Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/n-OeMZ2KyJY-2UEwZpfBF0lbY_I.roa
File: n-OeMZ2KyJY-2UEwZpfBF0lbY_I.roa (raw, json)
Hash identifier: xRNbIvy8QOr3hx6ZB9RtNNFbIWtKwjPidd8GIvkCsIU=
Subject key identifier: 9F:E3:9E:31:9D:8A:C8:96:3E:D9:41:30:66:97:C1:17:49:5B:63:F2
Certificate issuer: /CN=63f97267e7c00795309509f1e8d3d9cde0a76c4e
Certificate serial: 018CC26D142BAA02A3CFC6D63498C6B98201
Authority key identifier: 63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/n-OeMZ2KyJY-2UEwZpfBF0lbY_I.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39892
IP address blocks: 185.79.196.0/23 maxlen: 23
185.79.196.0/24 maxlen: 24
185.79.197.0/24 maxlen: 24
185.79.198.0/24 maxlen: 24
185.79.198.0/23 maxlen: 23
185.79.199.0/24 maxlen: 24
2a05:7780:105::/48 maxlen: 48
2a05:7782::/32 maxlen: 32
2a05:7780::/32 maxlen: 32
2a05:7783::/32 maxlen: 32
2a05:7781::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:14:2b:aa:02:a3:cf:c6:d6:34:98:c6:b9:82:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f97267e7c00795309509f1e8d3d9cde0a76c4e
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe39e319d8ac8963ed941306697c117495b63f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6e:49:99:a7:b6:4f:b5:65:0d:f9:17:43:02:
f9:31:26:29:58:cd:f0:79:56:a9:15:94:45:1e:6b:
53:5e:45:9c:41:31:6c:f5:43:96:62:d8:ac:38:29:
66:b2:35:e5:95:38:3a:61:65:e9:c0:b4:81:93:0d:
aa:f0:76:b2:0c:b3:7c:fb:42:f1:b8:3f:39:12:5a:
e7:97:ad:46:7c:30:da:e7:f1:c4:23:b1:fc:9d:78:
fa:d3:9e:86:e5:20:ac:13:61:ae:c8:83:8d:89:9b:
23:0e:97:bd:21:b5:70:85:c2:18:e0:a5:6f:36:47:
19:b8:db:1b:2a:b4:94:15:5d:de:83:20:b2:63:06:
36:09:e3:41:c8:c1:cc:27:ae:f9:28:8a:ea:02:d1:
26:4a:32:d8:96:a7:6a:e4:c6:65:23:94:23:f8:2a:
06:a8:cd:aa:fc:b3:06:2a:f1:7c:07:46:b0:f0:53:
2d:b6:31:60:5d:39:5a:7d:09:24:a1:b1:91:9d:60:
36:f7:71:35:d5:b7:04:52:54:85:a6:ff:af:42:7a:
54:15:24:e0:ee:d2:45:56:3c:9b:f3:ab:52:71:84:
30:51:2b:13:0f:80:42:51:b5:f5:4d:58:d3:cf:ff:
f5:98:98:29:62:c9:12:40:a7:00:c3:c0:5b:d0:c6:
bc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E3:9E:31:9D:8A:C8:96:3E:D9:41:30:66:97:C1:17:49:5B:63:F2
X509v3 Authority Key Identifier:
keyid:63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/n-OeMZ2KyJY-2UEwZpfBF0lbY_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.196.0/22
IPv6:
2a05:7780::/30
Signature Algorithm: sha256WithRSAEncryption
2b:c6:33:c5:ef:6e:73:1e:b9:2e:f5:a8:5f:cd:21:37:c4:99:
b0:46:e5:f5:52:03:cd:9f:34:3d:7f:e6:c8:ba:d0:c5:33:25:
5c:6c:07:80:63:ec:8f:ff:0b:2c:17:2c:3f:e0:57:85:72:86:
f5:3b:0b:b4:a2:ef:4f:30:d2:d2:9f:12:d1:69:3a:82:d9:53:
1a:74:82:74:31:a3:92:db:55:10:48:0c:64:a1:ff:bb:46:91:
60:62:f7:61:ad:35:48:7a:f1:c5:c9:d1:82:e6:5f:74:e2:25:
f2:12:97:1c:a4:71:b8:61:72:20:2d:ae:1b:14:c0:af:51:23:
df:72:ba:4f:6c:27:37:05:e9:ee:3d:34:d1:3a:b3:03:74:2c:
93:46:cc:23:86:ec:c4:ec:ec:d9:07:ef:a6:1f:26:6e:b1:4e:
50:d0:2b:71:d0:f4:58:8d:c5:9d:2c:50:a7:a7:88:2c:1a:68:
b3:08:15:aa:9a:c2:40:c1:bc:12:db:17:e0:77:62:4f:ef:3f:
73:31:7d:1a:71:c1:54:b0:63:83:00:9f:8a:6c:20:13:2f:40:
d2:4d:9b:90:c7:33:ff:7b:54:24:82:2b:82:2f:ed:1e:53:05:
d5:75:e6:60:6c:9e:f7:55:fb:41:e4:35:87:ce:70:a4:b0:c5:
7b:1f:eb:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbRQrqgKjz8bWNJjGuYIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjk3MjY3ZTdjMDA3OTUzMDk1MDlmMWU4ZDNkOWNkZTBh
NzZjNGUwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmUzOWUzMTlkOGFjODk2M2VkOTQxMzA2Njk3YzExNzQ5NWI2M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW5Jmae2T7VlDfkXQwL5MSYpWM3w
eVapFZRFHmtTXkWcQTFs9UOWYtisOClmsjXllTg6YWXpwLSBkw2q8HayDLN8+0Lx
uD85Elrnl61GfDDa5/HEI7H8nXj6056G5SCsE2GuyIONiZsjDpe9IbVwhcIY4KVv
NkcZuNsbKrSUFV3egyCyYwY2CeNByMHMJ675KIrqAtEmSjLYlqdq5MZlI5Qj+CoG
qM2q/LMGKvF8B0aw8FMttjFgXTlafQkkobGRnWA293E11bcEUlSFpv+vQnpUFSTg
7tJFVjyb86tScYQwUSsTD4BCUbX1TVjTz//1mJgpYskSQKcAw8Bb0Ma8dwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/jnjGdisiWPtlBMGaXwRdJW2PyMB8GA1UdIwQY
MBaAFGP5cmfnwAeVMJUJ8ejT2c3gp2xOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9seVotZkFCNVV3bFFueDZOUFp6ZUNuYkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83YTFjMmUtNzVmYi00NGM2LWE4M2Mt
MTQ2NzNjNzJhMWRmLzEvbi1PZU1aMkt5SlktMlVFd1pwZkJGMGxiWV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83YTFjMmUtNzVmYi00NGM2LWE4M2MtMTQ2NzNjNzJhMWRm
LzEvWV9seVotZkFCNVV3bFFueDZOUFp6ZUNuYkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU/EMA0E
AgACMAcDBQIqBXeAMA0GCSqGSIb3DQEBCwUAA4IBAQArxjPF725zHrku9ahfzSE3
xJmwRuX1UgPNnzQ9f+bIutDFMyVcbAeAY+yP/wssFyw/4FeFcob1Owu0ou9PMNLS
nxLRaTqC2VMadIJ0MaOS21UQSAxkof+7RpFgYvdhrTVIevHFydGC5l904iXyEpcc
pHG4YXIgLa4bFMCvUSPfcrpPbCc3BenuPTTROrMDdCyTRswjhuzE7OzZB++mHyZu
sU5Q0Ctx0PRYjcWdLFCnp4gsGmizCBWqmsJAwbwS2xfgd2JP7z9zMX0accFUsGOD
AJ+KbCATL0DSTZuQxzP/e1QkgiuCL+0eUwXVdeZgbJ73VftB5DWHznCksMV7H+v0
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:06:26 2024 by rpki-client on console-ams.rpki-client.org