Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/TnN28K9zuAneKczpJSq0hRx10T8.roa
File: TnN28K9zuAneKczpJSq0hRx10T8.roa (raw, json)
Hash identifier: 6XXKj8/I7oysBY+yemR5rMuqFp7kShQcemYB/G6TevU=
Subject key identifier: 4E:73:76:F0:AF:73:B8:09:DE:29:CC:E9:25:2A:B4:85:1C:75:D1:3F
Certificate issuer: /CN=501459c027a86e1a55709f860937fe2f81b312f0
Certificate serial: 018CC5DBFFA69BF46B5046A6933032AABB5C
Authority key identifier: 50:14:59:C0:27:A8:6E:1A:55:70:9F:86:09:37:FE:2F:81:B3:12:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBRZwCeobhpVcJ-GCTf-L4GzEvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/TnN28K9zuAneKczpJSq0hRx10T8.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35280
IP address blocks: 147.233.128.0/17 maxlen: 17
147.233.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/UBRZwCeobhpVcJ-GCTf-L4GzEvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/UBRZwCeobhpVcJ-GCTf-L4GzEvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UBRZwCeobhpVcJ-GCTf-L4GzEvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ff:a6:9b:f4:6b:50:46:a6:93:30:32:aa:bb:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=501459c027a86e1a55709f860937fe2f81b312f0
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e7376f0af73b809de29cce9252ab4851c75d13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ee:b3:65:3a:0f:38:db:e5:8b:65:1e:4a:85:
c8:68:b2:9c:22:76:eb:5b:6b:9f:e9:5b:59:8a:6a:
dc:45:54:d7:d9:ca:21:1b:cc:d7:f3:26:65:4a:00:
d8:32:aa:2e:61:a4:c9:ae:65:e4:8e:89:ab:27:6c:
33:36:70:df:4e:86:5a:e7:fe:44:9d:25:b9:65:82:
40:72:a0:6b:ae:78:fa:b9:40:a0:bd:93:cd:7d:f1:
7e:4d:f1:13:2e:a3:c4:94:a6:47:b6:6e:f6:41:80:
53:fa:68:e1:a9:d3:96:d5:f4:e9:10:2f:4e:e1:af:
e6:7f:c5:85:c2:cb:9d:94:59:3a:4d:09:b6:5b:15:
e9:c2:94:9c:53:03:dc:42:9d:aa:c0:5e:e1:d6:cc:
77:39:b0:19:ef:fa:51:75:91:ee:d9:c2:83:66:01:
22:46:2e:d3:af:ad:3a:d7:1e:75:64:b2:86:33:9b:
81:18:30:11:2c:ac:b9:fa:b1:12:4e:50:f3:18:49:
a1:eb:92:42:04:43:a1:e3:92:7c:c2:33:c9:8a:61:
81:02:4c:62:b7:cc:4c:3a:1e:da:7d:6e:e5:76:8d:
8a:a3:9a:f1:72:54:4d:fb:68:b6:c1:60:e8:8f:a6:
f2:c3:2d:1a:ad:5b:03:b1:e5:10:da:2f:d2:f0:cc:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:73:76:F0:AF:73:B8:09:DE:29:CC:E9:25:2A:B4:85:1C:75:D1:3F
X509v3 Authority Key Identifier:
keyid:50:14:59:C0:27:A8:6E:1A:55:70:9F:86:09:37:FE:2F:81:B3:12:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBRZwCeobhpVcJ-GCTf-L4GzEvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/TnN28K9zuAneKczpJSq0hRx10T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/UBRZwCeobhpVcJ-GCTf-L4GzEvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:34:f6:96:45:75:75:2f:eb:6f:35:28:04:34:6c:7a:b7:31:
0a:b2:0a:25:3e:e7:48:c8:07:d9:37:60:47:d0:e9:cb:50:88:
9f:5e:fc:e9:73:23:ed:2d:13:c1:0c:49:1e:5a:c7:30:72:55:
1c:c1:46:a4:d1:09:37:b7:f4:30:85:a6:3b:f6:f7:a5:e2:d8:
0c:87:8c:a9:dc:81:7d:85:03:f6:75:d4:27:28:b6:aa:6d:51:
49:dc:bd:53:cc:b8:bf:51:76:ab:5d:82:81:b3:0b:27:30:77:
27:55:41:8f:7a:87:e0:20:37:c3:f3:7e:c4:f9:cb:1f:d0:df:
b6:5a:73:02:b1:3a:1f:09:83:ec:21:f8:ea:56:9e:8f:92:e2:
8d:e0:09:3d:8a:12:7e:d9:9b:63:8d:37:79:d0:33:47:ad:7d:
56:29:1f:f0:ad:99:48:d7:86:dc:e5:6e:fe:e7:23:bd:4a:0e:
e3:88:a1:cd:49:52:ef:9f:e1:61:72:ca:bd:94:17:9d:d4:30:
d9:b5:6b:41:ca:a5:5d:df:62:2e:e6:11:2c:2c:5d:ea:10:31:
ae:10:f5:48:ae:9f:9b:f0:6a:09:82:88:65:b0:00:de:dc:c9:
94:cc:94:ee:4b:6f:e6:09:4b:b8:3b:82:45:b3:16:bb:9a:08:
d0:f3:ff:2c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzF2/+mm/RrUEamkzAyqrtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTQ1OWMwMjdhODZlMWE1NTcwOWY4NjA5MzdmZTJmODFi
MzEyZjAwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTczNzZmMGFmNzNiODA5ZGUyOWNjZTkyNTJhYjQ4NTFjNzVkMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme6zZToPONvli2UeSoXIaLKcInbr
W2uf6VtZimrcRVTX2cohG8zX8yZlSgDYMqouYaTJrmXkjomrJ2wzNnDfToZa5/5E
nSW5ZYJAcqBrrnj6uUCgvZPNffF+TfETLqPElKZHtm72QYBT+mjhqdOW1fTpEC9O
4a/mf8WFwsudlFk6TQm2WxXpwpScUwPcQp2qwF7h1sx3ObAZ7/pRdZHu2cKDZgEi
Ri7Tr6061x51ZLKGM5uBGDARLKy5+rESTlDzGEmh65JCBEOh45J8wjPJimGBAkxi
t8xMOh7afW7ldo2Ko5rxclRN+2i2wWDoj6bywy0arVsDseUQ2i/S8Myf4QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFE5zdvCvc7gJ3inM6SUqtIUcddE/MB8GA1UdIwQY
MBaAFFAUWcAnqG4aVXCfhgk3/i+BsxLwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJSWndDZW9iaHBWY0otR0NUZi1MNEd6RXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZWRlOTItYTgzOC00MGJjLWEyNjYt
MTYyYjAyYmIxNWJkLzEvVG5OMjhLOXp1QW5lS2N6cEpTcTBoUngxMFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85ZWRlOTItYTgzOC00MGJjLWEyNjYtMTYyYjAyYmIxNWJk
LzEvVUJSWndDZW9iaHBWY0otR0NUZi1MNEd6RXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk+kwDQYJ
KoZIhvcNAQELBQADggEBAKo09pZFdXUv6281KAQ0bHq3MQqyCiU+50jIB9k3YEfQ
6ctQiJ9e/OlzI+0tE8EMSR5axzByVRzBRqTRCTe39DCFpjv296Xi2AyHjKncgX2F
A/Z11CcotqptUUncvVPMuL9RdqtdgoGzCycwdydVQY96h+AgN8PzfsT5yx/Q37Za
cwKxOh8Jg+wh+OpWno+S4o3gCT2KEn7Zm2ONN3nQM0etfVYpH/CtmUjXhtzlbv7n
I71KDuOIoc1JUu+f4WFyyr2UF53UMNm1a0HKpV3fYi7mESwsXeoQMa4Q9Uiun5vw
agmCiGWwAN7cyZTMlO5Lb+YJS7g7gkWzFruaCNDz/yw=
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:43:29 2024 by rpki-client on console-ams.rpki-client.org