Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/pJkkV9IIycLjgnkqoNUc3eHg_sY.roa
File: pJkkV9IIycLjgnkqoNUc3eHg_sY.roa (raw, json)
Hash identifier: 4UYbWUlIqXlB8Yga0IFkgSmEBOdksb+I5tk+sP59anc=
Subject key identifier: A4:99:24:57:D2:08:C9:C2:E3:82:79:2A:A0:D5:1C:DD:E1:E0:FE:C6
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 0190168BBB3F885CE978209FA03D8AA9B5A3
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/pJkkV9IIycLjgnkqoNUc3eHg_sY.roa
Signing time: Fri 14 Jun 2024 11:39:34 +0000
ROA not before: Fri 14 Jun 2024 11:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2773
IP address blocks: 164.18.0.0/24 maxlen: 24
164.18.1.0/24 maxlen: 24
164.18.2.0/23 maxlen: 23
164.18.4.0/22 maxlen: 22
164.18.8.0/22 maxlen: 22
164.18.12.0/22 maxlen: 22
164.18.65.0/24 maxlen: 24
164.18.128.0/23 maxlen: 23
164.18.160.0/24 maxlen: 24
164.18.161.0/24 maxlen: 24
164.18.162.0/24 maxlen: 24
164.18.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 17:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:8b:bb:3f:88:5c:e9:78:20:9f:a0:3d:8a:a9:b5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Jun 14 11:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4992457d208c9c2e382792aa0d51cdde1e0fec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ed:b8:09:e0:d5:a6:45:96:64:26:fa:a8:f0:
15:5e:4d:a8:19:29:aa:43:2a:23:b2:76:e0:0c:fa:
f5:ac:5d:f9:52:c8:76:c6:12:ce:af:0e:b3:d8:61:
3d:25:b1:17:59:fc:5a:02:6f:46:2b:6e:d3:a1:91:
51:95:1c:2d:ac:38:99:eb:6b:51:ad:16:c4:3f:60:
59:25:5e:c1:64:8e:9c:84:f2:7d:4c:35:b9:12:71:
73:6a:75:73:13:a2:bb:92:9e:34:fb:b8:f1:09:03:
25:97:84:47:dc:ae:4f:eb:e8:01:14:4c:2a:7b:95:
98:d5:79:64:e7:60:28:d4:ec:8b:37:7a:e1:0e:6f:
84:e0:13:4c:b3:e3:06:a0:73:44:b0:bb:65:da:61:
51:e9:67:5e:6a:d1:85:d2:c3:f2:f9:23:b5:6f:fb:
ce:3e:2f:24:3a:d9:59:fe:8a:96:69:5c:59:f5:de:
15:b2:eb:47:47:f6:22:8e:0e:1e:98:de:41:a6:f1:
b4:62:09:38:7f:78:64:ae:d6:54:7f:5a:b7:f2:da:
69:da:e8:02:12:5f:93:fd:f2:63:81:f6:6f:12:4a:
ba:85:d1:37:ac:d9:76:56:02:03:d0:fc:38:64:d3:
9c:64:4f:66:3e:01:5e:6b:3f:f4:19:15:ad:10:c9:
4e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:24:57:D2:08:C9:C2:E3:82:79:2A:A0:D5:1C:DD:E1:E0:FE:C6
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/pJkkV9IIycLjgnkqoNUc3eHg_sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.0.0/20
164.18.65.0/24
164.18.128.0/23
164.18.160.0-164.18.162.255
164.18.164.0/24
Signature Algorithm: sha256WithRSAEncryption
da:32:83:48:9a:11:be:74:4a:11:47:22:02:c8:26:19:fc:1a:
9e:30:10:e8:df:76:24:f3:cf:76:4d:bb:45:22:d2:d0:85:b8:
4d:19:64:66:e0:e6:e5:99:6e:d3:fa:aa:5f:fb:1f:4c:15:fb:
f1:0a:22:ea:57:2c:e8:a5:93:12:11:9f:40:2c:b4:0f:5a:06:
c5:da:a0:77:99:32:5e:32:f5:e9:52:a3:fa:17:27:4d:54:15:
b8:21:3f:e2:61:23:c9:a5:6f:ab:5f:c9:45:77:f0:31:ba:be:
51:0e:b1:51:93:f5:00:f6:4d:1c:a2:0c:4c:3c:ae:cb:04:07:
64:76:1e:8e:3d:77:df:f9:9e:5d:c3:80:91:fe:30:d0:72:42:
64:f3:6e:7d:34:bd:02:e5:4d:8d:1c:d3:1d:1f:6a:f0:1d:aa:
2d:ee:e1:94:f7:b5:e6:eb:28:bc:0b:44:b6:e0:f2:5d:08:b4:
88:18:c3:f3:0f:0a:1d:cf:fa:6f:2b:48:f4:9c:4f:26:13:d3:
16:38:ff:dd:8a:a6:da:35:86:9b:da:98:5e:a6:c0:ef:60:a9:
10:ee:d5:f4:ef:67:ba:9f:66:99:3e:81:08:a1:b7:ef:81:6f:
0d:7b:ef:e9:4b:61:20:f2:1a:0c:5c:4a:6a:fb:1a:92:d3:52:
58:20:e2:c0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZAWi7s/iFzpeCCfoD2KqbWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjQwNjE0MTEzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk5MjQ1N2QyMDhjOWMyZTM4Mjc5MmFhMGQ1MWNkZGUxZTBmZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju24CeDVpkWWZCb6qPAVXk2oGSmq
QyojsnbgDPr1rF35Ush2xhLOrw6z2GE9JbEXWfxaAm9GK27ToZFRlRwtrDiZ62tR
rRbEP2BZJV7BZI6chPJ9TDW5EnFzanVzE6K7kp40+7jxCQMll4RH3K5P6+gBFEwq
e5WY1Xlk52Ao1OyLN3rhDm+E4BNMs+MGoHNEsLtl2mFR6WdeatGF0sPy+SO1b/vO
Pi8kOtlZ/oqWaVxZ9d4VsutHR/Yijg4emN5BpvG0Ygk4f3hkrtZUf1q38tpp2ugC
El+T/fJjgfZvEkq6hdE3rNl2VgID0Pw4ZNOcZE9mPgFeaz/0GRWtEMlOQQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKSZJFfSCMnC44J5KqDVHN3h4P7GMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvcEpra1Y5SUl5Y0xqZ25rcW9OVWMzZUhnX3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEpBIAAwQA
pBJBAwQBpBKAMAwDBAWkEqADBACkEqIDBACkEqQwDQYJKoZIhvcNAQELBQADggEB
ANoyg0iaEb50ShFHIgLIJhn8Gp4wEOjfdiTzz3ZNu0Ui0tCFuE0ZZGbg5uWZbtP6
ql/7H0wV+/EKIupXLOilkxIRn0AstA9aBsXaoHeZMl4y9elSo/oXJ01UFbghP+Jh
I8mlb6tfyUV38DG6vlEOsVGT9QD2TRyiDEw8rssEB2R2Ho49d9/5nl3DgJH+MNBy
QmTzbn00vQLlTY0c0x0favAdqi3u4ZT3tebrKLwLRLbg8l0ItIgYw/MPCh3P+m8r
SPScTyYT0xY4/92Kpto1hpvamF6mwO9gqRDu1fTvZ7qfZpk+gQiht++Bbw177+lL
YSDyGgxcSmr7GpLTUlgg4sA=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:15:44 2024 by rpki-client on console-ams.rpki-client.org