Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Lc7GyX1kgV2w6EL4kw08aF-wElo.roa
File: Lc7GyX1kgV2w6EL4kw08aF-wElo.roa (raw, json)
Hash identifier: X53F49ze5A7TkEq9SKuIcKkAYqw1egZO7eI6p6eVkNk=
Subject key identifier: 2D:CE:C6:C9:7D:64:81:5D:B0:E8:42:F8:93:0D:3C:68:5F:B0:12:5A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012CF25A90C0B37F59A8DA960513C0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Lc7GyX1kgV2w6EL4kw08aF-wElo.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51894
IP address blocks: 159.148.147.0/24 maxlen: 24
159.148.172.0/24 maxlen: 24
2a02:610:7501::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2c:f2:5a:90:c0:b3:7f:59:a8:da:96:05:13:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dcec6c97d64815db0e842f8930d3c685fb0125a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:69:f3:a0:9f:96:a9:7d:67:c9:ab:da:92:
1a:e7:31:99:47:d3:64:ae:c9:e7:da:c8:70:b4:3d:
2d:50:85:f9:06:0c:1c:c4:ea:07:26:e2:7f:61:bc:
d7:0d:02:92:a8:d8:0f:14:9e:6f:20:6e:70:58:d2:
fd:ff:9e:9f:60:a4:76:13:0c:08:c9:14:b7:32:99:
52:06:5f:0d:a4:5c:29:3f:b5:88:bc:1e:9c:bd:c0:
ec:5e:3c:69:68:10:cc:ec:21:16:f6:af:cd:40:0d:
7c:49:dd:77:db:50:d9:67:4f:a2:da:69:55:b3:36:
fe:22:8f:15:dd:2c:bc:fe:f6:3f:38:cb:0a:2c:a0:
75:1e:11:23:bf:e1:52:24:97:9b:b2:ff:26:04:94:
48:3a:64:25:db:b1:91:2f:4a:34:dd:c3:63:d3:f5:
0e:b6:4f:c7:c9:a9:d0:cf:b0:6d:8b:6d:ca:a5:a5:
f5:20:79:c0:cb:04:f9:6f:d8:6e:86:c0:dd:ec:86:
b4:db:47:9c:61:b4:41:f7:35:98:fd:bc:96:68:b0:
02:11:83:b6:1d:11:79:65:6a:a7:7d:b3:80:c5:67:
0c:65:44:81:59:82:27:d0:d9:dc:d0:d0:c0:37:ef:
47:49:fb:ef:bf:2f:35:58:13:cb:b9:aa:57:e3:e8:
14:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CE:C6:C9:7D:64:81:5D:B0:E8:42:F8:93:0D:3C:68:5F:B0:12:5A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Lc7GyX1kgV2w6EL4kw08aF-wElo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.147.0/24
159.148.172.0/24
IPv6:
2a02:610:7501::/48
Signature Algorithm: sha256WithRSAEncryption
b3:04:93:b0:ab:db:28:7a:5a:fb:45:e7:44:82:3a:2a:56:15:
f6:e3:77:ff:27:d2:aa:a6:ca:12:28:df:01:6b:54:5d:99:a4:
50:8e:9b:49:b0:76:dd:59:61:ae:d0:d6:bd:84:a9:7c:23:56:
98:75:a2:46:65:19:3c:02:c5:67:81:10:0e:4a:95:ab:d5:20:
0b:1a:d3:3d:a8:c3:b3:c9:5f:32:81:86:6b:c9:97:cc:69:c8:
ef:86:95:15:81:df:f1:db:89:ed:b0:93:37:72:ab:38:2f:35:
3e:76:87:af:57:ba:9c:d5:ba:3c:08:3b:63:b2:1a:ac:fd:9f:
5d:f9:da:d9:66:18:af:8d:2a:ab:a2:fa:bb:19:0e:3c:83:43:
57:e7:44:1c:f6:0d:0d:f1:50:db:6c:62:60:b0:f1:2d:c1:5f:
98:94:70:47:4c:0b:2a:a6:18:58:94:c0:0a:dc:bf:cc:42:ff:
e3:b2:a2:fb:67:bc:1d:e0:b3:e4:54:0a:10:23:f9:dd:ea:37:
75:13:f8:0d:40:79:62:c6:a8:75:9c:4e:16:ad:e2:82:bd:38:
d2:81:1d:72:00:d8:9c:35:c3:51:5b:73:8a:c5:08:d4:e0:93:
10:b3:3b:25:10:60:62:3b:7d:bd:57:88:49:b4:7a:8b:67:4f:
e7:db:c3:6e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIASzyWpDAs39ZqNqWBRPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNlYzZjOTdkNjQ4MTVkYjBlODQyZjg5MzBkM2M2ODVmYjAxMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bpp86Cflql9Z8mr2pIa5zGZR9Nk
rsnn2shwtD0tUIX5BgwcxOoHJuJ/YbzXDQKSqNgPFJ5vIG5wWNL9/56fYKR2EwwI
yRS3MplSBl8NpFwpP7WIvB6cvcDsXjxpaBDM7CEW9q/NQA18Sd1321DZZ0+i2mlV
szb+Io8V3Sy8/vY/OMsKLKB1HhEjv+FSJJebsv8mBJRIOmQl27GRL0o03cNj0/UO
tk/HyanQz7Bti23KpaX1IHnAywT5b9huhsDd7Ia020ecYbRB9zWY/byWaLACEYO2
HRF5ZWqnfbOAxWcMZUSBWYIn0Nnc0NDAN+9HSfvvvy81WBPLuapX4+gUtwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC3Oxsl9ZIFdsOhC+JMNPGhfsBJaMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTGM3R3lYMWtnVjJ3NkVMNGt3MDhhRi13RWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAn5STAwQA
n5SsMA8EAgACMAkDBwAqAgYQdQEwDQYJKoZIhvcNAQELBQADggEBALMEk7Cr2yh6
WvtF50SCOipWFfbjd/8n0qqmyhIo3wFrVF2ZpFCOm0mwdt1ZYa7Q1r2EqXwjVph1
okZlGTwCxWeBEA5KlavVIAsa0z2ow7PJXzKBhmvJl8xpyO+GlRWB3/Hbie2wkzdy
qzgvNT52h69XupzVujwIO2OyGqz9n1352tlmGK+NKqui+rsZDjyDQ1fnRBz2DQ3x
UNtsYmCw8S3BX5iUcEdMCyqmGFiUwArcv8xC/+OyovtnvB3gs+RUChAj+d3qN3UT
+A1AeWLGqHWcThat4oK9ONKBHXIA2Jw1w1Fbc4rFCNTgkxCzOyUQYGI7fb1XiEm0
eotnT+fbw24=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:06:50 2024 by rpki-client on console-fra.rpki-client.org