Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/RLsEW7ao0XMCLC9L0CiAl9uWz2w.roa
File: RLsEW7ao0XMCLC9L0CiAl9uWz2w.roa (raw, json)
Hash identifier: ZgpenAHX2NMC7MgwUun10IPNTjt7hVvfidLJ2FWAaGY=
Subject key identifier: 44:BB:04:5B:B6:A8:D1:73:02:2C:2F:4B:D0:28:80:97:DB:96:CF:6C
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019224034D60A406C3076A3FAF6DF293453C
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/RLsEW7ao0XMCLC9L0CiAl9uWz2w.roa
Signing time: Tue 24 Sep 2024 12:30:49 +0000
ROA not before: Tue 24 Sep 2024 12:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:03:4d:60:a4:06:c3:07:6a:3f:af:6d:f2:93:45:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Sep 24 12:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44bb045bb6a8d173022c2f4bd0288097db96cf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f1:bd:74:3a:93:3d:48:b3:79:d7:eb:1a:2a:
77:67:e1:5f:0e:58:e1:7e:49:dc:40:e3:2c:c9:a2:
4c:7b:7a:a6:d5:a1:9a:6f:e1:b4:6f:96:a3:7a:0b:
c1:06:0a:7b:3c:c7:73:b6:09:ef:0d:ee:d8:a2:f7:
f5:e3:a6:b6:2d:22:d9:c8:b0:36:cb:0a:b8:47:bf:
16:57:a2:74:6e:d9:57:b6:6a:4c:e0:a2:64:2e:d5:
0b:c6:d5:fd:fd:fd:79:fb:e6:3b:39:d6:1f:7e:7d:
89:38:7c:ea:53:77:f6:61:ad:dc:d0:33:a4:09:3a:
e1:27:4e:00:24:5d:51:eb:b4:ba:85:b6:a8:0b:e6:
a4:b1:4c:e4:ed:f9:8f:ab:1b:35:a0:79:6a:1b:53:
b0:e3:d8:1e:e3:70:f7:cc:ab:52:31:5a:09:e2:3c:
29:35:8b:af:4c:c8:b2:18:0d:9f:17:90:54:05:4b:
d1:3a:a6:08:d7:02:5b:29:a1:40:d0:0b:5b:be:cc:
da:1e:79:b8:16:57:a7:9d:44:e1:d6:9a:5b:20:64:
e3:bc:7c:ea:61:37:18:ed:c3:07:d2:d6:1e:43:ad:
90:6f:a9:88:ad:75:00:fb:05:f6:f9:1c:eb:9e:a9:
16:00:6c:bb:85:3a:46:cd:96:25:27:24:3b:71:a8:
20:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BB:04:5B:B6:A8:D1:73:02:2C:2F:4B:D0:28:80:97:DB:96:CF:6C
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/RLsEW7ao0XMCLC9L0CiAl9uWz2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:8e:00:34:e8:58:9b:dd:af:13:e5:2d:f8:89:6e:b4:a3:44:
c0:17:a1:bc:7e:a1:59:84:f3:32:b9:2f:d0:13:13:ab:67:26:
9b:dc:24:3d:32:c8:a9:6f:59:8b:e7:2d:60:9f:c2:55:97:b4:
0e:81:5a:ff:4f:d1:b4:8a:be:f2:c2:51:f3:9e:0c:35:6d:53:
78:da:26:61:af:af:cc:c8:2a:5c:13:20:b9:aa:81:83:0c:bb:
4b:c5:c6:68:b5:f8:0c:57:84:73:83:9a:a7:c9:3f:c0:68:88:
29:04:dd:00:a3:9b:5d:54:02:bd:3c:7a:1b:f9:e4:9c:50:32:
ae:38:22:6b:58:ec:43:eb:ce:3e:6d:b5:9f:d2:1d:61:d3:db:
ca:df:8c:25:b4:56:93:da:d6:2b:cc:64:b1:3c:53:fa:14:3a:
00:21:ed:72:c6:18:79:22:64:1a:72:01:e6:e5:d5:a7:88:af:
1e:fc:37:94:35:c6:66:94:d6:ac:99:66:88:f9:99:cd:7f:c1:
06:e5:6f:a3:8e:9c:33:6e:59:f9:3b:4e:22:1c:5c:8e:f5:f4:
8d:54:9c:99:4f:99:cb:e1:d9:70:6c:c6:57:c7:14:76:f6:dd:
b1:b6:e7:5f:a0:a2:4c:bc:3a:75:44:ef:88:80:1f:a9:51:50:
0f:8a:30:2d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZIkA01gpAbDB2o/r23yk0U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwOTI0MTIzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJiMDQ1YmI2YThkMTczMDIyYzJmNGJkMDI4ODA5N2RiOTZjZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/G9dDqTPUizedfrGip3Z+FfDljh
fkncQOMsyaJMe3qm1aGab+G0b5ajegvBBgp7PMdztgnvDe7Yovf146a2LSLZyLA2
ywq4R78WV6J0btlXtmpM4KJkLtULxtX9/f15++Y7OdYffn2JOHzqU3f2Ya3c0DOk
CTrhJ04AJF1R67S6hbaoC+aksUzk7fmPqxs1oHlqG1Ow49ge43D3zKtSMVoJ4jwp
NYuvTMiyGA2fF5BUBUvROqYI1wJbKaFA0AtbvszaHnm4FlennUTh1ppbIGTjvHzq
YTcY7cMH0tYeQ62Qb6mIrXUA+wX2+RzrnqkWAGy7hTpGzZYlJyQ7caggewIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFES7BFu2qNFzAiwvS9AogJfbls9sMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvUkxzRVc3YW8wWE1DTEM5TDBDaUFsOXVXejJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAHKOADToWJvdrxPlLfiJbrSjRMAXobx+oVmE8zK5L9AT
E6tnJpvcJD0yyKlvWYvnLWCfwlWXtA6BWv9P0bSKvvLCUfOeDDVtU3jaJmGvr8zI
KlwTILmqgYMMu0vFxmi1+AxXhHODmqfJP8BoiCkE3QCjm11UAr08ehv55JxQMq44
ImtY7EPrzj5ttZ/SHWHT28rfjCW0VpPa1ivMZLE8U/oUOgAh7XLGGHkiZBpyAebl
1aeIrx78N5Q1xmaU1qyZZoj5mc1/wQblb6OOnDNuWfk7TiIcXI719I1UnJlPmcvh
2XBsxlfHFHb23bG251+goky8OnVE74iAH6lRUA+KMC0=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:37:42 2024 by rpki-client on console-ams.rpki-client.org