Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/isUSzxZ49dbz8CqHHUwiVhVzOFw.roa
File: isUSzxZ49dbz8CqHHUwiVhVzOFw.roa (raw, json)
Hash identifier: ekPkPBrDXGBJ9m5r54mNHtxYetPGOw+9mlPHu1puJW0=
Subject key identifier: 8A:C5:12:CF:16:78:F5:D6:F3:F0:2A:87:1D:4C:22:56:15:73:38:5C
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018CC3B743E33B1589D309DCFCB319786031
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/isUSzxZ49dbz8CqHHUwiVhVzOFw.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142299
IP address blocks: 146.19.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:43:e3:3b:15:89:d3:09:dc:fc:b3:19:78:60:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ac512cf1678f5d6f3f02a871d4c22561573385c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:94:a4:43:1b:a5:c1:a7:84:09:a5:5b:52:77:
d5:a6:b4:d3:54:33:71:38:a4:fb:43:8c:30:2d:14:
29:c2:06:20:b4:d7:7f:92:50:5b:22:11:f0:25:45:
a4:ec:46:4c:a3:cc:65:e1:22:bd:e9:1f:fa:c6:e2:
f7:ee:e7:48:6b:bf:74:57:3a:83:54:c5:3b:86:62:
11:30:d6:a1:c5:75:3c:34:a5:15:ce:8b:19:05:e2:
c9:ab:35:61:7b:7e:b0:09:25:24:4f:35:46:11:89:
53:e8:e0:a9:39:ac:da:04:ea:95:6f:7f:07:47:91:
12:22:12:f5:80:14:80:8e:d9:55:54:ee:f1:b8:e2:
cd:53:cf:69:e6:20:36:9b:d0:19:47:8b:a4:59:01:
1c:93:ce:3f:8a:3b:a7:d1:5c:15:9f:89:4d:3d:fe:
d2:eb:fa:25:d6:65:c0:85:32:7a:70:09:c7:bf:99:
ab:19:cd:c4:28:c0:94:0f:48:43:ce:59:17:57:c8:
85:60:c8:4f:28:06:df:f7:a2:f2:48:d8:69:c6:65:
2a:e1:a2:18:67:06:c6:ca:11:7e:45:3d:e5:d0:34:
0f:49:68:fc:f7:04:9e:d3:28:7b:b2:1c:64:4f:c8:
41:b1:0b:2f:b4:05:13:a2:62:4f:cf:7a:af:c5:51:
22:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C5:12:CF:16:78:F5:D6:F3:F0:2A:87:1D:4C:22:56:15:73:38:5C
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/isUSzxZ49dbz8CqHHUwiVhVzOFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.69.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:d0:17:4e:f2:03:b1:17:b7:0a:17:31:05:39:61:6d:d1:d0:
4e:e1:ab:06:e8:7c:23:7a:9c:1b:9f:5c:5f:9d:e6:e4:ef:f7:
b0:cb:95:bc:4a:60:20:71:d1:0a:97:33:f2:41:f2:a6:d2:7c:
7c:56:35:c8:c9:bc:3d:34:0f:b6:02:09:65:80:69:54:47:15:
84:00:39:21:db:5d:3d:b4:f9:49:c8:d3:b4:e7:61:73:de:c7:
bc:bd:53:72:44:3d:e7:3d:e1:21:68:0b:88:56:2d:94:92:7c:
00:92:45:c0:4f:40:35:11:a5:f5:cc:71:ae:da:25:67:62:b9:
bf:ec:77:9d:96:ba:2e:ae:73:af:30:01:b3:e5:e3:7e:46:08:
c3:9a:7b:fd:4e:25:f9:ed:ea:63:25:f8:30:4d:65:09:ef:f7:
76:b6:ab:a9:92:ef:a6:46:30:9c:0e:1a:c1:38:ac:37:fd:fa:
52:5a:76:a3:d8:1e:1f:4d:00:d8:f9:c2:4e:d7:5c:2a:86:34:
54:0d:69:81:80:b0:a0:b7:6b:d1:ed:a8:71:07:b8:9a:4f:2d:
09:d5:b2:c9:55:d3:f6:28:24:10:4c:7e:b9:e7:e5:35:07:8f:
de:fc:59:d6:b1:58:d8:76:18:2c:51:1d:d0:75:fa:16:28:46:
63:89:78:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0PjOxWJ0wnc/LMZeGAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWM1MTJjZjE2NzhmNWQ2ZjNmMDJhODcxZDRjMjI1NjE1NzMzODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpSkQxulwaeECaVbUnfVprTTVDNx
OKT7Q4wwLRQpwgYgtNd/klBbIhHwJUWk7EZMo8xl4SK96R/6xuL37udIa790VzqD
VMU7hmIRMNahxXU8NKUVzosZBeLJqzVhe36wCSUkTzVGEYlT6OCpOazaBOqVb38H
R5ESIhL1gBSAjtlVVO7xuOLNU89p5iA2m9AZR4ukWQEck84/ijun0VwVn4lNPf7S
6/ol1mXAhTJ6cAnHv5mrGc3EKMCUD0hDzlkXV8iFYMhPKAbf96LySNhpxmUq4aIY
ZwbGyhF+RT3l0DQPSWj89wSe0yh7shxkT8hBsQsvtAUTomJPz3qvxVEiFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrFEs8WePXW8/Aqhx1MIlYVczhcMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvaXNVU3p4WjQ5ZGJ6OENxSEhVd2lWaFZ6T0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNFMA0G
CSqGSIb3DQEBCwUAA4IBAQC00BdO8gOxF7cKFzEFOWFt0dBO4asG6Hwjepwbn1xf
nebk7/ewy5W8SmAgcdEKlzPyQfKm0nx8VjXIybw9NA+2AgllgGlURxWEADkh2109
tPlJyNO052Fz3se8vVNyRD3nPeEhaAuIVi2UknwAkkXAT0A1EaX1zHGu2iVnYrm/
7HedlrournOvMAGz5eN+RgjDmnv9TiX57epjJfgwTWUJ7/d2tqupku+mRjCcDhrB
OKw3/fpSWnaj2B4fTQDY+cJO11wqhjRUDWmBgLCgt2vR7ahxB7iaTy0J1bLJVdP2
KCQQTH655+U1B4/e/FnWsVjYdhgsUR3QdfoWKEZjiXhc
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:06:12 2024 by rpki-client on console-fra.rpki-client.org