Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/4JIlsb-s0tj9hjUv6uOB7ybumrA.roa
File: 4JIlsb-s0tj9hjUv6uOB7ybumrA.roa (raw, json)
Hash identifier: bhfiea1WanJ1esMyREaNkt7xmO55FN6o6CqVAqktaJA=
Subject key identifier: E0:92:25:B1:BF:AC:D2:D8:FD:86:35:2F:EA:E3:81:EF:26:EE:9A:B0
Certificate issuer: /CN=0b5a5eca6cd38e921b5a14570854adb4a3b69238
Certificate serial: 018CC7260D6A2B5180AB2FEC62D1C0A78DC8
Authority key identifier: 0B:5A:5E:CA:6C:D3:8E:92:1B:5A:14:57:08:54:AD:B4:A3:B6:92:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1peymzTjpIbWhRXCFSttKO2kjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/4JIlsb-s0tj9hjUv6uOB7ybumrA.roa
Signing time: Mon 01 Jan 2024 22:30:08 +0000
ROA not before: Mon 01 Jan 2024 22:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 192.153.13.0/24 maxlen: 24
192.147.155.0/24 maxlen: 24
192.92.135.0/24 maxlen: 24
192.82.214.0/24 maxlen: 24
192.133.108.0/24 maxlen: 24
192.26.239.0/24 maxlen: 24
192.207.196.0/24 maxlen: 24
192.94.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/C1peymzTjpIbWhRXCFSttKO2kjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/C1peymzTjpIbWhRXCFSttKO2kjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1peymzTjpIbWhRXCFSttKO2kjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:0d:6a:2b:51:80:ab:2f:ec:62:d1:c0:a7:8d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5a5eca6cd38e921b5a14570854adb4a3b69238
Validity
Not Before: Jan 1 22:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e09225b1bfacd2d8fd86352feae381ef26ee9ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5f:36:98:f0:a3:07:11:ec:33:4c:e0:68:02:
c1:46:30:c9:c7:1b:97:ad:d5:e0:47:f6:54:21:07:
3d:ac:3e:46:19:3e:d2:47:b3:64:83:4d:c1:41:03:
2d:ce:90:28:51:09:a4:61:40:85:ea:ba:be:e7:99:
ac:75:3e:99:99:b7:4c:18:52:23:d3:94:86:8c:71:
13:36:4e:4c:ac:ea:f7:f4:c5:94:23:5f:5e:a2:ef:
87:a1:b6:85:74:14:b9:02:17:30:52:6d:3e:a6:43:
23:63:47:95:6b:63:02:19:74:f3:3d:1e:24:4a:cc:
2d:e4:8b:65:b9:b8:f5:5a:79:90:b6:5b:84:71:72:
2b:7c:02:97:0a:aa:c9:56:be:7b:7e:28:07:f0:5f:
81:2b:89:26:0a:76:2f:a6:33:56:d6:51:b4:70:c5:
0b:57:0a:71:2a:a0:88:47:0a:09:fe:c9:8c:ba:55:
97:42:1b:20:95:70:cb:66:33:a0:14:6e:59:95:d0:
ac:ad:76:9c:ee:65:2f:3d:fe:37:b8:72:79:76:1a:
ef:d8:d4:0b:29:97:e0:52:a1:f6:1a:d4:ac:ed:b0:
29:ef:ed:16:aa:ef:ef:7a:df:8e:35:81:39:4a:65:
49:83:c3:06:6c:9a:cc:e8:bd:d0:2d:54:f6:33:44:
ff:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:92:25:B1:BF:AC:D2:D8:FD:86:35:2F:EA:E3:81:EF:26:EE:9A:B0
X509v3 Authority Key Identifier:
keyid:0B:5A:5E:CA:6C:D3:8E:92:1B:5A:14:57:08:54:AD:B4:A3:B6:92:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1peymzTjpIbWhRXCFSttKO2kjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/4JIlsb-s0tj9hjUv6uOB7ybumrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/C1peymzTjpIbWhRXCFSttKO2kjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.26.239.0/24
192.82.214.0/24
192.92.135.0/24
192.94.24.0/24
192.133.108.0/24
192.147.155.0/24
192.153.13.0/24
192.207.196.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:35:e2:b3:66:e7:ad:19:ac:bd:cc:55:a4:e0:bc:6e:da:17:
2b:d4:1b:05:df:5c:57:e7:56:56:4f:70:90:66:90:07:13:44:
eb:b8:81:fe:c1:39:7d:8e:67:f7:0d:4f:f0:0a:18:58:ad:0d:
6f:c3:0e:32:a5:6e:56:a7:a1:c4:bc:3a:35:0b:67:12:9e:a8:
f9:61:8d:a7:de:4a:60:6f:c6:ae:75:bf:56:9e:74:ec:55:04:
de:29:40:11:32:2f:f5:c7:99:f1:00:5d:dc:09:a1:0e:f1:df:
42:f8:ba:ed:85:b7:ee:08:3e:87:f4:e7:42:bd:0a:4d:6f:4a:
23:bc:3e:1d:c4:72:e1:f8:f2:62:fe:73:f8:76:f9:81:f3:ac:
6b:24:8e:b2:c3:80:97:a2:2a:2a:94:dc:6c:c5:51:95:03:f1:
cc:4c:eb:af:15:1f:74:ed:d5:52:cf:79:91:52:1a:6a:e5:a7:
2d:f5:7e:0e:fb:d1:f9:fb:f4:1a:59:bb:79:31:ba:a4:87:53:
de:87:27:a1:1d:d5:5d:7c:75:2e:bc:48:3f:70:33:1f:33:6b:
41:4a:ab:a4:0d:e4:e9:eb:9c:05:55:91:b1:bf:8a:42:da:a9:
21:e4:9e:8f:d3:c6:18:b5:a1:73:ed:1f:24:d6:4c:1a:4c:68:
b4:c6:0e:f5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzHJg1qK1GAqy/sYtHAp43IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWE1ZWNhNmNkMzhlOTIxYjVhMTQ1NzA4NTRhZGI0YTNi
NjkyMzgwHhcNMjQwMTAxMjIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDkyMjViMWJmYWNkMmQ4ZmQ4NjM1MmZlYWUzODFlZjI2ZWU5YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV82mPCjBxHsM0zgaALBRjDJxxuX
rdXgR/ZUIQc9rD5GGT7SR7Nkg03BQQMtzpAoUQmkYUCF6rq+55msdT6ZmbdMGFIj
05SGjHETNk5MrOr39MWUI19eou+HobaFdBS5AhcwUm0+pkMjY0eVa2MCGXTzPR4k
Sswt5Itlubj1WnmQtluEcXIrfAKXCqrJVr57figH8F+BK4kmCnYvpjNW1lG0cMUL
VwpxKqCIRwoJ/smMulWXQhsglXDLZjOgFG5ZldCsrXac7mUvPf43uHJ5dhrv2NQL
KZfgUqH2GtSs7bAp7+0Wqu/vet+ONYE5SmVJg8MGbJrM6L3QLVT2M0T/FwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOCSJbG/rNLY/YY1L+rjge8m7pqwMB8GA1UdIwQY
MBaAFAtaXsps046SG1oUVwhUrbSjtpI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFwZXltelRqcEliV2hSWENGU3R0S08ya2pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kYzRlNGQtYWUyMi00MTQ3LWFjODct
ZTBkOTE0YzFjYjUwLzEvNEpJbHNiLXMwdGo5aGpVdjZ1T0I3eWJ1bXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kYzRlNGQtYWUyMi00MTQ3LWFjODctZTBkOTE0YzFjYjUw
LzEvQzFwZXltelRqcEliV2hSWENGU3R0S08ya2pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwBrvAwQA
wFLWAwQAwFyHAwQAwF4YAwQAwIVsAwQAwJObAwQAwJkNAwQAwM/EMA0GCSqGSIb3
DQEBCwUAA4IBAQCcNeKzZuetGay9zFWk4Lxu2hcr1BsF31xX51ZWT3CQZpAHE0Tr
uIH+wTl9jmf3DU/wChhYrQ1vww4ypW5Wp6HEvDo1C2cSnqj5YY2n3kpgb8audb9W
nnTsVQTeKUARMi/1x5nxAF3cCaEO8d9C+LrthbfuCD6H9OdCvQpNb0ojvD4dxHLh
+PJi/nP4dvmB86xrJI6yw4CXoioqlNxsxVGVA/HMTOuvFR907dVSz3mRUhpq5act
9X4O+9H5+/QaWbt5Mbqkh1PehyehHdVdfHUuvEg/cDMfM2tBSqukDeTp65wFVZGx
v4pC2qkh5J6P08YYtaFz7R8k1kwaTGi0xg71
-----END CERTIFICATE-----
Generated at Mon Jul 1 02:56:29 2024 by rpki-client on console-ams.rpki-client.org