Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/jMSlQw_vhkjA1k0g83RLF6zZARE.roa
File: jMSlQw_vhkjA1k0g83RLF6zZARE.roa (raw, json)
Hash identifier: PwuSpFbhZTUn334kTI84IeM77JZsbJitDgKoAXArWBU=
Subject key identifier: 8C:C4:A5:43:0F:EF:86:48:C0:D6:4D:20:F3:74:4B:17:AC:D9:01:11
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2EBA066AFAB7471B919562C86E259
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/jMSlQw_vhkjA1k0g83RLF6zZARE.roa
Signing time: Thu 02 Jan 2025 01:48:13 +0000
ROA not before: Thu 02 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35478
IP address blocks: 159.148.195.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:eb:a0:66:af:ab:74:71:b9:19:56:2c:86:e2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cc4a5430fef8648c0d64d20f3744b17acd90111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:39:11:ff:dc:63:6a:25:a8:29:00:84:18:47:
63:b1:a1:91:8a:3b:46:e8:fd:11:02:67:a8:5b:69:
a1:b3:28:b5:43:3e:e0:61:16:a8:cf:13:aa:1f:92:
6e:f6:c5:33:40:24:f2:e1:fe:41:65:4a:f0:0b:19:
25:08:37:06:fe:a2:b0:5d:ce:f5:dc:a3:1a:ab:2e:
40:01:9b:5d:b5:4e:d8:cc:ec:58:3c:ae:3b:83:04:
b2:37:8a:55:8c:cf:c2:e1:85:73:50:17:a2:46:1a:
73:2b:42:d0:5f:83:6a:22:05:d4:d2:f1:c0:57:17:
78:da:b2:aa:fe:1b:22:e3:61:6b:79:e6:83:5d:a5:
11:cd:69:8e:5c:d6:da:6e:6b:fb:a7:94:3b:fa:85:
32:7e:06:5e:28:19:37:86:fa:8d:9d:5a:1c:0e:e7:
96:72:38:28:8e:75:98:c4:d5:33:b6:48:4b:f6:64:
96:34:97:35:24:14:7c:c4:a3:7e:93:9f:4f:b0:f1:
4a:4b:3c:1d:00:a3:45:65:ce:95:a2:d5:a8:99:d2:
11:3a:db:06:21:c4:18:a1:e9:19:22:ee:d1:d9:37:
ad:42:f1:3d:cf:ba:f2:af:81:dd:8b:a6:bb:3d:c6:
1a:17:5d:21:42:a1:9a:70:f0:8a:37:60:1e:2e:86:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C4:A5:43:0F:EF:86:48:C0:D6:4D:20:F3:74:4B:17:AC:D9:01:11
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/jMSlQw_vhkjA1k0g83RLF6zZARE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.195.0/24
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:7e:d6:c5:8a:65:99:13:a7:31:d1:f5:49:6a:b0:73:ee:42:
fc:ac:d9:02:4a:f4:e5:8f:46:13:43:8d:8a:1e:65:9b:9f:e4:
f3:57:8b:1a:56:ed:26:da:bc:d7:83:7b:7b:8d:e9:8c:ea:79:
d1:bb:a4:db:68:65:64:9c:46:96:9b:4d:4f:8d:89:09:c8:32:
b8:51:f1:60:d0:54:05:4e:73:7d:78:e6:e6:b5:36:3d:33:a8:
94:e7:53:9b:b3:f8:46:10:fc:34:3c:54:71:fe:4a:0c:de:cb:
0b:80:f3:82:0a:96:8d:b4:48:99:53:bf:c8:75:63:f7:8c:71:
a4:58:22:1d:8b:14:da:30:23:e5:fd:ed:aa:c6:4b:c9:df:0c:
cf:05:1a:08:d1:9d:a9:8f:9a:58:69:15:84:ce:86:51:53:ef:
8d:6c:89:98:5d:f7:e7:94:de:3f:8e:07:78:94:51:44:3e:0e:
48:8f:b2:14:fc:2a:ac:fb:d4:85:d8:b1:fb:1e:e6:7a:1a:c8:
1a:7e:fe:d8:2b:4f:db:f4:3a:64:f6:e0:b3:a6:ec:f8:df:6e:
61:c8:c2:74:08:4e:cc:84:0d:bd:3e:14:70:d9:18:fd:29:98:
19:5a:aa:41:a6:3d:2a:c4:31:7a:30:21:46:fb:24:09:f0:4b:
1d:23:bd:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksuugZq+rdHG5GVYshuJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2M0YTU0MzBmZWY4NjQ4YzBkNjRkMjBmMzc0NGIxN2FjZDkwMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDkR/9xjaiWoKQCEGEdjsaGRijtG
6P0RAmeoW2mhsyi1Qz7gYRaozxOqH5Ju9sUzQCTy4f5BZUrwCxklCDcG/qKwXc71
3KMaqy5AAZtdtU7YzOxYPK47gwSyN4pVjM/C4YVzUBeiRhpzK0LQX4NqIgXU0vHA
Vxd42rKq/hsi42FreeaDXaURzWmOXNbabmv7p5Q7+oUyfgZeKBk3hvqNnVocDueW
cjgojnWYxNUztkhL9mSWNJc1JBR8xKN+k59PsPFKSzwdAKNFZc6VotWomdIROtsG
IcQYoekZIu7R2TetQvE9z7ryr4Hdi6a7PcYaF10hQqGacPCKN2AeLobZAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIzEpUMP74ZIwNZNIPN0Sxes2QERMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvak1TbFF3X3Zoa2pBMWswZzgzUkxGNnpaQVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAn5TDAwQA
n5TMAwQAn5TYAwQAn5TaMA0GCSqGSIb3DQEBCwUAA4IBAQDJftbFimWZE6cx0fVJ
arBz7kL8rNkCSvTlj0YTQ42KHmWbn+TzV4saVu0m2rzXg3t7jemM6nnRu6TbaGVk
nEaWm01PjYkJyDK4UfFg0FQFTnN9eObmtTY9M6iU51Obs/hGEPw0PFRx/koM3ssL
gPOCCpaNtEiZU7/IdWP3jHGkWCIdixTaMCPl/e2qxkvJ3wzPBRoI0Z2pj5pYaRWE
zoZRU++NbImYXffnlN4/jgd4lFFEPg5Ij7IU/Cqs+9SF2LH7HuZ6Gsgafv7YK0/b
9Dpk9uCzpuz4325hyMJ0CE7MhA29PhRw2Rj9KZgZWqpBpj0qxDF6MCFG+yQJ8Esd
I71G
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:13 2025 by rpki-client