Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/xMVb0s7CP_lNVBLRkmeonMUuWA8.roa
File: xMVb0s7CP_lNVBLRkmeonMUuWA8.roa (raw, json)
Hash identifier: WzFa+ykAXlKyozZKXfT2CHjNHgr8ZGIQZp1TsHPEOp8=
Subject key identifier: C4:C5:5B:D2:CE:C2:3F:F9:4D:54:12:D1:92:67:A8:9C:C5:2E:58:0F
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CC42559378007D777AF420C7F1819BFC4
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/xMVb0s7CP_lNVBLRkmeonMUuWA8.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 155.254.63.0/24 maxlen: 24
107.161.166.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.173.0/24 maxlen: 24
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
2a07:9942:39d6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:59:37:80:07:d7:77:af:42:0c:7f:18:19:bf:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4c55bd2cec23ff94d5412d19267a89cc52e580f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:22:08:60:11:02:02:5f:a7:89:03:29:3e:cb:
94:11:0c:f7:7e:74:61:7a:b5:19:53:8a:bf:42:c2:
eb:2e:a4:18:8b:a3:16:f1:a7:ac:21:67:8d:96:0d:
53:e4:80:57:41:d0:2f:a0:bd:d2:5f:8d:69:ee:f0:
c7:ba:8a:36:c0:8f:b6:7e:eb:8d:2e:da:37:5e:ae:
c4:93:23:67:44:bb:67:af:27:7b:d3:36:82:86:90:
7b:e6:1a:0c:a2:82:fb:87:d5:45:07:b5:4f:6c:1f:
ca:57:2b:e9:d5:a3:3e:7b:a9:a6:94:12:87:8e:0e:
4c:57:63:76:3f:b1:f5:7e:4b:5e:c8:5c:e3:80:d4:
fb:41:53:51:6c:04:fb:35:39:d4:d2:1f:47:b6:4e:
59:6b:5d:5c:f4:ac:0a:64:5c:c3:0b:f3:fc:f3:08:
e7:b7:e9:d1:da:e0:b2:f6:1f:41:3c:aa:9e:20:94:
76:3d:03:14:80:42:26:61:f4:98:9c:a5:f4:77:d6:
b3:82:08:47:21:44:32:af:fb:26:cc:ac:a6:5a:24:
37:e5:8b:5a:e0:ad:e2:5b:d9:2f:2a:c1:0f:7c:f0:
72:73:50:14:47:78:40:b5:f2:7d:3c:cb:2b:a0:e2:
c6:58:6e:7b:5f:af:82:3c:87:c2:d0:46:13:a3:be:
1b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C5:5B:D2:CE:C2:3F:F9:4D:54:12:D1:92:67:A8:9C:C5:2E:58:0F
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/xMVb0s7CP_lNVBLRkmeonMUuWA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
107.161.172.0/23
155.254.63.0/24
IPv6:
2a07:9942:39d6::/48
2a07:9944:40::/48
2a07:9945:45::/48
Signature Algorithm: sha256WithRSAEncryption
5b:8d:b2:b1:68:b0:5e:d4:e0:5f:e9:ca:e9:40:89:97:40:1e:
fa:2c:70:25:df:b4:8e:d2:3e:b2:f1:59:fc:86:34:e4:a7:92:
d2:94:35:ca:98:33:db:62:97:8d:bc:17:84:5b:d3:5e:d0:6f:
56:cc:ab:ef:36:5a:bb:39:52:6b:e2:9c:1f:89:69:87:82:82:
67:4b:c7:82:77:6e:2c:7c:be:87:b3:50:fa:d2:ad:29:82:6f:
1a:86:10:a8:26:09:b6:c7:a2:c2:b2:0a:da:45:3a:70:f7:89:
51:dc:cb:3b:0f:e8:84:8e:8e:b8:0f:7b:fb:23:20:8c:e1:0c:
6a:31:ca:b9:da:0a:bc:4e:cc:d2:da:2d:1c:0c:80:c4:44:bd:
fc:33:31:96:ce:ff:3c:1b:35:b1:07:db:da:d9:f7:10:96:95:
4a:9e:05:16:91:8b:22:43:d1:fd:42:16:47:8b:b5:37:c0:77:
ec:b1:ae:a4:ce:84:d6:59:db:61:a9:62:5d:ab:76:a2:4e:f5:
ec:f0:9a:1e:16:0c:84:c5:87:47:c1:81:53:ac:cc:bf:5c:0a:
ba:29:06:76:67:43:2e:7c:a8:fd:b2:9a:b2:61:e1:3c:d8:d2:
cb:1c:c2:69:ad:e9:a2:79:3e:2c:a7:0e:bf:ea:48:4a:e3:40:
c1:f3:34:76
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYzEJVk3gAfXd69CDH8YGb/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM1NWJkMmNlYzIzZmY5NGQ1NDEyZDE5MjY3YTg5Y2M1MmU1ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSIIYBECAl+niQMpPsuUEQz3fnRh
erUZU4q/QsLrLqQYi6MW8aesIWeNlg1T5IBXQdAvoL3SX41p7vDHuoo2wI+2fuuN
Lto3Xq7EkyNnRLtnryd70zaChpB75hoMooL7h9VFB7VPbB/KVyvp1aM+e6mmlBKH
jg5MV2N2P7H1fkteyFzjgNT7QVNRbAT7NTnU0h9Htk5Za11c9KwKZFzDC/P88wjn
t+nR2uCy9h9BPKqeIJR2PQMUgEImYfSYnKX0d9azgghHIUQyr/smzKymWiQ35Yta
4K3iW9kvKsEPfPByc1AUR3hAtfJ9PMsroOLGWG57X6+CPIfC0EYTo74bmQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFMTFW9LOwj/5TVQS0ZJnqJzFLlgPMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEveE1WYjBzN0NQX2xOVkJMUmttZW9uTVV1V0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAgBAIAATAaMAwDBABroaMD
BANroaADBAFroawDBACb/j8wIQQCAAIwGwMHACoHmUI51gMHACoHmUQAQAMHACoH
mUUARTANBgkqhkiG9w0BAQsFAAOCAQEAW42ysWiwXtTgX+nK6UCJl0Ae+ixwJd+0
jtI+svFZ/IY05KeS0pQ1ypgz22KXjbwXhFvTXtBvVsyr7zZauzlSa+KcH4lph4KC
Z0vHgnduLHy+h7NQ+tKtKYJvGoYQqCYJtseiwrIK2kU6cPeJUdzLOw/ohI6OuA97
+yMgjOEMajHKudoKvE7M0totHAyAxES9/DMxls7/PBs1sQfb2tn3EJaVSp4FFpGL
IkPR/UIWR4u1N8B37LGupM6E1lnbYaliXat2ok717PCaHhYMhMWHR8GBU6zMv1wK
uikGdmdDLnyo/bKasmHhPNjSyxzCaa3ponk+LKcOv+pISuNAwfM0dg==
-----END CERTIFICATE-----
Generated at Thu May 2 01:58:50 2024 by rpki-client on console-ams.rpki-client.org