Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/NuLpBZ3Bkx8klzZL6ka5tqRUzJ0.roa
File: NuLpBZ3Bkx8klzZL6ka5tqRUzJ0.roa (raw, json)
Hash identifier: ESGlR16pLhor8ph+Sgw0tgY+oVqNgmZUqfiiwzDIUlE=
Subject key identifier: 36:E2:E9:05:9D:C1:93:1F:24:97:36:4B:EA:46:B9:B6:A4:54:CC:9D
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018D7DD2601D90B9CCF3711C14A01E11E22E
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/NuLpBZ3Bkx8klzZL6ka5tqRUzJ0.roa
Signing time: Tue 06 Feb 2024 09:49:15 +0000
ROA not before: Tue 06 Feb 2024 09:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 158.46.132.0/22 maxlen: 22
158.46.136.0/21 maxlen: 21
158.46.144.0/20 maxlen: 24
158.46.152.0/24 maxlen: 24
158.46.156.0/24 maxlen: 24
158.46.158.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.164.0/22 maxlen: 22
158.46.168.0/21 maxlen: 21
158.46.184.0/23 maxlen: 23
158.46.186.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
158.46.204.0/24 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.36.0/23 maxlen: 23
178.171.86.0/24 maxlen: 24
178.171.103.0/24 maxlen: 24
178.171.105.0/24 maxlen: 24
178.171.106.0/23 maxlen: 23
178.171.108.0/23 maxlen: 23
178.171.112.0/23 maxlen: 23
178.171.114.0/23 maxlen: 23
178.171.116.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:d2:60:1d:90:b9:cc:f3:71:1c:14:a0:1e:11:e2:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Feb 6 09:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36e2e9059dc1931f2497364bea46b9b6a454cc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:da:b8:45:f5:b4:bf:d8:e2:ec:44:e6:f9:27:
40:42:52:27:f9:a3:8e:a2:44:db:71:6e:7a:8c:11:
28:40:8f:6c:b8:5f:33:5d:79:b8:7a:a0:ba:3b:db:
4a:c6:31:e6:d9:bd:87:af:d4:3f:c7:84:8b:46:cf:
e3:fb:b6:be:10:26:f6:d3:1d:3c:cc:09:a6:d7:8d:
e7:9d:06:1f:43:88:36:20:c1:ad:df:f8:8a:b2:ce:
0b:ce:ab:70:8b:21:84:bf:94:d9:47:18:65:59:6f:
23:67:db:cc:04:75:fb:91:9e:03:03:b0:92:16:ba:
23:60:c9:79:63:e7:3c:01:91:2c:be:3f:9c:12:ed:
72:1f:a8:f7:29:72:0e:3a:36:8b:6d:88:58:20:64:
ba:78:23:4d:c4:77:8f:94:c9:ef:a6:1b:e4:73:42:
a6:9b:42:ba:18:d5:04:5e:55:71:0e:5e:3a:ee:07:
6b:8d:3d:11:cb:f9:2b:f9:52:78:5c:83:85:99:51:
66:3b:f1:15:81:5b:a7:27:45:a7:2e:af:dd:be:f6:
44:7e:af:20:7d:01:d4:83:22:5c:5f:4d:32:92:1b:
27:3d:7c:48:ff:86:ce:62:7e:7c:be:82:bd:87:44:
bc:66:1f:10:7b:d4:67:fa:91:81:2c:9e:a8:cc:de:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E2:E9:05:9D:C1:93:1F:24:97:36:4B:EA:46:B9:B6:A4:54:CC:9D
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/NuLpBZ3Bkx8klzZL6ka5tqRUzJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.132.0-158.46.161.255
158.46.164.0-158.46.175.255
158.46.184.0/21
158.46.204.0/24
178.171.20.0/22
178.171.36.0/23
178.171.86.0/24
178.171.103.0/24
178.171.105.0-178.171.109.255
178.171.112.0-178.171.117.255
Signature Algorithm: sha256WithRSAEncryption
76:ae:56:6d:66:a4:7d:05:e1:d5:ff:35:fc:9b:1a:73:cb:cf:
2a:d8:7b:b9:74:10:b8:e2:75:e4:be:db:00:d2:51:d5:d3:aa:
3b:3c:22:54:c4:7a:eb:ea:fa:62:dd:d2:fc:1a:6b:b7:1f:6b:
d8:ca:40:d2:be:e9:d3:da:51:f4:af:df:00:ee:ca:29:8f:79:
81:30:a1:d6:92:c1:4b:f3:27:3b:fa:b1:49:03:86:f8:ad:9f:
67:ae:5b:8f:66:02:a1:52:f4:0b:bd:d7:2e:fb:a2:57:a7:a7:
f8:7e:16:3e:76:45:77:38:d2:92:2b:61:64:75:0f:54:82:0b:
8f:9a:e1:ce:f5:56:8f:c5:4b:76:bd:89:b6:77:6a:ac:b0:9a:
24:6c:88:02:7d:0a:3f:05:f6:75:af:bd:6a:3a:3b:90:40:bc:
06:9e:6f:14:f8:fa:ee:05:16:2a:39:b0:56:30:93:7e:61:d4:
48:51:14:59:b6:dc:82:ef:cb:1e:6b:86:cc:5b:0e:8f:f8:50:
88:d8:f5:c4:39:bb:e8:85:56:21:28:4a:f2:4e:13:a5:f5:55:
bd:8c:6a:3a:e3:67:59:31:7a:34:39:ce:17:73:1b:a3:b3:a4:
e2:71:41:10:60:0a:e5:02:49:c4:77:bb:80:42:3f:4f:0e:6b:
a8:87:93:60
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY190mAdkLnM83EcFKAeEeIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMjA2MDk0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmUyZTkwNTlkYzE5MzFmMjQ5NzM2NGJlYTQ2YjliNmE0NTRjYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Nq4RfW0v9ji7ETm+SdAQlIn+aOO
okTbcW56jBEoQI9suF8zXXm4eqC6O9tKxjHm2b2Hr9Q/x4SLRs/j+7a+ECb20x08
zAmm143nnQYfQ4g2IMGt3/iKss4LzqtwiyGEv5TZRxhlWW8jZ9vMBHX7kZ4DA7CS
FrojYMl5Y+c8AZEsvj+cEu1yH6j3KXIOOjaLbYhYIGS6eCNNxHePlMnvphvkc0Km
m0K6GNUEXlVxDl467gdrjT0Ry/kr+VJ4XIOFmVFmO/EVgVunJ0WnLq/dvvZEfq8g
fQHUgyJcX00ykhsnPXxI/4bOYn58voK9h0S8Zh8Qe9Rn+pGBLJ6ozN7zOQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDbi6QWdwZMfJJc2S+pGubakVMydMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvTnVMcEJaM0JreDhrbHpaTDZrYTV0cVJVekowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBAKeLoQD
BAGeLqAwDAMEAp4upAMEBJ4uoAMEA54uuAMEAJ4uzAMEArKrFAMEAbKrJAMEALKr
VgMEALKrZzAMAwQAsqtpAwQBsqtsMAwDBASyq3ADBAGyq3QwDQYJKoZIhvcNAQEL
BQADggEBAHauVm1mpH0F4dX/NfybGnPLzyrYe7l0ELjideS+2wDSUdXTqjs8IlTE
euvq+mLd0vwaa7cfa9jKQNK+6dPaUfSv3wDuyimPeYEwodaSwUvzJzv6sUkDhvit
n2euW49mAqFS9Au91y77olenp/h+Fj52RXc40pIrYWR1D1SCC4+a4c71Vo/FS3a9
ibZ3aqywmiRsiAJ9Cj8F9nWvvWo6O5BAvAaebxT4+u4FFio5sFYwk35h1EhRFFm2
3ILvyx5rhsxbDo/4UIjY9cQ5u+iFViEoSvJOE6X1Vb2MajrjZ1kxejQ5zhdzG6Oz
pOJxQRBgCuUCScR3u4BCP08Oa6iHk2A=
-----END CERTIFICATE-----
Generated at Sun Apr 28 14:50:19 2024 by rpki-client on console-ams.rpki-client.org