Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bP-Ozzal9UPSCDxIm_U9UFjBP1Q.roa
File: bP-Ozzal9UPSCDxIm_U9UFjBP1Q.roa (raw, json)
Hash identifier: pdWL3uccXs2+bi5xECxPlt2Z9wXcQQLBT0FnGDxHKzs=
Subject key identifier: 6C:FF:8E:CF:36:A5:F5:43:D2:08:3C:48:9B:F5:3D:50:58:C1:3F:54
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018CC26D5AADB3447C22DE1089118663F955
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bP-Ozzal9UPSCDxIm_U9UFjBP1Q.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 14.102.224.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 20:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5a:ad:b3:44:7c:22:de:10:89:11:86:63:f9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cff8ecf36a5f543d2083c489bf53d5058c13f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0e:ab:ad:58:94:9a:84:f0:37:00:0b:d9:c9:
3c:7b:f6:89:be:f6:ef:b0:31:47:9a:2b:c8:91:64:
54:50:82:3e:1d:21:db:40:74:27:f2:96:28:02:21:
06:0c:68:54:db:fa:c3:2e:15:f5:16:8b:bb:dc:cd:
23:c2:62:a8:14:a0:1f:af:bf:14:f3:72:a9:fc:6a:
c4:8f:15:7c:8a:24:45:af:0f:9f:50:33:b9:f5:c0:
e8:f5:14:e6:3c:26:20:5c:bf:d5:0b:c1:dc:af:c9:
f2:d1:f9:9e:99:79:a0:8d:1a:3f:f0:fe:70:ca:39:
ff:ad:83:c2:88:c9:59:19:a9:f7:56:65:cf:f8:e4:
5a:b4:f3:66:ac:62:ec:83:c6:c3:45:64:2c:6e:c6:
d8:ac:7b:85:58:1a:6b:01:bc:1c:44:ba:e7:28:35:
e4:00:45:e3:31:7a:ae:2d:54:64:d2:01:f4:a5:ff:
cf:f2:01:3d:ae:b4:6a:5e:b8:50:1a:53:10:b4:77:
65:23:b1:13:91:36:19:a7:5b:33:fa:a2:27:64:52:
39:88:cc:90:a7:e2:3b:02:40:30:32:cb:35:8f:41:
dc:11:2b:88:d0:fb:a5:20:73:4f:99:2d:45:65:0c:
51:73:9b:ee:a2:2a:02:b3:28:5b:15:3b:92:10:b2:
34:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FF:8E:CF:36:A5:F5:43:D2:08:3C:48:9B:F5:3D:50:58:C1:3F:54
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bP-Ozzal9UPSCDxIm_U9UFjBP1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.224.0/23
Signature Algorithm: sha256WithRSAEncryption
68:78:b5:dd:ae:1f:d3:bd:5f:02:30:94:42:f1:f5:bf:a6:1f:
e8:80:6c:9b:60:bf:b1:37:db:f5:8c:d0:93:e2:84:d3:c7:5d:
48:e8:50:64:07:28:cd:cd:62:47:a6:72:97:78:6c:1b:97:4e:
81:71:70:9e:3a:2b:f3:39:1d:fb:70:3c:52:8b:02:ee:e1:21:
91:5f:de:6b:37:67:00:ac:8a:9f:1a:35:dd:36:64:e9:02:30:
00:0c:09:82:05:b8:10:02:0c:92:3c:34:0f:62:52:4a:09:7f:
d6:b4:e8:70:fc:a7:32:20:4d:38:b8:e9:3e:05:57:a5:19:cc:
b3:89:a7:ea:b2:31:d1:23:07:bd:21:bd:0f:92:c3:64:0f:1f:
9c:c2:a5:20:d5:a9:0f:3b:f6:51:ac:bb:cc:ad:2c:1b:75:3e:
70:60:8a:fe:1f:38:18:87:f4:57:0f:b7:42:0b:20:96:44:37:
95:8a:9b:7a:7e:2f:0f:81:41:57:39:e7:6d:26:fe:0c:87:4d:
43:e4:0a:ec:93:52:01:1b:1f:02:a8:ff:0b:36:b0:6e:e4:a2:
11:71:5c:d1:83:c6:4a:4e:9d:35:8f:7a:c0:df:06:44:85:47:
8e:38:50:4f:18:96:2b:0b:d8:0d:4e:59:9e:ea:3a:a2:7a:40:
06:c3:14:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVqts0R8It4QiRGGY/lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ZmOGVjZjM2YTVmNTQzZDIwODNjNDg5YmY1M2Q1MDU4YzEzZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ6rrViUmoTwNwAL2ck8e/aJvvbv
sDFHmivIkWRUUII+HSHbQHQn8pYoAiEGDGhU2/rDLhX1Fou73M0jwmKoFKAfr78U
83Kp/GrEjxV8iiRFrw+fUDO59cDo9RTmPCYgXL/VC8Hcr8ny0fmemXmgjRo/8P5w
yjn/rYPCiMlZGan3VmXP+ORatPNmrGLsg8bDRWQsbsbYrHuFWBprAbwcRLrnKDXk
AEXjMXquLVRk0gH0pf/P8gE9rrRqXrhQGlMQtHdlI7ETkTYZp1sz+qInZFI5iMyQ
p+I7AkAwMss1j0HcESuI0PulIHNPmS1FZQxRc5vuoioCsyhbFTuSELI0xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGz/js82pfVD0gg8SJv1PVBYwT9UMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYlAtT3p6YWw5VVBTQ0R4SW1fVTlVRmpCUDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBDmbgMA0G
CSqGSIb3DQEBCwUAA4IBAQBoeLXdrh/TvV8CMJRC8fW/ph/ogGybYL+xN9v1jNCT
4oTTx11I6FBkByjNzWJHpnKXeGwbl06BcXCeOivzOR37cDxSiwLu4SGRX95rN2cA
rIqfGjXdNmTpAjAADAmCBbgQAgySPDQPYlJKCX/WtOhw/KcyIE04uOk+BVelGcyz
iafqsjHRIwe9Ib0PksNkDx+cwqUg1akPO/ZRrLvMrSwbdT5wYIr+HzgYh/RXD7dC
CyCWRDeVipt6fi8PgUFXOedtJv4Mh01D5Arsk1IBGx8CqP8LNrBu5KIRcVzRg8ZK
Tp01j3rA3wZEhUeOOFBPGJYrC9gNTlme6jqiekAGwxRH
-----END CERTIFICATE-----
Generated at Wed Dec 11 05:43:13 2024 by rpki-client on console-ams.rpki-client.org