Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/by_SZNcpR0i-I5Z-Q1D6tF5jGRA.roa
File: by_SZNcpR0i-I5Z-Q1D6tF5jGRA.roa (raw, json)
Hash identifier: F4BXoqT1mhlVmss7SbYRNk6c0UdZ0OW4oill4GIp0DQ=
Subject key identifier: 6F:2F:D2:64:D7:29:47:48:BE:23:96:7E:43:50:FA:B4:5E:63:19:10
Certificate issuer: /CN=77292dc63718eebc704ab002ecb81d3d52d4d1c3
Certificate serial: 018CC726AE0BDCBF5BE0962E9C75199DAAE3
Authority key identifier: 77:29:2D:C6:37:18:EE:BC:70:4A:B0:02:EC:B8:1D:3D:52:D4:D1:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/by_SZNcpR0i-I5Z-Q1D6tF5jGRA.roa
Signing time: Mon 01 Jan 2024 22:30:49 +0000
ROA not before: Mon 01 Jan 2024 22:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15435
IP address blocks: 193.176.104.0/21 maxlen: 24
2001:67c:460::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/dyktxjcY7rxwSrAC7LgdPVLU0cM.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/dyktxjcY7rxwSrAC7LgdPVLU0cM.mft
rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ae:0b:dc:bf:5b:e0:96:2e:9c:75:19:9d:aa:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77292dc63718eebc704ab002ecb81d3d52d4d1c3
Validity
Not Before: Jan 1 22:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f2fd264d7294748be23967e4350fab45e631910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:40:18:31:65:78:ef:52:e0:6f:92:4e:67:45:
d3:19:97:5f:67:48:11:b0:cc:ba:ff:61:73:f7:2c:
95:30:fe:09:d2:da:2e:56:7d:56:41:cd:66:fb:73:
66:3d:90:ac:74:50:f9:a4:52:a8:19:3f:1a:9b:4a:
44:1c:ec:ca:b7:d1:fa:cf:37:dc:3e:86:41:16:e3:
c6:52:3c:2b:93:29:5f:28:82:12:55:1e:b2:6b:e7:
4b:40:33:6b:6c:42:4d:6a:3d:39:2b:64:57:5c:cd:
34:6b:ce:e3:bb:18:8d:5b:da:df:b5:15:f2:88:af:
7c:2d:4b:80:68:bc:a3:43:b7:7b:4b:5f:e4:ca:29:
c7:9b:f7:ff:dc:09:d5:cf:0d:8c:01:60:95:4e:84:
27:a2:2b:44:3d:cb:e2:ae:b4:51:76:04:59:8a:02:
dc:c7:bd:61:63:46:29:42:69:d5:3d:e1:9d:53:ee:
5a:3f:bd:a4:3d:a6:a7:b8:44:01:01:40:bc:91:40:
30:a6:6e:a7:ab:25:71:40:78:91:46:b9:04:90:47:
62:3e:d5:ed:3c:7f:20:79:75:d6:45:0f:9b:0d:e9:
ad:95:28:de:ac:7d:07:d9:7d:aa:35:67:42:02:cb:
c2:66:dd:90:01:e6:66:91:24:9a:99:c5:88:24:26:
e6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2F:D2:64:D7:29:47:48:BE:23:96:7E:43:50:FA:B4:5E:63:19:10
X509v3 Authority Key Identifier:
keyid:77:29:2D:C6:37:18:EE:BC:70:4A:B0:02:EC:B8:1D:3D:52:D4:D1:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dyktxjcY7rxwSrAC7LgdPVLU0cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/by_SZNcpR0i-I5Z-Q1D6tF5jGRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/65764a-dd8e-401b-b731-d9c5d26419b2/1/dyktxjcY7rxwSrAC7LgdPVLU0cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.104.0/21
IPv6:
2001:67c:460::/48
Signature Algorithm: sha256WithRSAEncryption
a4:af:29:af:ea:2f:dd:5f:fb:5c:34:0c:1b:f0:f2:93:f0:d6:
5d:f4:bb:4a:52:32:1e:9d:e1:5d:c3:e4:c7:62:33:fb:29:26:
9c:37:f8:31:f9:31:05:0f:a7:05:76:ef:c8:92:b7:38:92:eb:
e3:4d:57:82:48:ae:64:24:41:0b:0f:24:24:12:66:0e:81:e0:
01:39:f7:8c:c2:8a:9f:e6:f5:16:14:2e:fe:95:a4:1f:61:09:
bc:6c:9c:54:3b:c3:cd:a9:9d:4d:f4:8a:82:36:a7:63:da:75:
04:d3:d5:56:38:db:e1:84:5f:c4:6a:d6:24:9d:6e:fd:49:e6:
ad:10:4a:db:bc:d8:0d:31:64:84:cf:d1:f4:11:02:92:19:d5:
4e:65:1e:99:dc:85:db:21:9f:61:35:2b:b8:ff:bd:e1:7d:7b:
2a:92:8d:4f:28:3c:4f:33:a6:80:04:02:92:61:70:8b:38:cd:
ab:43:65:dc:04:98:e2:8f:81:7b:3f:fe:85:f1:5e:44:e1:ee:
52:b5:97:6a:11:94:9d:5e:52:e9:78:08:0a:2a:27:ea:63:96:
f2:c7:ba:20:12:f9:fc:ae:f3:70:20:99:3e:89:c9:b1:06:19:
22:e5:67:be:9b:1a:99:ec:5d:9c:85:ea:b8:39:b7:82:72:e6:
1f:2c:95:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJq4L3L9b4JYunHUZnarjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjkyZGM2MzcxOGVlYmM3MDRhYjAwMmVjYjgxZDNkNTJk
NGQxYzMwHhcNMjQwMTAxMjIzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJmZDI2NGQ3Mjk0NzQ4YmUyMzk2N2U0MzUwZmFiNDVlNjMxOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0AYMWV471Lgb5JOZ0XTGZdfZ0gR
sMy6/2Fz9yyVMP4J0touVn1WQc1m+3NmPZCsdFD5pFKoGT8am0pEHOzKt9H6zzfc
PoZBFuPGUjwrkylfKIISVR6ya+dLQDNrbEJNaj05K2RXXM00a87juxiNW9rftRXy
iK98LUuAaLyjQ7d7S1/kyinHm/f/3AnVzw2MAWCVToQnoitEPcvirrRRdgRZigLc
x71hY0YpQmnVPeGdU+5aP72kPaanuEQBAUC8kUAwpm6nqyVxQHiRRrkEkEdiPtXt
PH8geXXWRQ+bDemtlSjerH0H2X2qNWdCAsvCZt2QAeZmkSSamcWIJCbmPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG8v0mTXKUdIviOWfkNQ+rReYxkQMB8GA1UdIwQY
MBaAFHcpLcY3GO68cEqwAuy4HT1S1NHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlrdHhqY1k3cnh3U3JBQzdMZ2RQVkxVMGNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82NTc2NGEtZGQ4ZS00MDFiLWI3MzEt
ZDljNWQyNjQxOWIyLzEvYnlfU1pOY3BSMGktSTVaLVExRDZ0RjVqR1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82NTc2NGEtZGQ4ZS00MDFiLWI3MzEtZDljNWQyNjQxOWIy
LzEvZHlrdHhqY1k3cnh3U3JBQzdMZ2RQVkxVMGNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwbBoMA8E
AgACMAkDBwAgAQZ8BGAwDQYJKoZIhvcNAQELBQADggEBAKSvKa/qL91f+1w0DBvw
8pPw1l30u0pSMh6d4V3D5MdiM/spJpw3+DH5MQUPpwV278iStziS6+NNV4JIrmQk
QQsPJCQSZg6B4AE594zCip/m9RYULv6VpB9hCbxsnFQ7w82pnU30ioI2p2PadQTT
1VY42+GEX8Rq1iSdbv1J5q0QStu82A0xZITP0fQRApIZ1U5lHpnchdshn2E1K7j/
veF9eyqSjU8oPE8zpoAEApJhcIs4zatDZdwEmOKPgXs//oXxXkTh7lK1l2oRlJ1e
Uul4CAoqJ+pjlvLHuiAS+fyu83AgmT6JybEGGSLlZ76bGpnsXZyF6rg5t4Jy5h8s
lTI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:21 2024 by rpki-client on console-fra.rpki-client.org