Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mdb0gF_Ogv9FgbbBHZbITYoUrqU.roa
File: mdb0gF_Ogv9FgbbBHZbITYoUrqU.roa (raw, json)
Hash identifier: 4E7G7u77YZ4HqhqGILV6KdTTSn577tDxkjHV3FeO1A0=
Subject key identifier: 99:D6:F4:80:5F:CE:82:FF:45:81:B6:C1:1D:96:C8:4D:8A:14:AE:A5
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019078368A74C413EC432C34401DE8F5F1E4
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mdb0gF_Ogv9FgbbBHZbITYoUrqU.roa
Signing time: Wed 03 Jul 2024 10:49:18 +0000
ROA not before: Wed 03 Jul 2024 10:49:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:36:8a:74:c4:13:ec:43:2c:34:40:1d:e8:f5:f1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jul 3 10:49:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99d6f4805fce82ff4581b6c11d96c84d8a14aea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9a:8f:45:73:c8:df:24:88:8c:a9:8c:45:63:
c9:93:a5:85:0f:87:ef:4d:80:1c:35:da:85:cb:bf:
3a:a0:4e:a7:06:fa:67:21:ad:e6:66:ff:c9:01:3a:
1a:9b:96:2e:10:1e:de:c4:31:3b:71:66:c9:22:04:
d1:d8:d1:c0:c9:69:57:80:8f:75:af:2e:0a:c2:8e:
16:b4:6a:a4:7b:83:a1:ae:b6:ad:62:c9:a9:23:9e:
7c:be:59:da:17:84:ae:28:6e:28:d9:e4:06:66:93:
ed:c6:1e:4d:9d:7d:a9:d5:ba:77:b9:fe:71:87:bd:
cb:5f:48:13:7d:11:80:30:dc:64:a0:5a:47:db:2d:
22:a8:79:3a:7b:d0:c6:91:d5:03:a9:42:be:4e:60:
56:08:b9:9c:dc:87:6e:85:03:10:53:99:ec:a2:63:
40:1e:93:96:ac:d7:96:f7:f1:f1:53:d2:52:b7:1e:
af:0d:85:f9:79:e6:71:b0:d2:88:b0:f8:23:fd:47:
60:9a:6b:06:f0:5a:9c:10:96:00:8e:3d:1d:0b:52:
09:56:c8:93:02:8e:58:d3:8e:b9:c0:f2:17:d5:27:
1a:ca:36:f7:b4:b4:0f:fc:61:ef:78:f6:fe:bb:82:
cd:65:74:05:86:ef:3f:1c:f5:99:c2:81:5a:b4:e3:
1c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D6:F4:80:5F:CE:82:FF:45:81:B6:C1:1D:96:C8:4D:8A:14:AE:A5
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mdb0gF_Ogv9FgbbBHZbITYoUrqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.109.0/24
159.148.157.0/24
159.148.236.0/24
159.148.239.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:90:e8:9a:d8:17:4d:59:96:47:81:85:c0:4e:df:42:4d:60:
c5:19:8b:f9:65:01:6a:7c:58:c4:8b:23:69:6e:12:e0:66:e5:
05:d2:e1:df:f8:89:ed:48:49:9b:22:51:54:31:59:74:58:15:
3d:d0:10:84:46:76:45:ab:b6:32:40:1a:7d:0f:dd:5c:ad:5c:
58:20:56:1c:53:f0:2f:86:a9:8a:4e:14:2c:19:9d:fc:23:eb:
7d:87:ca:43:36:45:67:2e:d1:7a:03:4f:c4:3e:37:7e:73:9d:
e0:35:54:fd:8a:37:0b:ae:c9:6b:e6:84:47:0e:b9:89:36:0c:
66:5f:d5:39:09:98:13:ca:f4:22:62:21:3b:ef:f6:2d:bf:0c:
8a:f7:9f:b4:b7:ff:e1:f2:ca:fa:e3:2f:3c:57:b3:ba:2f:cf:
10:2d:5a:db:db:cf:50:59:08:d2:15:5e:84:3a:a9:98:08:d7:
ca:05:8b:4d:86:d1:4e:6c:a9:ed:95:34:91:ba:87:56:eb:08:
fa:d9:50:f1:61:25:b5:19:5a:d6:58:5d:4a:07:80:6b:8e:f6:
64:48:c7:a4:99:ed:a2:0f:d2:0e:60:d6:02:db:4b:d9:59:be:
b9:16:0d:d0:3b:9f:cc:45:40:86:00:22:c2:21:d8:e0:ed:63:
50:ac:02:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB4Nop0xBPsQyw0QB3o9fHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNzAzMTA0OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ2ZjQ4MDVmY2U4MmZmNDU4MWI2YzExZDk2Yzg0ZDhhMTRhZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZqPRXPI3ySIjKmMRWPJk6WFD4fv
TYAcNdqFy786oE6nBvpnIa3mZv/JAToam5YuEB7exDE7cWbJIgTR2NHAyWlXgI91
ry4Kwo4WtGqke4OhrratYsmpI558vlnaF4SuKG4o2eQGZpPtxh5NnX2p1bp3uf5x
h73LX0gTfRGAMNxkoFpH2y0iqHk6e9DGkdUDqUK+TmBWCLmc3IduhQMQU5nsomNA
HpOWrNeW9/HxU9JStx6vDYX5eeZxsNKIsPgj/UdgmmsG8FqcEJYAjj0dC1IJVsiT
Ao5Y0465wPIX1Scayjb3tLQP/GHvePb+u4LNZXQFhu8/HPWZwoFatOMciQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJnW9IBfzoL/RYG2wR2WyE2KFK6lMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbWRiMGdGX09ndjlGZ2JiQkhaYklUWW9VcnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAn5RtAwQA
n5SdAwQAn5TsAwQAn5TvMA0GCSqGSIb3DQEBCwUAA4IBAQCKkOia2BdNWZZHgYXA
Tt9CTWDFGYv5ZQFqfFjEiyNpbhLgZuUF0uHf+IntSEmbIlFUMVl0WBU90BCERnZF
q7YyQBp9D91crVxYIFYcU/AvhqmKThQsGZ38I+t9h8pDNkVnLtF6A0/EPjd+c53g
NVT9ijcLrslr5oRHDrmJNgxmX9U5CZgTyvQiYiE77/YtvwyK95+0t//h8sr64y88
V7O6L88QLVrb289QWQjSFV6EOqmYCNfKBYtNhtFObKntlTSRuodW6wj62VDxYSW1
GVrWWF1KB4BrjvZkSMekme2iD9IOYNYC20vZWb65Fg3QO5/MRUCGACLCIdjg7WNQ
rAJQ
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:06:50 2024 by rpki-client on console-fra.rpki-client.org