Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Y4iX2No3R6ZlHu3UH7Xg5aTS7KE.roa
File: Y4iX2No3R6ZlHu3UH7Xg5aTS7KE.roa (raw, json)
Hash identifier: +JbdlIBI15EkehvsMjUIsit77av5cbzL7IaHAAsY/YM=
Subject key identifier: 63:88:97:D8:DA:37:47:A6:65:1E:ED:D4:1F:B5:E0:E5:A4:D2:EC:A1
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E771199582FBA7ADFEE4C23C89F5F8F5E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Y4iX2No3R6ZlHu3UH7Xg5aTS7KE.roa
Signing time: Mon 25 Mar 2024 19:23:45 +0000
ROA not before: Mon 25 Mar 2024 19:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59993
IP address blocks: 159.148.73.0/24 maxlen: 24
159.148.74.0/24 maxlen: 24
159.148.77.0/24 maxlen: 24
159.148.98.0/24 maxlen: 24
159.148.121.0/24 maxlen: 24
159.148.129.0/24 maxlen: 24
159.148.159.0/24 maxlen: 24
159.148.182.0/24 maxlen: 24
159.148.183.0/24 maxlen: 24
159.148.185.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:11:99:58:2f:ba:7a:df:ee:4c:23:c8:9f:5f:8f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 25 19:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=638897d8da3747a6651eedd41fb5e0e5a4d2eca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fc:f0:1f:db:2c:fe:a0:7a:8a:4e:a0:71:c6:
8c:58:ad:41:3c:6b:8e:86:bc:8b:27:22:d3:a1:4a:
ee:d3:11:a8:8c:58:15:60:db:51:29:8b:17:94:ac:
54:28:4b:18:86:7c:80:fb:1c:ec:6f:f9:41:93:11:
a8:d1:58:bb:05:cd:de:cd:c6:eb:85:74:b7:f4:b7:
45:7a:e8:52:30:9f:c7:d6:46:7e:33:d0:f9:b1:66:
bb:95:8d:ce:a4:ae:c8:bc:5c:7a:c9:8c:9f:fa:55:
38:b2:67:ce:fa:9b:cd:75:a0:a8:50:20:7b:c2:4c:
fb:59:eb:5e:80:10:6e:68:6b:69:cb:b8:bf:b2:74:
d8:c6:69:38:c4:9e:04:06:17:a6:e8:72:b9:a6:6a:
17:1e:32:8d:df:a1:56:34:e4:07:51:64:84:c2:a8:
15:a4:26:02:c5:81:c1:8d:3c:18:a4:da:c0:1b:6d:
28:7a:e2:ee:57:d5:01:c1:d5:1e:9a:c8:41:69:c0:
f6:7e:8c:40:3c:04:a3:71:e7:81:47:67:c4:36:08:
1c:91:d9:37:34:a3:34:86:98:86:3c:d9:75:5e:d2:
f5:66:c3:93:0d:81:b7:f6:36:cb:18:b1:64:ad:63:
96:a1:74:90:7c:fd:a7:3d:63:5c:aa:86:d1:e6:66:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:88:97:D8:DA:37:47:A6:65:1E:ED:D4:1F:B5:E0:E5:A4:D2:EC:A1
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Y4iX2No3R6ZlHu3UH7Xg5aTS7KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.73.0-159.148.74.255
159.148.77.0/24
159.148.98.0/24
159.148.121.0/24
159.148.129.0/24
159.148.159.0/24
159.148.182.0/23
159.148.185.0/24
159.148.204.0/24
Signature Algorithm: sha256WithRSAEncryption
61:7b:ce:0f:e1:b2:70:b0:f0:7c:19:2d:26:ce:75:c3:04:82:
b5:47:c5:1d:65:22:f5:2f:86:74:a4:d3:8e:f9:eb:24:dc:c2:
f6:66:b0:01:ba:f5:71:90:b4:68:e6:76:dc:45:d5:79:27:74:
26:76:80:88:53:86:b9:40:88:df:4d:e9:91:bb:45:3c:c0:34:
8f:ca:f7:a0:9a:5a:28:98:2b:9f:f0:a0:ab:4b:16:79:c8:ec:
16:13:67:17:59:60:09:a6:d4:09:c6:93:94:f0:89:e4:74:e7:
a4:66:2c:45:92:c2:e7:bd:52:52:bc:1d:e0:b4:61:4b:35:1d:
4c:c3:9f:b7:23:fe:ec:87:66:ae:4b:0e:97:28:c8:6a:4c:5c:
f1:7e:d3:b2:0d:03:b0:e0:fc:68:96:27:a2:32:0c:7f:ad:e4:
3d:75:1f:1a:03:34:42:93:ba:85:81:73:aa:d0:a3:f2:46:b4:
31:04:52:d1:2d:91:e2:c4:cb:50:a0:03:44:b4:97:ed:28:3f:
8f:1c:59:0f:fb:f5:08:92:65:c4:a2:34:b1:a6:d7:84:d4:e3:
a3:f4:90:52:c2:e3:9c:20:5a:1a:ec:77:5a:74:2c:d1:d0:17:
c8:96:5e:bf:64:05:f6:55:44:8f:3f:18:94:f8:da:ec:6a:23:
f4:7b:30:12
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY53EZlYL7p63+5MI8ifX49eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI1MTkyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzg4OTdkOGRhMzc0N2E2NjUxZWVkZDQxZmI1ZTBlNWE0ZDJlY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvzwH9ss/qB6ik6gccaMWK1BPGuO
hryLJyLToUru0xGojFgVYNtRKYsXlKxUKEsYhnyA+xzsb/lBkxGo0Vi7Bc3ezcbr
hXS39LdFeuhSMJ/H1kZ+M9D5sWa7lY3OpK7IvFx6yYyf+lU4smfO+pvNdaCoUCB7
wkz7WetegBBuaGtpy7i/snTYxmk4xJ4EBhem6HK5pmoXHjKN36FWNOQHUWSEwqgV
pCYCxYHBjTwYpNrAG20oeuLuV9UBwdUemshBacD2foxAPASjceeBR2fENggckdk3
NKM0hpiGPNl1XtL1ZsOTDYG39jbLGLFkrWOWoXSQfP2nPWNcqobR5mYHxwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGOIl9jaN0emZR7t1B+14OWk0uyhMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWTRpWDJObzNSNlpsSHUzVUg3WGc1YVRTN0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBACflEkD
BACflEoDBACflE0DBACflGIDBACflHkDBACflIEDBACflJ8DBAGflLYDBACflLkD
BACflMwwDQYJKoZIhvcNAQELBQADggEBAGF7zg/hsnCw8HwZLSbOdcMEgrVHxR1l
IvUvhnSk04756yTcwvZmsAG69XGQtGjmdtxF1XkndCZ2gIhThrlAiN9N6ZG7RTzA
NI/K96CaWiiYK5/woKtLFnnI7BYTZxdZYAmm1AnGk5TwieR056RmLEWSwue9UlK8
HeC0YUs1HUzDn7cj/uyHZq5LDpcoyGpMXPF+07INA7Dg/GiWJ6IyDH+t5D11HxoD
NEKTuoWBc6rQo/JGtDEEUtEtkeLEy1CgA0S0l+0oP48cWQ/79QiSZcSiNLGm14TU
46P0kFLC45wgWhrsd1p0LNHQF8iWXr9kBfZVRI8/GJT42uxqI/R7MBI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:05:14 2024 by rpki-client on console-ams.rpki-client.org