Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/PL4u8Up4o2jTWBU8LVmlaNYoaTw.roa
File: PL4u8Up4o2jTWBU8LVmlaNYoaTw.roa (raw, json)
Hash identifier: ykTFRjrKs5dP068O2/SxQGA8e6N9w+duEKH6dm9BQlI=
Subject key identifier: 3C:BE:2E:F1:4A:78:A3:68:D3:58:15:3C:2D:59:A5:68:D6:28:69:3C
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649DE57CF3A91117BEC18638FB541FD
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/PL4u8Up4o2jTWBU8LVmlaNYoaTw.roa
Signing time: Mon 01 Jan 2024 18:29:39 +0000
ROA not before: Mon 01 Jan 2024 18:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49040
IP address blocks: 151.251.41.0/24 maxlen: 24
151.251.42.0/24 maxlen: 24
151.251.40.0/24 maxlen: 24
151.251.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:de:57:cf:3a:91:11:7b:ec:18:63:8f:b5:41:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cbe2ef14a78a368d358153c2d59a568d628693c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:42:7d:44:da:c1:4e:ca:9d:fa:6a:5d:f4:ce:
c8:18:46:ee:b0:bc:7b:af:4a:f7:d9:06:62:bb:91:
e3:14:d1:bf:74:fd:e3:c9:1c:d9:fa:7c:25:e9:4a:
d7:50:06:08:3b:10:79:0a:b6:b1:27:6b:ee:33:d8:
d6:a8:47:84:f9:77:ae:98:50:57:a9:36:2d:b3:83:
b2:ce:eb:51:aa:5d:3a:ac:da:4e:88:b8:04:2a:7b:
5e:60:a7:b9:1d:70:ef:d3:91:b0:21:fe:f8:b8:79:
90:94:76:2d:6f:30:78:88:ba:88:3a:5d:8f:4b:dc:
4b:a5:1b:a3:af:58:91:1e:04:7b:ec:69:93:b3:1f:
be:5e:44:61:04:0d:a9:ef:14:af:9e:0d:1f:c6:2c:
03:c6:dc:08:b4:b7:c0:c9:e3:b4:c7:49:ef:52:26:
c1:98:28:98:3d:da:80:bb:34:0e:b4:db:06:4e:75:
3f:7a:3d:59:5f:36:a0:d5:98:69:c9:d4:6d:de:3e:
f8:3c:c7:ee:75:f2:b7:da:58:5b:40:00:b0:2e:a9:
c7:9b:c4:76:dc:41:57:78:02:28:1f:c6:c5:e1:9c:
35:5b:0b:c7:fa:05:ba:12:b4:b9:e7:e2:0f:55:5a:
71:f5:50:15:5e:38:86:32:8b:a8:cb:d1:ad:28:e8:
89:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BE:2E:F1:4A:78:A3:68:D3:58:15:3C:2D:59:A5:68:D6:28:69:3C
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/PL4u8Up4o2jTWBU8LVmlaNYoaTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.251.40.0-151.251.42.255
151.251.60.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:84:d2:c1:b7:41:6c:2f:69:45:fa:fa:11:00:3d:ff:1d:a0:
40:7f:99:c3:ac:5b:51:f2:bb:b0:89:44:42:a3:09:9b:53:b2:
ed:98:c1:b8:95:33:b2:c5:63:66:a6:9c:40:33:2a:9f:c8:bd:
7f:70:cf:cb:e5:78:2b:fe:58:7e:28:29:b8:67:fc:8f:3b:4b:
18:03:01:e7:45:21:94:1b:9b:6e:0e:b0:8e:06:05:c7:55:b2:
da:6b:0c:b5:4d:79:10:e0:6c:77:45:bc:f8:3a:f2:96:0f:19:
66:83:c1:47:68:05:19:f1:d5:74:ee:f8:8a:47:93:0e:5e:cf:
3a:7b:b8:17:76:d5:eb:f1:dc:fd:0e:d9:b8:fb:db:9b:8f:55:
71:88:1c:6a:8a:8f:9a:3c:bc:2a:b4:d2:11:1d:64:ad:a4:38:
bd:9b:10:6c:49:3c:94:1c:c4:a1:de:79:0e:14:84:27:a1:a1:
7c:77:58:cd:50:91:69:2e:f2:45:38:b6:f9:95:0b:7d:30:6b:
ca:26:49:3e:b4:c1:f4:74:2b:d6:38:fb:d0:b2:ad:50:74:9e:
0e:e6:61:e5:8e:8d:a0:85:70:a2:ec:95:76:89:e2:ec:db:18:
ae:eb:7b:c6:81:79:0f:c3:80:9d:98:89:ae:d0:4c:ea:08:9c:
88:2e:3a:f2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGSd5XzzqREXvsGGOPtUH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2JlMmVmMTRhNzhhMzY4ZDM1ODE1M2MyZDU5YTU2OGQ2Mjg2OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10J9RNrBTsqd+mpd9M7IGEbusLx7
r0r32QZiu5HjFNG/dP3jyRzZ+nwl6UrXUAYIOxB5CraxJ2vuM9jWqEeE+XeumFBX
qTYts4OyzutRql06rNpOiLgEKnteYKe5HXDv05GwIf74uHmQlHYtbzB4iLqIOl2P
S9xLpRujr1iRHgR77GmTsx++XkRhBA2p7xSvng0fxiwDxtwItLfAyeO0x0nvUibB
mCiYPdqAuzQOtNsGTnU/ej1ZXzag1ZhpydRt3j74PMfudfK32lhbQACwLqnHm8R2
3EFXeAIoH8bF4Zw1WwvH+gW6ErS55+IPVVpx9VAVXjiGMouoy9GtKOiJNQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDy+LvFKeKNo01gVPC1ZpWjWKGk8MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvUEw0dThVcDRvMmpUV0JVOExWbWxhTllvYVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAOX+ygD
BACX+yoDBACX+zwwDQYJKoZIhvcNAQELBQADggEBAJuE0sG3QWwvaUX6+hEAPf8d
oEB/mcOsW1Hyu7CJREKjCZtTsu2YwbiVM7LFY2amnEAzKp/IvX9wz8vleCv+WH4o
Kbhn/I87SxgDAedFIZQbm24OsI4GBcdVstprDLVNeRDgbHdFvPg68pYPGWaDwUdo
BRnx1XTu+IpHkw5ezzp7uBd21evx3P0O2bj725uPVXGIHGqKj5o8vCq00hEdZK2k
OL2bEGxJPJQcxKHeeQ4UhCehoXx3WM1QkWku8kU4tvmVC30wa8omST60wfR0K9Y4
+9CyrVB0ng7mYeWOjaCFcKLslXaJ4uzbGK7re8aBeQ/DgJ2Yia7QTOoInIguOvI=
-----END CERTIFICATE-----
Generated at Tue May 7 02:14:40 2024 by rpki-client on console-fra.rpki-client.org