Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7Xbjk3gHmNSh4jMhe1E9Qftj2Rs.roa
File: 7Xbjk3gHmNSh4jMhe1E9Qftj2Rs.roa (raw, json)
Hash identifier: 6U+SMw5hvdHlN3FV3LdaJis1ZpkAIJeKzDcJ0HQBo6E=
Subject key identifier: ED:76:E3:93:78:07:98:D4:A1:E2:33:21:7B:51:3D:41:FB:63:D9:1B
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B9467F807BDC2E523B6F03834923BA
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7Xbjk3gHmNSh4jMhe1E9Qftj2Rs.roa
Signing time: Mon 01 Jan 2024 20:31:20 +0000
ROA not before: Mon 01 Jan 2024 20:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20836
IP address blocks: 151.236.18.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:46:7f:80:7b:dc:2e:52:3b:6f:03:83:49:23:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed76e393780798d4a1e233217b513d41fb63d91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:63:51:14:75:d7:e1:a6:6e:01:3c:7b:63:56:
c5:2a:f2:4a:df:91:01:ab:96:fa:ce:5c:ef:8c:57:
5b:9e:35:c8:ce:9c:5d:52:38:5f:4c:26:db:d1:69:
21:f2:ee:cf:9e:49:a5:fe:d7:e2:61:e3:99:32:50:
e1:d6:43:f2:4e:cf:fc:7e:ca:25:d3:bb:7e:49:91:
16:be:8f:66:f8:77:cb:15:27:46:87:3a:55:1a:22:
7d:26:64:06:d6:08:d2:f3:05:77:da:9c:80:54:41:
24:06:29:c1:b4:b7:78:4e:eb:70:ca:e3:7b:0f:9f:
32:07:37:40:80:90:c1:26:29:d4:ab:46:95:25:f6:
e4:0f:f6:f1:36:30:fa:b6:72:e9:a0:ca:e1:f5:ee:
59:12:5b:f8:cb:9f:76:b1:fe:c4:e9:85:fa:37:72:
06:0f:14:d9:63:07:c2:ce:74:ca:89:de:22:2b:3a:
4b:01:93:83:d6:42:fe:23:1b:d2:c3:12:27:cf:a9:
70:ab:92:5f:ff:af:27:b0:b1:e1:d6:43:07:09:ee:
d0:98:2b:ae:47:38:d4:fd:da:8a:d9:9e:fb:c6:ac:
b3:75:69:b4:99:9f:6f:7c:42:7d:4b:3a:ca:8a:22:
f8:19:95:56:52:9b:b1:2d:fb:04:54:42:96:df:b0:
95:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:76:E3:93:78:07:98:D4:A1:E2:33:21:7B:51:3D:41:FB:63:D9:1B
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7Xbjk3gHmNSh4jMhe1E9Qftj2Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.154.157.0/24
151.236.18.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:51:a4:53:ff:ad:de:86:00:32:89:2f:b8:10:83:4b:e8:26:
bd:48:3c:8e:f4:e7:c1:5c:ed:7f:88:74:e3:6c:f2:7e:06:6f:
71:96:a4:81:4b:50:9e:2e:3f:7e:92:fa:e9:e3:c8:0c:79:1f:
59:d8:04:b0:d1:90:fc:c6:c0:ef:f6:2f:1d:89:ae:58:53:a0:
51:81:71:07:d5:fd:7e:8e:b0:a2:20:5d:3e:5a:88:a6:92:58:
3c:53:96:f8:1e:8d:95:c7:23:ee:e6:26:8a:54:a1:e7:ab:6d:
dd:e1:be:34:56:83:0d:5f:bd:6e:56:85:74:cd:de:46:cc:9b:
87:f0:48:df:21:ea:00:6e:48:13:39:e3:55:8b:83:a1:aa:7f:
28:68:ea:72:ac:52:62:be:16:b9:3e:6f:85:b4:aa:b3:0c:2f:
d5:2b:78:ae:a9:89:ff:96:94:c5:a1:90:53:10:dd:76:a2:07:
e8:75:2d:0c:8a:0b:a9:fb:cd:91:24:fb:7f:5d:45:db:df:65:
27:01:0e:7d:02:c0:34:95:4f:d7:a5:8a:e1:c2:2d:67:e0:18:
63:8c:7f:78:9e:f3:29:4f:ba:22:1a:20:e8:11:76:7f:29:0a:
16:bf:ac:e8:be:93:1c:ff:c1:59:c1:e2:9a:cb:40:47:b0:3d:
26:94:a7:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuUZ/gHvcLlI7bwODSSO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDc2ZTM5Mzc4MDc5OGQ0YTFlMjMzMjE3YjUxM2Q0MWZiNjNkOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWNRFHXX4aZuATx7Y1bFKvJK35EB
q5b6zlzvjFdbnjXIzpxdUjhfTCbb0Wkh8u7Pnkml/tfiYeOZMlDh1kPyTs/8fsol
07t+SZEWvo9m+HfLFSdGhzpVGiJ9JmQG1gjS8wV32pyAVEEkBinBtLd4TutwyuN7
D58yBzdAgJDBJinUq0aVJfbkD/bxNjD6tnLpoMrh9e5ZElv4y592sf7E6YX6N3IG
DxTZYwfCznTKid4iKzpLAZOD1kL+IxvSwxInz6lwq5Jf/68nsLHh1kMHCe7QmCuu
RzjU/dqK2Z77xqyzdWm0mZ9vfEJ9SzrKiiL4GZVWUpuxLfsEVEKW37CViwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO1245N4B5jUoeIzIXtRPUH7Y9kbMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvN1hiamszZ0htTlNoNGpNaGUxRTlRZnRqMlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlZqdAwQA
l+wSMA0GCSqGSIb3DQEBCwUAA4IBAQC9UaRT/63ehgAyiS+4EINL6Ca9SDyO9OfB
XO1/iHTjbPJ+Bm9xlqSBS1CeLj9+kvrp48gMeR9Z2ASw0ZD8xsDv9i8dia5YU6BR
gXEH1f1+jrCiIF0+Woimklg8U5b4Ho2VxyPu5iaKVKHnq23d4b40VoMNX71uVoV0
zd5GzJuH8EjfIeoAbkgTOeNVi4Ohqn8oaOpyrFJivha5Pm+FtKqzDC/VK3iuqYn/
lpTFoZBTEN12ogfodS0Migup+82RJPt/XUXb32UnAQ59AsA0lU/XpYrhwi1n4Bhj
jH94nvMpT7oiGiDoEXZ/KQoWv6zovpMc/8FZweKay0BHsD0mlKdO
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:23:39 2024 by rpki-client on console-ams.rpki-client.org