Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XqeB_PzgpdGueS9zmgP2Oz-QLP4.roa
File: XqeB_PzgpdGueS9zmgP2Oz-QLP4.roa (raw, json)
Hash identifier: ykWXfGaaha45acJ3GqX8WNaZ0tRswEGKxCQEpgFqRxA=
Subject key identifier: 5E:A7:81:FC:FC:E0:A5:D1:AE:79:2F:73:9A:03:F6:3B:3F:90:2C:FE
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E22EB9EE0ED80C77995F4FF4521B1040A
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XqeB_PzgpdGueS9zmgP2Oz-QLP4.roa
Signing time: Sat 09 Mar 2024 11:14:10 +0000
ROA not before: Sat 09 Mar 2024 11:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 159.148.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:eb:9e:e0:ed:80:c7:79:95:f4:ff:45:21:b1:04:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 9 11:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ea781fcfce0a5d1ae792f739a03f63b3f902cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:03:93:a7:58:b4:e5:be:e7:61:6e:22:c0:99:
3f:2c:2c:56:14:8f:1e:92:f4:c6:9a:82:16:72:3f:
61:40:42:ed:49:82:0e:2a:5e:98:7f:9e:2a:69:60:
f3:24:8b:26:84:77:92:ed:84:a3:39:41:78:03:9b:
dd:7d:8d:b4:76:d2:77:28:31:2c:1a:1e:81:a8:51:
4a:d3:e5:ac:19:d8:ae:38:ba:2c:d9:69:0b:15:e2:
db:9c:88:5d:e4:20:23:2f:c3:cb:3a:58:90:0c:70:
08:1f:7d:33:20:50:8c:d3:5b:85:f5:8e:17:29:fb:
8b:e8:e2:24:86:28:1a:2f:01:75:9f:98:0d:32:7b:
b6:05:d4:cf:80:67:ab:8c:a8:a9:85:d2:8b:3a:62:
4f:3e:4a:2f:3d:90:7e:68:d4:df:a3:2b:e0:39:6e:
5f:9b:36:42:88:2b:03:8d:63:d6:a0:15:14:43:d8:
67:91:6d:aa:b6:86:3e:45:78:3f:66:ab:6b:38:89:
a8:e3:35:8d:7e:50:f4:8b:1a:bd:4d:da:7f:19:e1:
23:53:99:9a:8a:e6:f4:22:ad:fe:b6:2c:bd:f7:1d:
42:43:39:da:67:46:cd:9f:e8:18:2d:b5:e3:3f:37:
1a:b7:d9:f9:46:99:87:0c:f0:ce:ee:39:cd:71:a3:
6a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A7:81:FC:FC:E0:A5:D1:AE:79:2F:73:9A:03:F6:3B:3F:90:2C:FE
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XqeB_PzgpdGueS9zmgP2Oz-QLP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.253.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:be:d6:fd:40:ee:a6:8c:47:ac:50:a2:a7:f0:5f:d4:8d:aa:
14:58:62:2b:90:47:84:45:72:d1:31:64:32:35:ce:63:c9:96:
8a:e0:35:38:f4:ae:d2:62:00:46:3b:87:9e:4c:b5:7f:e7:d8:
8a:b9:f9:b6:33:51:61:2d:fe:65:8d:14:57:bd:a1:52:c6:ae:
17:13:3c:fc:a1:67:d5:5e:56:c3:00:1b:73:8b:4f:9a:76:41:
f2:f2:94:2d:ae:69:da:26:55:1f:17:58:92:72:08:d1:8a:97:
f1:cb:5f:0f:65:7f:91:03:a2:d3:59:03:55:a0:bb:10:c0:63:
db:ee:d5:5d:19:ec:76:50:17:c0:96:21:80:ef:cf:63:9f:45:
0c:b8:f8:98:98:c4:4a:79:fb:d4:43:cb:e4:6d:68:5f:4a:c1:
ef:f6:7e:00:5f:89:e8:88:4a:8f:d6:06:77:84:a7:e1:22:d9:
3b:a7:81:20:cf:51:3c:59:cd:6c:31:bb:12:c0:10:1f:e3:99:
7f:be:ce:07:45:d7:71:e0:61:34:ef:36:82:45:01:95:74:cc:
12:06:12:8c:f7:27:fc:10:5d:2e:b2:c0:c1:72:b3:30:b3:db:
b4:1b:0e:2c:73:f4:12:97:bf:06:c1:64:64:05:c4:57:e5:44:
3f:27:80:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4i657g7YDHeZX0/0UhsQQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzA5MTExNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE3ODFmY2ZjZTBhNWQxYWU3OTJmNzM5YTAzZjYzYjNmOTAyY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQOTp1i05b7nYW4iwJk/LCxWFI8e
kvTGmoIWcj9hQELtSYIOKl6Yf54qaWDzJIsmhHeS7YSjOUF4A5vdfY20dtJ3KDEs
Gh6BqFFK0+WsGdiuOLos2WkLFeLbnIhd5CAjL8PLOliQDHAIH30zIFCM01uF9Y4X
KfuL6OIkhigaLwF1n5gNMnu2BdTPgGerjKiphdKLOmJPPkovPZB+aNTfoyvgOW5f
mzZCiCsDjWPWoBUUQ9hnkW2qtoY+RXg/ZqtrOImo4zWNflD0ixq9Tdp/GeEjU5ma
iub0Iq3+tiy99x1CQznaZ0bNn+gYLbXjPzcat9n5RpmHDPDO7jnNcaNq2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6ngfz84KXRrnkvc5oD9js/kCz+MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWHFlQl9QemdwZEd1ZVM5em1nUDJPei1RTFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5T9MA0G
CSqGSIb3DQEBCwUAA4IBAQCOvtb9QO6mjEesUKKn8F/UjaoUWGIrkEeERXLRMWQy
Nc5jyZaK4DU49K7SYgBGO4eeTLV/59iKufm2M1FhLf5ljRRXvaFSxq4XEzz8oWfV
XlbDABtzi0+adkHy8pQtrmnaJlUfF1iScgjRipfxy18PZX+RA6LTWQNVoLsQwGPb
7tVdGex2UBfAliGA789jn0UMuPiYmMRKefvUQ8vkbWhfSsHv9n4AX4noiEqP1gZ3
hKfhItk7p4Egz1E8Wc1sMbsSwBAf45l/vs4HRddx4GE07zaCRQGVdMwSBhKM9yf8
EF0ussDBcrMws9u0Gw4sc/QSl78GwWRkBcRX5UQ/J4AX
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:06:50 2024 by rpki-client on console-fra.rpki-client.org