Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/UrIeKRdUwuAvlN0mm6Oc3iRfOaE.roa
File: UrIeKRdUwuAvlN0mm6Oc3iRfOaE.roa (raw, json)
Hash identifier: IqvGfZBQEYveO/mS/ynngSUjkNMal6qkTGeEb3hflCI=
Subject key identifier: 52:B2:1E:29:17:54:C2:E0:2F:94:DD:26:9B:A3:9C:DE:24:5F:39:A1
Certificate issuer: /CN=9b5337bd1a7c5ee9c57a73b0a33c61219cd2a9cb
Certificate serial: 018CC6B8DD0CAC858068870D6255ABF7140E
Authority key identifier: 9B:53:37:BD:1A:7C:5E:E9:C5:7A:73:B0:A3:3C:61:21:9C:D2:A9:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1M3vRp8XunFenOwozxhIZzSqcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/UrIeKRdUwuAvlN0mm6Oc3iRfOaE.roa
Signing time: Mon 01 Jan 2024 20:30:53 +0000
ROA not before: Mon 01 Jan 2024 20:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 786
IP address blocks: 149.153.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/m1M3vRp8XunFenOwozxhIZzSqcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/m1M3vRp8XunFenOwozxhIZzSqcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m1M3vRp8XunFenOwozxhIZzSqcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:dd:0c:ac:85:80:68:87:0d:62:55:ab:f7:14:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5337bd1a7c5ee9c57a73b0a33c61219cd2a9cb
Validity
Not Before: Jan 1 20:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b21e291754c2e02f94dd269ba39cde245f39a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:29:77:e0:9a:b9:3a:ef:ee:47:d7:33:89:97:
05:0c:f3:8c:c5:0d:a3:bc:e9:86:f5:23:84:8e:a5:
39:b9:3c:c5:1c:66:8b:ff:20:74:9d:0c:4a:b1:33:
35:2b:e1:b3:a2:67:45:31:cc:01:21:b1:fe:29:51:
45:8a:e5:28:3b:3d:29:f6:73:62:36:41:54:73:3c:
24:1f:12:d5:71:ce:e3:7f:06:08:b7:85:05:36:cc:
71:00:39:ba:4c:22:4e:ab:5c:82:f4:1e:a7:27:2f:
d1:25:10:d3:e0:22:92:34:a5:30:2e:02:d6:fa:30:
73:ed:0f:2d:dc:f3:f4:0c:2b:7c:0a:3f:f5:fb:14:
63:a8:4f:a9:5f:7a:fb:b0:e6:a4:68:73:f6:85:74:
f8:41:ec:92:4e:9b:4b:fb:90:45:c7:f5:22:6c:cb:
c4:16:7c:01:10:1c:52:58:a7:6d:2a:79:73:05:66:
8e:c7:a2:a0:cd:b8:bc:e5:56:c4:0b:92:01:1b:2e:
58:ef:a8:bb:1c:b8:e5:be:3d:6b:a1:4e:63:53:61:
50:97:96:84:4d:74:bc:5f:ec:bb:b2:34:b0:29:4c:
cf:b2:4d:52:b1:42:90:8b:64:8a:1a:4b:1e:fc:8c:
00:ea:ab:d3:b0:08:44:8a:7a:43:2e:f2:f2:5e:ce:
7f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B2:1E:29:17:54:C2:E0:2F:94:DD:26:9B:A3:9C:DE:24:5F:39:A1
X509v3 Authority Key Identifier:
keyid:9B:53:37:BD:1A:7C:5E:E9:C5:7A:73:B0:A3:3C:61:21:9C:D2:A9:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1M3vRp8XunFenOwozxhIZzSqcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/UrIeKRdUwuAvlN0mm6Oc3iRfOaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/m1M3vRp8XunFenOwozxhIZzSqcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.153.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:a3:f4:45:fe:54:0b:06:b5:31:8c:81:b2:ae:92:f3:d5:59:
63:79:5e:4f:70:56:d5:95:2b:51:b3:5b:72:eb:8c:45:d2:42:
fc:09:26:1d:a5:79:dc:49:f5:28:9d:61:93:b6:01:91:e6:75:
58:b1:4d:83:60:27:e3:ec:64:4b:dc:4b:df:1c:b5:80:6b:3e:
85:ae:ae:e9:ce:c4:53:34:a8:cf:7e:21:76:49:89:d6:e5:e6:
b5:82:95:69:56:bd:81:79:cb:78:dc:38:3b:78:07:89:e5:f7:
41:48:ad:d3:04:01:68:b0:fc:ae:24:6e:74:22:13:0d:51:b0:
bc:a7:fd:9a:03:c0:c6:ed:0a:5e:8e:fe:d9:04:9b:f0:b8:7f:
b1:d8:e1:b9:f1:04:49:a6:b3:21:1a:e0:16:59:03:b6:b1:30:
78:3b:8f:fd:37:da:a9:db:7e:77:4e:3a:5d:67:5f:87:ee:2d:
a6:52:47:e6:91:fe:9c:39:cc:c6:70:08:25:64:68:25:23:ad:
de:d5:03:4b:3c:51:5a:68:ae:dc:e2:46:f6:26:05:27:84:b2:
c6:ef:d8:72:dd:3f:72:28:81:f5:5a:b1:7d:9b:f0:52:b8:b4:
24:70:47:04:7f:70:89:c4:56:63:19:ff:f9:08:c4:93:89:e0:
b7:08:c7:13
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzGuN0MrIWAaIcNYlWr9xQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTMzN2JkMWE3YzVlZTljNTdhNzNiMGEzM2M2MTIxOWNk
MmE5Y2IwHhcNMjQwMTAxMjAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIyMWUyOTE3NTRjMmUwMmY5NGRkMjY5YmEzOWNkZTI0NWYzOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1il34Jq5Ou/uR9cziZcFDPOMxQ2j
vOmG9SOEjqU5uTzFHGaL/yB0nQxKsTM1K+GzomdFMcwBIbH+KVFFiuUoOz0p9nNi
NkFUczwkHxLVcc7jfwYIt4UFNsxxADm6TCJOq1yC9B6nJy/RJRDT4CKSNKUwLgLW
+jBz7Q8t3PP0DCt8Cj/1+xRjqE+pX3r7sOakaHP2hXT4QeySTptL+5BFx/UibMvE
FnwBEBxSWKdtKnlzBWaOx6Kgzbi85VbEC5IBGy5Y76i7HLjlvj1roU5jU2FQl5aE
TXS8X+y7sjSwKUzPsk1SsUKQi2SKGkse/IwA6qvTsAhEinpDLvLyXs5/kQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFFKyHikXVMLgL5TdJpujnN4kXzmhMB8GA1UdIwQY
MBaAFJtTN70afF7pxXpzsKM8YSGc0qnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFNM3ZScDhYdW5GZW5Pd296eGhJWnpTcWNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS85Y2I1ZmItYWI2NS00YTJiLTg4ZGQt
MmVmNzE2NWIyMWI1LzEvVXJJZUtSZFV3dUF2bE4wbW02T2MzaVJmT2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS85Y2I1ZmItYWI2NS00YTJiLTg4ZGQtMmVmNzE2NWIyMWI1
LzEvbTFNM3ZScDhYdW5GZW5Pd296eGhJWnpTcWNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlZkwDQYJ
KoZIhvcNAQELBQADggEBAHuj9EX+VAsGtTGMgbKukvPVWWN5Xk9wVtWVK1GzW3Lr
jEXSQvwJJh2ledxJ9SidYZO2AZHmdVixTYNgJ+PsZEvcS98ctYBrPoWurunOxFM0
qM9+IXZJidbl5rWClWlWvYF5y3jcODt4B4nl90FIrdMEAWiw/K4kbnQiEw1RsLyn
/ZoDwMbtCl6O/tkEm/C4f7HY4bnxBEmmsyEa4BZZA7axMHg7j/032qnbfndOOl1n
X4fuLaZSR+aR/pw5zMZwCCVkaCUjrd7VA0s8UVportziRvYmBSeEssbv2HLdP3Io
gfVasX2b8FK4tCRwRwR/cInEVmMZ//kIxJOJ4LcIxxM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:03:01 2024 by rpki-client on console-fra.rpki-client.org