Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/mISpu_n-YL9vYFzSE14Tk2a1rNU.roa
File: mISpu_n-YL9vYFzSE14Tk2a1rNU.roa (raw, json)
Hash identifier: WZhc0IAPvclblTG7bYl2mtS/VFQmUVl/Lx1k/Xr9M6w=
Subject key identifier: 98:84:A9:BB:F9:FE:60:BF:6F:60:5C:D2:13:5E:13:93:66:B5:AC:D5
Certificate issuer: /CN=709d69957d333432accac810231e289388e302e2
Certificate serial: 018CC5013C0EAEB2F7CBB6B874286653071A
Authority key identifier: 70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/mISpu_n-YL9vYFzSE14Tk2a1rNU.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13287
IP address blocks: 178.255.226.0/24 maxlen: 24
178.255.225.0/24 maxlen: 24
178.255.224.0/24 maxlen: 24
178.255.230.0/24 maxlen: 24
178.255.229.0/24 maxlen: 24
178.255.228.0/24 maxlen: 24
178.255.231.0/24 maxlen: 24
178.255.227.0/24 maxlen: 24
2a00:a220::/33 maxlen: 33
2a00:a220:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/cJ1plX0zNDKsysgQIx4ok4jjAuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/cJ1plX0zNDKsysgQIx4ok4jjAuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3c:0e:ae:b2:f7:cb:b6:b8:74:28:66:53:07:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709d69957d333432accac810231e289388e302e2
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9884a9bbf9fe60bf6f605cd2135e139366b5acd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dc:00:11:b5:7e:12:35:b7:96:fc:13:15:d8:
02:c1:6d:b7:91:f8:e7:42:d0:75:20:64:8e:a0:66:
4f:0a:27:96:9c:5d:51:5a:82:87:f8:7e:a1:d6:c3:
c6:88:c5:29:8b:e1:9c:6a:63:ef:09:82:ce:c3:7b:
1b:a2:f4:7c:80:27:85:cf:a6:dd:08:f8:cc:93:eb:
37:55:8a:a2:cd:45:c7:48:ca:f5:98:fa:02:a0:f3:
20:91:bd:1c:42:ad:cb:a2:a8:6d:28:48:19:36:42:
4d:02:85:80:e4:bc:87:58:8d:df:40:c9:af:0c:13:
64:4c:86:84:7a:0b:fd:b0:5d:64:92:c9:3e:22:a8:
a0:70:79:a9:3a:db:4b:e9:50:ce:93:49:d3:0a:95:
26:97:7c:3f:e1:e1:42:6d:f2:e6:7c:b8:17:ec:4f:
5e:b9:5a:2b:7d:f2:31:cc:22:b6:1f:4a:97:f8:8a:
87:5d:07:c6:06:86:92:ed:24:5f:b0:4e:de:2d:b3:
7a:7a:88:e2:91:6b:22:e7:62:09:2e:b6:85:cd:c0:
fc:a4:06:41:09:12:e0:14:ed:8e:54:19:88:de:23:
e9:de:97:e0:8a:13:01:8c:c1:d0:ac:24:0c:f2:32:
d6:2e:bd:ec:2c:fd:5a:03:21:50:0c:c8:50:86:7c:
b4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:84:A9:BB:F9:FE:60:BF:6F:60:5C:D2:13:5E:13:93:66:B5:AC:D5
X509v3 Authority Key Identifier:
keyid:70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/mISpu_n-YL9vYFzSE14Tk2a1rNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/cJ1plX0zNDKsysgQIx4ok4jjAuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.224.0/21
IPv6:
2a00:a220::/32
Signature Algorithm: sha256WithRSAEncryption
35:bf:09:51:1c:7f:ff:c0:e6:54:c2:d2:e5:cf:92:0e:a4:a1:
72:b0:69:ab:69:49:92:01:cf:8b:72:00:23:55:6b:0a:a0:b5:
5c:36:6c:4c:7e:fa:bc:50:74:aa:94:02:e2:14:dd:97:6a:1b:
87:d0:04:3c:88:b5:50:64:b1:61:26:cf:d4:e6:bc:74:f0:ba:
44:54:a9:59:86:18:aa:ad:8a:11:be:f9:d0:d6:30:ba:c9:c6:
e1:d9:2e:3d:29:9a:60:aa:2b:7f:e0:89:3b:9a:42:16:2a:bc:
62:3f:af:a2:e8:c0:ee:10:ef:ce:63:36:ad:4b:85:58:ca:eb:
08:00:c8:60:41:d3:8e:f1:52:c6:56:dd:e2:c5:28:0e:65:f4:
4e:65:4b:d4:7c:fd:3f:a8:67:65:70:6e:d8:3c:9b:04:14:78:
ce:57:dc:d2:d3:c3:9c:6e:6d:72:bc:b4:b6:b4:85:74:72:04:
fe:b5:f8:c9:9a:88:e2:7b:31:82:72:4c:f3:70:07:5e:4c:f6:
a4:68:9c:44:cf:93:22:3f:18:37:00:89:6d:f4:bc:4b:e5:54:
e9:93:70:36:54:ba:db:b6:ad:16:84:fe:df:b2:f3:be:c8:80:
59:82:43:a2:10:64:cb:f6:a8:88:85:a4:60:f3:41:01:bd:07:
ae:82:b5:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFATwOrrL3y7a4dChmUwcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWQ2OTk1N2QzMzM0MzJhY2NhYzgxMDIzMWUyODkzODhl
MzAyZTIwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODg0YTliYmY5ZmU2MGJmNmY2MDVjZDIxMzVlMTM5MzY2YjVhY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudwAEbV+EjW3lvwTFdgCwW23kfjn
QtB1IGSOoGZPCieWnF1RWoKH+H6h1sPGiMUpi+GcamPvCYLOw3sbovR8gCeFz6bd
CPjMk+s3VYqizUXHSMr1mPoCoPMgkb0cQq3LoqhtKEgZNkJNAoWA5LyHWI3fQMmv
DBNkTIaEegv9sF1kksk+IqigcHmpOttL6VDOk0nTCpUml3w/4eFCbfLmfLgX7E9e
uVorffIxzCK2H0qX+IqHXQfGBoaS7SRfsE7eLbN6eojikWsi52IJLraFzcD8pAZB
CRLgFO2OVBmI3iPp3pfgihMBjMHQrCQM8jLWLr3sLP1aAyFQDMhQhny0EQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJiEqbv5/mC/b2Bc0hNeE5NmtazVMB8GA1UdIwQY
MBaAFHCdaZV9MzQyrMrIECMeKJOI4wLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQt
MDhhNjg2MzJhNjNhLzEvbUlTcHVfbi1ZTDl2WUZ6U0UxNFRrMmExck5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQtMDhhNjg2MzJhNjNh
LzEvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsv/gMA0E
AgACMAcDBQAqAKIgMA0GCSqGSIb3DQEBCwUAA4IBAQA1vwlRHH//wOZUwtLlz5IO
pKFysGmraUmSAc+LcgAjVWsKoLVcNmxMfvq8UHSqlALiFN2XahuH0AQ8iLVQZLFh
Js/U5rx08LpEVKlZhhiqrYoRvvnQ1jC6ycbh2S49KZpgqit/4Ik7mkIWKrxiP6+i
6MDuEO/OYzatS4VYyusIAMhgQdOO8VLGVt3ixSgOZfROZUvUfP0/qGdlcG7YPJsE
FHjOV9zS08Ocbm1yvLS2tIV0cgT+tfjJmojiezGCckzzcAdeTPakaJxEz5MiPxg3
AIlt9LxL5VTpk3A2VLrbtq0WhP7fsvO+yIBZgkOiEGTL9qiIhaRg80EBvQeugrXW
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:09:07 2024 by rpki-client on console-ams.rpki-client.org