Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/459e63-40b8-4536-84b4-aa81b9603857/1/3o9rDYIDhymbeM_M5RzTU9xgs6U.roa
File: 3o9rDYIDhymbeM_M5RzTU9xgs6U.roa (raw, json)
Hash identifier: THW6+UMkXptXBd6IoF5mKsd8Oz2+bMyxo5IRmhTUv2E=
Subject key identifier: DE:8F:6B:0D:82:03:87:29:9B:78:CF:CC:E5:1C:D3:53:DC:60:B3:A5
Certificate issuer: /CN=4ed1d7df25a4a9d5e727c42f55e9e3183d36a93a
Certificate serial: 018CC2DB05A1241D93D4BA3AB1207C072EB9
Authority key identifier: 4E:D1:D7:DF:25:A4:A9:D5:E7:27:C4:2F:55:E9:E3:18:3D:36:A9:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtHX3yWkqdXnJ8QvVenjGD02qTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/459e63-40b8-4536-84b4-aa81b9603857/1/3o9rDYIDhymbeM_M5RzTU9xgs6U.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60561
IP address blocks: 188.64.137.0/24 maxlen: 24
2a11:1040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/459e63-40b8-4536-84b4-aa81b9603857/1/TtHX3yWkqdXnJ8QvVenjGD02qTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/459e63-40b8-4536-84b4-aa81b9603857/1/TtHX3yWkqdXnJ8QvVenjGD02qTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/TtHX3yWkqdXnJ8QvVenjGD02qTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:05:a1:24:1d:93:d4:ba:3a:b1:20:7c:07:2e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed1d7df25a4a9d5e727c42f55e9e3183d36a93a
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de8f6b0d820387299b78cfcce51cd353dc60b3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:d2:88:1c:6a:5e:63:f9:ce:de:cb:8a:07:
f6:5a:7f:23:88:6b:6c:85:77:84:4b:b6:79:5f:75:
5f:3c:e1:a7:72:a1:5a:61:ed:d4:2a:c3:98:dc:42:
f7:a2:78:39:89:ec:51:82:83:9d:87:4a:19:70:0f:
2f:47:f6:de:1d:ef:e3:dc:62:3e:39:0e:15:c6:b8:
8c:f2:fe:30:7b:0b:bf:1a:84:23:73:0f:db:ae:99:
60:e9:8b:54:9f:73:df:d4:56:88:83:a3:d3:03:a2:
d3:01:f1:cb:d0:6c:42:69:3f:f5:f6:05:1a:7f:dd:
5a:a7:0b:eb:da:06:78:e2:2c:f2:30:78:ee:d0:12:
11:98:58:95:03:d2:b1:54:66:fe:21:1b:8d:0a:e3:
75:ad:b4:27:04:5f:cf:69:b2:d9:79:e9:94:27:1a:
83:0c:66:31:b2:e5:54:45:26:eb:db:0b:2b:a9:08:
28:38:85:0e:70:95:5c:c6:00:f0:ed:0e:ed:37:f6:
b7:e8:23:3a:bd:45:46:7e:e0:5e:39:2f:74:8e:59:
4b:0a:cf:42:0f:5b:51:ef:39:42:16:f1:9a:47:2c:
c4:ea:45:67:78:f9:a1:f3:b8:bf:1b:f8:27:5f:05:
e0:95:45:1e:4e:af:8d:8c:ea:0a:d8:e3:63:5d:d5:
3a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8F:6B:0D:82:03:87:29:9B:78:CF:CC:E5:1C:D3:53:DC:60:B3:A5
X509v3 Authority Key Identifier:
keyid:4E:D1:D7:DF:25:A4:A9:D5:E7:27:C4:2F:55:E9:E3:18:3D:36:A9:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtHX3yWkqdXnJ8QvVenjGD02qTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/459e63-40b8-4536-84b4-aa81b9603857/1/3o9rDYIDhymbeM_M5RzTU9xgs6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/459e63-40b8-4536-84b4-aa81b9603857/1/TtHX3yWkqdXnJ8QvVenjGD02qTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.137.0/24
IPv6:
2a11:1040::/29
Signature Algorithm: sha256WithRSAEncryption
98:fa:c4:74:51:72:86:cf:44:bc:11:d4:92:85:e6:30:cf:ea:
eb:f0:0d:7b:b5:0b:49:1b:88:bc:ae:f9:dc:fc:3e:ca:bd:46:
06:48:46:93:90:e1:b1:21:67:5b:0f:ef:8b:e4:9e:c3:71:aa:
a3:6c:d2:6c:34:0d:c7:82:79:4d:71:f1:d8:43:c9:cc:99:d0:
14:1f:34:56:4d:34:0e:2f:d0:04:ec:45:d8:b2:61:b4:f5:95:
7b:a9:9b:62:3b:23:75:1b:dc:ba:9e:09:cb:26:14:05:2d:ea:
79:a8:b0:1c:7d:b4:a2:80:ce:1a:82:cc:46:70:89:4c:c9:05:
55:82:b9:3c:d4:04:1d:d4:2e:08:e2:a3:33:3b:12:4d:a9:ae:
02:8c:b6:4b:fe:30:d4:06:80:02:0e:dc:65:db:a4:8f:df:ed:
ca:7f:8e:cc:e2:16:c0:f3:ba:6d:0e:4d:32:d7:09:60:72:24:
8c:e2:53:3a:f3:0a:6e:3b:17:1a:60:44:62:c0:6f:ff:b9:17:
38:97:69:22:4b:8d:84:b2:e9:2c:02:ab:fd:69:08:d9:dc:ea:
d0:bc:86:cf:87:09:68:58:70:a7:11:9b:dd:82:24:e0:a1:e4:
88:3b:42:5b:01:7a:77:af:8b:82:34:64:eb:15:b0:1b:b9:5a:
7a:15:11:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2wWhJB2T1Lo6sSB8By65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDFkN2RmMjVhNGE5ZDVlNzI3YzQyZjU1ZTllMzE4M2Qz
NmE5M2EwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThmNmIwZDgyMDM4NzI5OWI3OGNmY2NlNTFjZDM1M2RjNjBiM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+3SiBxqXmP5zt7Ligf2Wn8jiGts
hXeES7Z5X3VfPOGncqFaYe3UKsOY3EL3ong5iexRgoOdh0oZcA8vR/beHe/j3GI+
OQ4VxriM8v4wewu/GoQjcw/brplg6YtUn3Pf1FaIg6PTA6LTAfHL0GxCaT/19gUa
f91apwvr2gZ44izyMHju0BIRmFiVA9KxVGb+IRuNCuN1rbQnBF/PabLZeemUJxqD
DGYxsuVURSbr2wsrqQgoOIUOcJVcxgDw7Q7tN/a36CM6vUVGfuBeOS90jllLCs9C
D1tR7zlCFvGaRyzE6kVnePmh87i/G/gnXwXglUUeTq+NjOoK2ONjXdU6SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN6Paw2CA4cpm3jPzOUc01PcYLOlMB8GA1UdIwQY
MBaAFE7R198lpKnV5yfEL1Xp4xg9Nqk6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRIWDN5V2txZFhuSjhRdlZlbmpHRDAycVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80NTllNjMtNDBiOC00NTM2LTg0YjQt
YWE4MWI5NjAzODU3LzEvM285ckRZSURoeW1iZU1fTTVSelRVOXhnczZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80NTllNjMtNDBiOC00NTM2LTg0YjQtYWE4MWI5NjAzODU3
LzEvVHRIWDN5V2txZFhuSjhRdlZlbmpHRDAycVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvECJMA0E
AgACMAcDBQMqERBAMA0GCSqGSIb3DQEBCwUAA4IBAQCY+sR0UXKGz0S8EdSSheYw
z+rr8A17tQtJG4i8rvnc/D7KvUYGSEaTkOGxIWdbD++L5J7DcaqjbNJsNA3HgnlN
cfHYQ8nMmdAUHzRWTTQOL9AE7EXYsmG09ZV7qZtiOyN1G9y6ngnLJhQFLep5qLAc
fbSigM4agsxGcIlMyQVVgrk81AQd1C4I4qMzOxJNqa4CjLZL/jDUBoACDtxl26SP
3+3Kf47M4hbA87ptDk0y1wlgciSM4lM68wpuOxcaYERiwG//uRc4l2kiS42Esuks
Aqv9aQjZ3OrQvIbPhwloWHCnEZvdgiTgoeSIO0JbAXp3r4uCNGTrFbAbuVp6FRF3
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:51:15 2024 by rpki-client on console-ams.rpki-client.org