Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/ScK3jLWvWEOepAsX1qBVZdEEOHw.roa
File: ScK3jLWvWEOepAsX1qBVZdEEOHw.roa (raw, json)
Hash identifier: CAF/+W7NlGGJlJScCU8VTJHqa7bF28YZXRqUWE55aK0=
Subject key identifier: 49:C2:B7:8C:B5:AF:58:43:9E:A4:0B:17:D6:A0:55:65:D1:04:38:7C
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019275B3361E47D2BC343A82EFE53A52F603
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/ScK3jLWvWEOepAsX1qBVZdEEOHw.roa
Signing time: Thu 10 Oct 2024 09:12:11 +0000
ROA not before: Thu 10 Oct 2024 09:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204720
IP address blocks: 148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:b3:36:1e:47:d2:bc:34:3a:82:ef:e5:3a:52:f6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Oct 10 09:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49c2b78cb5af58439ea40b17d6a05565d104387c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2b:55:b6:d6:02:9e:a6:01:df:69:9d:09:8e:
c4:02:f1:7d:c6:a7:db:82:4c:a4:f9:b5:af:39:c0:
46:fb:5e:73:93:7b:01:0d:59:84:4b:3f:1e:22:04:
d4:c3:b5:32:ae:84:f5:69:9b:3b:d2:13:80:dd:72:
06:2a:f6:67:c3:76:6f:60:6e:24:f0:58:82:d7:ef:
c2:56:d9:d5:80:41:ff:74:e7:d1:9a:f0:db:26:4f:
a9:cf:16:2b:2a:87:78:da:70:f5:41:1d:38:cf:74:
30:6b:f4:ce:f5:a4:1f:32:ea:08:3a:b4:51:40:c2:
6d:9e:cb:6f:ff:24:69:4a:9e:2d:5f:e8:d6:a8:a9:
38:3b:2b:5e:ba:4e:22:46:26:8f:e0:f5:3a:af:b4:
fa:ed:aa:e7:60:d4:14:59:6b:96:53:ee:1e:8b:13:
d0:b8:41:3b:cc:ba:22:53:9f:4a:0e:5e:aa:28:66:
51:f3:d8:a3:c1:35:5c:c5:5e:d3:b1:9b:e1:ad:6a:
10:40:59:cd:2d:bc:3b:c5:27:fe:da:46:dd:f9:3f:
c4:75:7c:42:4c:6c:84:8c:88:cf:6f:2e:a1:cc:07:
45:9c:6a:82:b9:ef:3b:28:2f:66:cf:da:9f:24:96:
51:d8:cd:68:c2:6e:83:8e:c9:d6:ed:86:7b:b7:4e:
d8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C2:B7:8C:B5:AF:58:43:9E:A4:0B:17:D6:A0:55:65:D1:04:38:7C
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/ScK3jLWvWEOepAsX1qBVZdEEOHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.60.0/22
163.171.153.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:3d:98:14:47:7e:8a:7e:f3:81:8f:fb:cd:38:d2:c3:b7:42:
a6:a9:8d:fa:12:c6:7f:34:17:f2:f4:7d:c7:dd:0d:32:59:f9:
a5:b2:23:d6:4c:60:bc:81:b0:03:68:17:be:00:32:ca:28:f6:
62:97:7b:47:4a:50:b2:1b:f3:3a:e0:cf:4b:ea:57:ff:13:7f:
3a:72:e6:19:94:38:02:2a:4c:1b:4b:2d:96:f1:be:69:c9:33:
f6:c0:f9:13:84:9c:ce:ae:e8:53:b1:72:48:f2:b6:a1:64:1f:
d2:a2:4c:eb:ff:d5:12:b3:29:e8:bd:10:2e:e6:f2:be:ca:ac:
72:97:45:ff:f1:ff:6d:91:a0:26:d0:52:17:a0:41:60:ec:3e:
e7:6d:06:b7:6e:f4:dd:cf:1b:22:3e:2d:1c:85:cd:1c:5e:a6:
9d:7b:4d:d7:d9:70:f9:78:9f:cf:76:35:85:6d:dd:af:57:5e:
8f:46:0c:20:b1:2a:64:0e:18:89:7b:60:e9:f3:1b:bf:fd:57:
19:56:e8:e6:d9:86:93:5d:a4:fb:8b:df:c4:69:c3:d1:04:fa:
94:c5:9a:75:78:1c:90:1f:b6:72:5d:4b:b9:b6:97:9c:bb:2e:
7d:d0:80:e1:2e:8c:92:bf:5e:40:5b:4a:2d:b3:f9:78:51:6f:
5f:dc:54:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJ1szYeR9K8NDqC7+U6UvYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQxMDEwMDkxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWMyYjc4Y2I1YWY1ODQzOWVhNDBiMTdkNmEwNTU2NWQxMDQzODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ytVttYCnqYB32mdCY7EAvF9xqfb
gkyk+bWvOcBG+15zk3sBDVmESz8eIgTUw7UyroT1aZs70hOA3XIGKvZnw3ZvYG4k
8FiC1+/CVtnVgEH/dOfRmvDbJk+pzxYrKod42nD1QR04z3Qwa/TO9aQfMuoIOrRR
QMJtnstv/yRpSp4tX+jWqKk4Oyteuk4iRiaP4PU6r7T67arnYNQUWWuWU+4eixPQ
uEE7zLoiU59KDl6qKGZR89ijwTVcxV7TsZvhrWoQQFnNLbw7xSf+2kbd+T/EdXxC
TGyEjIjPby6hzAdFnGqCue87KC9mz9qfJJZR2M1owm6DjsnW7YZ7t07YJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEnCt4y1r1hDnqQLF9agVWXRBDh8MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvU2NLM2pMV3ZXRU9lcEFzWDFxQlZaZEVFT0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQClP08AwQA
o6uZMA0GCSqGSIb3DQEBCwUAA4IBAQA8PZgUR36KfvOBj/vNONLDt0KmqY36EsZ/
NBfy9H3H3Q0yWfmlsiPWTGC8gbADaBe+ADLKKPZil3tHSlCyG/M64M9L6lf/E386
cuYZlDgCKkwbSy2W8b5pyTP2wPkThJzOruhTsXJI8rahZB/Sokzr/9USsynovRAu
5vK+yqxyl0X/8f9tkaAm0FIXoEFg7D7nbQa3bvTdzxsiPi0chc0cXqade03X2XD5
eJ/PdjWFbd2vV16PRgwgsSpkDhiJe2Dp8xu//VcZVujm2YaTXaT7i9/EacPRBPqU
xZp1eByQH7ZyXUu5tpecuy590IDhLoySv15AW0ots/l4UW9f3FTA
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:29:36 2024 by rpki-client on console-ams.rpki-client.org