a807c7abb9582932a0f0382dad61646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:81:03:13:02:05:53:39:d4:bc:2c:97:dc:94:
a5:7f:0c:31:99:4a:1b:5b:41:6d:0d:17:e1:ef:d8:
6b:48:cf:0f:f8:b1:14:74:fa:cc:1f:b4:db:9b:6a:
3a:ec:ac:f9:ca:33:96:49:f3:9f:9e:d9:3f:d5:44:
d5:8e:03:8a:3f:31:ab:ae:77:b7:7f:75:6f:74:dc:
4f:70:08:ef:80:bb:2b:84:06:a7:39:33:74:7a:08:
9d:6f:f8:7b:45:c8:01:a0:9b:0b:2c:4c:6b:bd:04:
00:f6:09:15:17:07:b7:05:f6:a5:ea:11:57:60:a3:
16:fa:f8:92:6c:f7:fe:38:68:44:2e:2c:51:0a:90:
b9:f5:84:69:e9:ca:79:5c:a2:b0:58:bf:07:a2:67:
23:8d:cf:67:91:0a:bc:00:ce:9d:05:c0:1a:5d:8e:
e7:b8:42:ca:20:40:b8:14:33:1c:af:0f:cb:53:77:
36:5c:0d:60:d2:82:3d:f3:17:33:d2:54:8a:ff:60:
96:ce:c1:01:52:fe:12:1d:2c:a8:85:81:4a:4d:f5:
46:82:ca:0c:67:c3:87:52:14:e2:bf:6b:a2:4a:cf:
c8:d1:96:30:c0:64:3b:85:86:8c:6d:e6:26:6c:ad:
c3:c2:bf:fd:2a:69:79:f8:8e:2f:20:9b:9b:1a:80:
59:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:FF:DB:04:0A:80:7C:7A:BB:95:82:93:2A:0F:03:82:DA:D6:16:46
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/9__bBAqAfHq7lYKTKg8DgtrWFkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.211.0/24
IPv6:
2a12:66c0::/32
2a12:66c7::/48
Signature Algorithm: sha256WithRSAEncryption
7a:83:1e:29:c4:a3:28:dc:eb:d2:be:a8:89:7a:b1:6a:e6:b3:
73:41:ec:2f:3b:46:cb:62:c7:84:65:b8:ab:c9:0c:43:57:db:
e3:ea:bd:ab:1c:f6:3a:e4:89:43:6a:67:c3:41:e7:ca:dd:6e:
75:8a:d9:44:5d:41:0a:41:85:4d:35:06:fb:2e:01:14:b3:2b:
ad:1b:1f:f3:52:3e:02:33:8c:04:2b:0d:9b:f3:4e:f6:7c:77:
48:f2:c0:a3:af:0e:84:2c:fc:32:85:79:b4:5d:87:b4:f6:b6:
7d:cd:06:9a:51:0b:3b:5a:7a:54:6d:cd:bb:a5:f3:a6:6b:11:
0e:75:a5:cb:47:ae:54:76:68:5c:8d:e8:04:5c:b7:2f:a2:e0:
22:8c:7c:16:f6:06:3d:a9:16:d2:30:00:70:8b:2c:87:95:41:
22:a2:9a:1b:cc:15:c5:ae:26:3d:a8:44:e2:5c:f9:5c:be:cb:
95:d9:60:25:26:38:4e:7d:44:31:3d:c2:8a:1a:7c:27:dc:fa:
40:46:46:80:7e:ac:89:d6:d4:db:a6:07:96:48:d6:a7:0f:d0:
57:79:96:50:dd:f6:ab:9a:75:20:11:f5:4c:8e:ad:42:63:02:
0a:99:fa:1b:e1:53:92:9a:85:b7:b1:78:e7:8f:89:88:96:f2:
a2:3f:50:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLsky23yWLwk3jj330x0gJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjQxMTAyMTExMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2ZmZGIwNDBhODA3YzdhYmI5NTgyOTMyYTBmMDM4MmRhZDYxNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoEDEwIFUznUvCyX3JSlfwwxmUob
W0FtDRfh79hrSM8P+LEUdPrMH7Tbm2o67Kz5yjOWSfOfntk/1UTVjgOKPzGrrne3
f3VvdNxPcAjvgLsrhAanOTN0egidb/h7RcgBoJsLLExrvQQA9gkVFwe3Bfal6hFX
YKMW+viSbPf+OGhELixRCpC59YRp6cp5XKKwWL8Homcjjc9nkQq8AM6dBcAaXY7n
uELKIEC4FDMcrw/LU3c2XA1g0oI98xcz0lSK/2CWzsEBUv4SHSyohYFKTfVGgsoM
Z8OHUhTiv2uiSs/I0ZYwwGQ7hYaMbeYmbK3Dwr/9Kml5+I4vIJubGoBZ5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPf/2wQKgHx6u5WCkyoPA4La1hZGMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvOV9fYkJBcUFmSHE3bFlLVEtnOERndHJXRmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAwpPTMBYE
AgACMBADBQAqEmbAAwcAKhJmxwAAMA0GCSqGSIb3DQEBCwUAA4IBAQB6gx4pxKMo
3OvSvqiJerFq5rNzQewvO0bLYseEZbiryQxDV9vj6r2rHPY65IlDamfDQefK3W51
itlEXUEKQYVNNQb7LgEUsyutGx/zUj4CM4wEKw2b8072fHdI8sCjrw6ELPwyhXm0
XYe09rZ9zQaaUQs7WnpUbc27pfOmaxEOdaXLR65UdmhcjegEXLcvouAijHwW9gY9
qRbSMABwiyyHlUEiopobzBXFriY9qETiXPlcvsuV2WAlJjhOfUQxPcKKGnwn3PpA
RkaAfqyJ1tTbpgeWSNanD9BXeZZQ3farmnUgEfVMjq1CYwIKmfob4VOSmoW3sXjn
j4mIlvKiP1C8
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:34 2024 by rpki-client on console-ams.rpki-client.org