Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hRtuBRBNYn1F4Ja1rodhQvPY4HY.roa
File: hRtuBRBNYn1F4Ja1rodhQvPY4HY.roa (raw, json)
Hash identifier: nzW6wG/UKCG3oD1LafmRbIhniPgCZwD4IZIqnrMiXno=
Subject key identifier: 85:1B:6E:05:10:4D:62:7D:45:E0:96:B5:AE:87:61:42:F3:D8:E0:76
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012F0E5AF066AF7F3DBDD2D8E5BEF7
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hRtuBRBNYn1F4Ja1rodhQvPY4HY.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60324
IP address blocks: 159.148.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2f:0e:5a:f0:66:af:7f:3d:bd:d2:d8:e5:be:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=851b6e05104d627d45e096b5ae876142f3d8e076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5a:2c:d1:5a:5e:77:25:3f:14:1f:a5:34:e6:
8e:19:87:9c:9f:5c:1b:ac:b9:31:46:83:64:6c:84:
e4:e5:2c:93:12:a8:23:0c:69:28:4f:1c:53:ff:48:
0a:95:8b:80:a8:bf:82:fe:5c:53:5e:05:38:c8:c4:
d2:95:f6:67:1a:15:2d:77:b0:fa:cf:d1:44:89:f3:
14:2a:30:6d:9f:a8:ce:db:42:c8:a6:59:ac:65:ed:
01:09:db:34:0f:b8:8e:cc:63:80:5b:b4:41:c4:a7:
22:6a:47:9f:0d:86:70:b6:fb:88:85:89:19:f0:fd:
84:c1:c9:83:e1:45:0d:06:f0:69:a1:1e:ca:49:e1:
1f:bd:a3:3e:53:ea:19:9c:05:6b:1e:08:df:a5:35:
7d:f6:95:d1:6b:dd:9b:93:5d:1f:eb:17:18:27:18:
2f:1d:6b:d9:59:b2:5f:40:41:9e:d0:e1:c5:2e:1d:
ef:44:ae:38:bc:ab:16:46:19:53:ce:a3:ee:2b:f6:
de:f6:f8:77:fb:a7:84:35:a5:25:58:26:39:4e:6c:
b8:e1:c4:a1:eb:d1:2c:d8:7a:f6:05:f2:04:66:90:
86:b4:dd:b9:cc:b3:59:c1:2f:fc:53:2b:4b:c1:73:
65:d8:bc:f8:fe:7c:bc:30:9c:c1:2f:a7:96:db:33:
16:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1B:6E:05:10:4D:62:7D:45:E0:96:B5:AE:87:61:42:F3:D8:E0:76
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hRtuBRBNYn1F4Ja1rodhQvPY4HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.191.0/24
Signature Algorithm: sha256WithRSAEncryption
56:33:fb:9e:a7:94:5f:42:c4:c2:8b:a6:b2:30:8e:02:ba:66:
0b:43:82:c0:80:85:3a:f5:bd:8b:8c:0a:f3:8b:1d:c9:d5:e8:
fa:45:8a:28:ff:86:b9:ac:91:e9:34:11:5c:82:be:ae:56:e5:
fc:7c:8a:be:d0:3c:47:a0:be:d9:b1:01:10:94:79:e7:33:41:
ef:ba:e6:7a:7d:65:5d:3d:7d:83:ab:32:20:8c:09:e7:0b:04:
59:de:2f:9a:a0:35:60:d0:b7:49:35:d0:0a:39:88:35:ab:84:
d5:1a:81:75:07:0a:3e:09:49:b4:69:8c:23:23:e8:e2:50:51:
27:91:33:7a:48:88:e3:46:29:64:f3:4e:97:1b:4d:9f:03:51:
01:a6:0f:04:36:44:8f:43:4a:76:36:c4:fe:02:b1:8f:ba:1c:
fd:5e:03:5c:a1:9e:de:e9:6d:3e:0d:16:af:01:86:e7:e8:29:
73:fd:04:ce:67:1d:4b:f9:a6:85:0a:92:18:90:64:62:bb:2e:
96:1b:30:9b:5c:4f:f2:ab:e7:75:44:a1:ee:6f:a8:2e:98:06:
10:a4:b2:1d:b4:70:f7:2d:f5:17:23:b5:5d:27:11:42:85:3e:
d4:85:02:03:b6:74:50:9e:5c:9e:f0:1a:a8:ee:53:fe:12:d9:
7b:45:ed:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAS8OWvBmr389vdLY5b73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTFiNmUwNTEwNGQ2MjdkNDVlMDk2YjVhZTg3NjE0MmYzZDhlMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFos0VpedyU/FB+lNOaOGYecn1wb
rLkxRoNkbITk5SyTEqgjDGkoTxxT/0gKlYuAqL+C/lxTXgU4yMTSlfZnGhUtd7D6
z9FEifMUKjBtn6jO20LIplmsZe0BCds0D7iOzGOAW7RBxKciakefDYZwtvuIhYkZ
8P2EwcmD4UUNBvBpoR7KSeEfvaM+U+oZnAVrHgjfpTV99pXRa92bk10f6xcYJxgv
HWvZWbJfQEGe0OHFLh3vRK44vKsWRhlTzqPuK/be9vh3+6eENaUlWCY5Tmy44cSh
69Es2Hr2BfIEZpCGtN25zLNZwS/8UytLwXNl2Lz4/ny8MJzBL6eW2zMWkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUbbgUQTWJ9ReCWta6HYULz2OB2MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaFJ0dUJSQk5ZbjFGNEphMXJvZGhRdlBZNEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5S/MA0G
CSqGSIb3DQEBCwUAA4IBAQBWM/uep5RfQsTCi6ayMI4CumYLQ4LAgIU69b2LjArz
ix3J1ej6RYoo/4a5rJHpNBFcgr6uVuX8fIq+0DxHoL7ZsQEQlHnnM0HvuuZ6fWVd
PX2DqzIgjAnnCwRZ3i+aoDVg0LdJNdAKOYg1q4TVGoF1Bwo+CUm0aYwjI+jiUFEn
kTN6SIjjRilk806XG02fA1EBpg8ENkSPQ0p2NsT+ArGPuhz9XgNcoZ7e6W0+DRav
AYbn6Clz/QTOZx1L+aaFCpIYkGRiuy6WGzCbXE/yq+d1RKHub6gumAYQpLIdtHD3
LfUXI7VdJxFChT7UhQIDtnRQnlye8Bqo7lP+Etl7Re06
-----END CERTIFICATE-----
Generated at Wed May 1 13:30:18 2024 by rpki-client on console-ams.rpki-client.org