Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/pJcGQ9dHitkn1TjAFuzj8XMJDlE.roa
File: pJcGQ9dHitkn1TjAFuzj8XMJDlE.roa (raw, json)
Hash identifier: APIeHSOtnGzXAqmVFPdDEF0VrVFloDf+Tg0QsbWmj/4=
Subject key identifier: A4:97:06:43:D7:47:8A:D9:27:D5:38:C0:16:EC:E3:F1:73:09:0E:51
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80128609180BBD863E26AA1F75F6272
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/pJcGQ9dHitkn1TjAFuzj8XMJDlE.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35478
IP address blocks: 159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.195.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 09:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:28:60:91:80:bb:d8:63:e2:6a:a1:f7:5f:62:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4970643d7478ad927d538c016ece3f173090e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:07:ae:18:79:f2:db:63:30:91:ac:3a:0e:
9f:f2:e9:77:d5:f5:02:04:32:3b:86:d9:23:8e:79:
9b:e0:a1:80:af:16:c8:ec:b9:7a:fb:5f:48:f8:b5:
e4:15:59:5a:a1:a9:72:91:9f:fe:de:84:4e:42:6f:
c0:c7:e9:be:b3:5d:90:96:f6:f9:4e:69:a2:92:59:
b0:8d:ee:ca:30:aa:80:ee:2a:2b:cf:47:5a:6d:40:
c2:a3:76:ba:29:c0:c6:40:66:75:c1:c2:55:29:77:
9a:f4:3c:1a:a3:cf:43:1f:dc:b3:1b:a6:46:b0:92:
32:c1:85:d5:91:7f:42:5d:b7:b8:75:10:fa:f7:f8:
b5:da:f1:db:f1:ae:71:9b:e1:b2:38:10:e4:37:f1:
cd:96:14:dc:bd:a0:35:b9:cf:be:49:cd:af:96:94:
03:1c:e5:69:27:a4:a5:1f:b7:e8:60:c7:d9:2d:18:
d1:b9:cb:37:70:47:e1:85:67:3a:f6:27:d3:07:eb:
d9:a8:78:33:15:5a:e7:ab:b7:dc:b3:18:83:f3:1c:
71:e4:55:79:d1:e0:ee:a7:87:c9:5a:b8:ba:7c:4a:
a3:1a:dd:03:a1:d2:bd:de:c4:77:9b:4d:a5:46:8a:
f5:7f:39:b7:ae:43:e3:c6:43:ee:3a:e2:3d:de:79:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:97:06:43:D7:47:8A:D9:27:D5:38:C0:16:EC:E3:F1:73:09:0E:51
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/pJcGQ9dHitkn1TjAFuzj8XMJDlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.195.0/24
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c4:e1:95:2d:6a:ea:a0:d3:6c:b9:df:e4:96:a2:1b:6b:3b:
8b:77:3a:e3:5d:e2:5e:09:22:0a:95:97:65:81:fc:5b:69:59:
1e:35:6f:48:b3:99:05:f5:ca:6a:f6:9b:36:2a:2b:c7:92:0d:
d5:bf:d1:9f:dc:08:59:b8:c2:60:1b:7b:37:d3:bb:37:3c:e6:
e7:bb:5d:e3:e9:ad:02:be:9a:f3:01:72:05:37:00:31:34:11:
e0:ea:b5:64:7d:9e:f3:9b:75:06:31:a5:13:4b:b3:1c:a0:db:
83:30:b7:9d:f9:aa:c5:d8:28:23:37:22:81:71:57:85:fe:16:
9b:ee:fc:6c:01:be:e1:41:ec:28:60:1e:8d:e0:1e:aa:74:17:
a7:b9:6f:ab:23:02:bf:7c:09:93:90:b5:a0:5f:32:f4:a6:7e:
12:9a:c9:94:a3:ad:b3:19:6a:40:84:7f:60:f9:6e:a4:53:22:
a1:b1:a2:20:f8:07:0e:40:5e:ff:48:b4:93:f1:26:d8:85:84:
9a:bb:70:db:47:88:b2:76:d5:47:23:2a:0d:06:e5:00:13:94:
ed:68:b7:78:62:e0:d9:a1:12:e0:4f:49:ed:e0:8f:f8:de:a9:
75:8e:17:f2:65:01:dd:51:bf:d2:aa:d9:ba:95:fb:6f:93:54:
aa:d5:02:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAShgkYC72GPiaqH3X2JyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk3MDY0M2Q3NDc4YWQ5MjdkNTM4YzAxNmVjZTNmMTczMDkwZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTMHrhh58ttjMJGsOg6f8ul31fUC
BDI7htkjjnmb4KGArxbI7Ll6+19I+LXkFVlaoalykZ/+3oROQm/Ax+m+s12Qlvb5
Tmmiklmwje7KMKqA7iorz0dabUDCo3a6KcDGQGZ1wcJVKXea9Dwao89DH9yzG6ZG
sJIywYXVkX9CXbe4dRD69/i12vHb8a5xm+GyOBDkN/HNlhTcvaA1uc++Sc2vlpQD
HOVpJ6SlH7foYMfZLRjRucs3cEfhhWc69ifTB+vZqHgzFVrnq7fcsxiD8xxx5FV5
0eDup4fJWri6fEqjGt0DodK93sR3m02lRor1fzm3rkPjxkPuOuI93nmEXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKSXBkPXR4rZJ9U4wBbs4/FzCQ5RMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcEpjR1E5ZEhpdGtuMVRqQUZ1emo4WE1KRGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAn5TDAwQA
n5TMAwQAn5TYAwQAn5TaMA0GCSqGSIb3DQEBCwUAA4IBAQBixOGVLWrqoNNsud/k
lqIbazuLdzrjXeJeCSIKlZdlgfxbaVkeNW9Is5kF9cpq9ps2KivHkg3Vv9Gf3AhZ
uMJgG3s307s3PObnu13j6a0CvprzAXIFNwAxNBHg6rVkfZ7zm3UGMaUTS7McoNuD
MLed+arF2CgjNyKBcVeF/hab7vxsAb7hQewoYB6N4B6qdBenuW+rIwK/fAmTkLWg
XzL0pn4SmsmUo62zGWpAhH9g+W6kUyKhsaIg+AcOQF7/SLST8SbYhYSau3DbR4iy
dtVHIyoNBuUAE5TtaLd4YuDZoRLgT0nt4I/43ql1jhfyZQHdUb/Sqtm6lftvk1Sq
1QJj
-----END CERTIFICATE-----
Generated at Wed May 1 16:04:46 2024 by rpki-client on console-ams.rpki-client.org