Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/uSIQt9KXd075SCg8c12ZzLqXops.roa
File: uSIQt9KXd075SCg8c12ZzLqXops.roa (raw, json)
Hash identifier: z+Hzn7QPqhaHeYgZRbu/8y7jiAY+lRtM2aTK4tLSJ1g=
Subject key identifier: B9:22:10:B7:D2:97:77:4E:F9:48:28:3C:73:5D:99:CC:BA:97:A2:9B
Certificate issuer: /CN=6cf2fb0fa52de13c336689cf3f4829d63506750f
Certificate serial: 018CC56EC5B785955DFD2F56FAA95034D68D
Authority key identifier: 6C:F2:FB:0F:A5:2D:E1:3C:33:66:89:CF:3F:48:29:D6:35:06:75:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/uSIQt9KXd075SCg8c12ZzLqXops.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43751
IP address blocks: 93.191.216.0/21 maxlen: 24
2a02:4b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c5:b7:85:95:5d:fd:2f:56:fa:a9:50:34:d6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cf2fb0fa52de13c336689cf3f4829d63506750f
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b92210b7d297774ef948283c735d99ccba97a29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:94:f5:24:55:28:94:ae:8a:68:16:5c:f8:
6a:20:79:f2:58:dc:8b:7c:0c:64:02:2a:0a:d5:cc:
07:7e:4f:9f:c3:03:6c:6a:c7:a9:71:47:e8:b1:3e:
3a:12:f3:6a:91:73:22:1a:f2:98:aa:51:96:f5:b9:
be:9b:a5:81:cb:c8:c8:de:99:14:6e:6b:bf:a8:5d:
df:5d:eb:ea:2d:61:12:fa:f2:da:ff:25:f8:60:22:
60:5d:4d:13:2c:d6:ff:23:d6:b8:15:dd:f1:69:31:
ae:fb:80:7e:f6:2e:53:aa:e6:76:fe:24:fe:3b:0c:
1e:28:fb:42:2e:fe:e6:a9:eb:00:60:2e:69:84:b5:
40:0e:b1:be:54:ad:a1:28:75:3a:08:36:aa:f9:bb:
b3:1d:f3:9e:13:7b:2e:d1:40:b5:88:df:d2:f1:d3:
7e:d1:42:d3:b6:5e:59:bf:a7:82:58:85:48:76:a8:
7c:81:5c:67:85:23:00:0d:26:11:0d:9e:72:d3:dd:
1f:90:39:90:cc:e0:8c:6b:d4:b5:ae:c7:2e:8a:47:
8e:83:ff:3c:e4:d0:3e:4b:a5:22:4a:72:5c:ca:13:
b2:93:02:a3:64:d0:f8:f3:35:e9:80:77:df:d1:f0:
28:dd:0e:df:5f:bb:09:1f:6f:4c:fc:39:6e:52:49:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:22:10:B7:D2:97:77:4E:F9:48:28:3C:73:5D:99:CC:BA:97:A2:9B
X509v3 Authority Key Identifier:
keyid:6C:F2:FB:0F:A5:2D:E1:3C:33:66:89:CF:3F:48:29:D6:35:06:75:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/uSIQt9KXd075SCg8c12ZzLqXops.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cf0715-b993-4348-97e9-6ec982951cf7/1/bPL7D6Ut4TwzZonPP0gp1jUGdQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.216.0/21
IPv6:
2a02:4b0::/32
Signature Algorithm: sha256WithRSAEncryption
33:b0:98:de:82:29:76:58:aa:d5:2a:29:3c:e0:9a:f8:0d:75:
b6:f6:a3:64:f8:e6:b7:eb:48:af:82:70:53:95:52:44:c4:8d:
94:39:94:99:c2:85:0a:83:a4:d1:b5:01:c6:18:56:d5:8b:c3:
d5:5c:db:b8:72:a3:3f:c1:9c:8d:91:1b:94:62:27:8b:86:7a:
75:71:cf:fb:9f:2b:6c:73:31:6f:53:ef:c6:32:c6:81:25:37:
71:9f:5f:63:2e:c3:99:7c:ff:7e:1a:f8:8a:85:4e:ca:74:5a:
04:bf:6c:30:26:c1:58:19:bb:aa:09:67:be:3b:02:17:7e:ff:
e9:cc:08:6f:55:13:ca:21:49:a7:55:a1:5f:5f:d2:93:84:d3:
46:44:0f:21:49:5c:eb:be:4b:ed:a7:71:31:23:7b:30:0d:fe:
1b:45:b6:3c:c3:06:a8:89:36:ee:8e:46:35:eb:1b:7d:5c:40:
65:9a:35:2b:a1:ab:86:07:aa:1a:4e:c7:e9:be:e3:be:70:a9:
b7:24:59:76:fb:46:a4:67:fb:53:bd:98:37:70:de:8f:9e:7d:
bb:52:e3:a9:5f:fa:2a:65:ff:b2:10:74:d4:18:45:48:82:63:
0c:0d:c3:87:68:00:0a:d7:59:9f:8e:fd:5c:a7:83:fb:21:23:
f3:c8:c7:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbsW3hZVd/S9W+qlQNNaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZjJmYjBmYTUyZGUxM2MzMzY2ODljZjNmNDgyOWQ2MzUw
Njc1MGYwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIyMTBiN2QyOTc3NzRlZjk0ODI4M2M3MzVkOTljY2JhOTdhMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbyU9SRVKJSuimgWXPhqIHnyWNyL
fAxkAioK1cwHfk+fwwNsasepcUfosT46EvNqkXMiGvKYqlGW9bm+m6WBy8jI3pkU
bmu/qF3fXevqLWES+vLa/yX4YCJgXU0TLNb/I9a4Fd3xaTGu+4B+9i5TquZ2/iT+
OwweKPtCLv7mqesAYC5phLVADrG+VK2hKHU6CDaq+buzHfOeE3su0UC1iN/S8dN+
0ULTtl5Zv6eCWIVIdqh8gVxnhSMADSYRDZ5y090fkDmQzOCMa9S1rscuikeOg/88
5NA+S6UiSnJcyhOykwKjZND48zXpgHff0fAo3Q7fX7sJH29M/DluUkm9BQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLkiELfSl3dO+UgoPHNdmcy6l6KbMB8GA1UdIwQY
MBaAFGzy+w+lLeE8M2aJzz9IKdY1BnUPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlBMN0Q2VXQ0VHd6Wm9uUFAwZ3AxalVHZFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZjA3MTUtYjk5My00MzQ4LTk3ZTkt
NmVjOTgyOTUxY2Y3LzEvdVNJUXQ5S1hkMDc1U0NnOGMxMlp6THFYb3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jZjA3MTUtYjk5My00MzQ4LTk3ZTktNmVjOTgyOTUxY2Y3
LzEvYlBMN0Q2VXQ0VHd6Wm9uUFAwZ3AxalVHZFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXb/YMA0E
AgACMAcDBQAqAgSwMA0GCSqGSIb3DQEBCwUAA4IBAQAzsJjegil2WKrVKik84Jr4
DXW29qNk+Oa360ivgnBTlVJExI2UOZSZwoUKg6TRtQHGGFbVi8PVXNu4cqM/wZyN
kRuUYieLhnp1cc/7nytsczFvU+/GMsaBJTdxn19jLsOZfP9+GviKhU7KdFoEv2ww
JsFYGbuqCWe+OwIXfv/pzAhvVRPKIUmnVaFfX9KThNNGRA8hSVzrvkvtp3ExI3sw
Df4bRbY8wwaoiTbujkY16xt9XEBlmjUroauGB6oaTsfpvuO+cKm3JFl2+0akZ/tT
vZg3cN6Pnn27UuOpX/oqZf+yEHTUGEVIgmMMDcOHaAAK11mfjv1cp4P7ISPzyMef
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:02:20 2024 by rpki-client on console-ams.rpki-client.org