Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/26ubqMdKveoANRM-Div24OdjsCQ.roa
File: 26ubqMdKveoANRM-Div24OdjsCQ.roa (raw, json)
Hash identifier: wPe3ag2C7a+zq9/YCa28f64WoNShlxl9gBNAB6xhd1Y=
Subject key identifier: DB:AB:9B:A8:C7:4A:BD:EA:00:35:13:3E:0E:2B:F6:E0:E7:63:B0:24
Certificate issuer: /CN=bf3ac720a117b74d4d13c263f79477929edbb4bc
Certificate serial: 0190BFD08D6DE238A56B4ED8F2EB21763459
Authority key identifier: BF:3A:C7:20:A1:17:B7:4D:4D:13:C2:63:F7:94:77:92:9E:DB:B4:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/26ubqMdKveoANRM-Div24OdjsCQ.roa
Signing time: Wed 17 Jul 2024 08:30:34 +0000
ROA not before: Wed 17 Jul 2024 08:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198906
IP address blocks: 176.118.136.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 17:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:d0:8d:6d:e2:38:a5:6b:4e:d8:f2:eb:21:76:34:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf3ac720a117b74d4d13c263f79477929edbb4bc
Validity
Not Before: Jul 17 08:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbab9ba8c74abdea0035133e0e2bf6e0e763b024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:17:e1:78:34:8a:79:70:8a:06:86:83:25:43:
40:d8:a9:6d:ab:58:ac:75:d5:f2:1b:bc:77:97:c8:
2a:09:b4:4a:aa:dd:85:c7:65:6c:52:0e:7e:81:09:
3e:94:22:87:cf:f4:94:8f:87:ca:17:7b:49:87:3e:
4f:a1:35:34:c3:b7:02:de:f7:02:bb:b9:fe:78:0f:
d1:86:69:a8:79:00:64:65:4d:22:23:f5:8b:06:e4:
3c:d7:66:98:9e:46:8c:4b:07:40:51:51:3a:a3:59:
32:14:a0:79:0c:1a:8d:49:bf:31:93:f6:d7:e5:a7:
9c:a9:13:1e:01:7b:77:7e:4f:17:54:59:7e:52:94:
ee:96:fb:a1:af:fe:e3:f2:bb:4e:d0:91:f3:f3:a2:
cf:0c:06:a6:8b:64:15:b1:7b:2f:a1:6d:f9:75:f5:
66:4e:65:28:11:8a:11:34:58:fd:5b:77:43:d1:31:
02:58:2c:48:34:7e:dd:21:da:6d:aa:0f:cd:5a:12:
e9:5f:58:4d:89:70:fe:8a:a6:d6:3a:2c:67:5f:65:
cb:f5:75:90:a1:ed:e5:0d:a0:05:54:52:ba:61:03:
42:1d:77:66:71:f7:28:63:d2:7c:c7:19:31:09:7e:
b1:68:80:e4:df:c9:54:6f:28:5f:79:cd:21:4e:9a:
23:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AB:9B:A8:C7:4A:BD:EA:00:35:13:3E:0E:2B:F6:E0:E7:63:B0:24
X509v3 Authority Key Identifier:
keyid:BF:3A:C7:20:A1:17:B7:4D:4D:13:C2:63:F7:94:77:92:9E:DB:B4:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/26ubqMdKveoANRM-Div24OdjsCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.136.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:71:05:21:d6:aa:9b:4a:47:32:29:00:37:3c:d2:6e:f2:5b:
09:83:a1:3c:e6:e6:ce:1e:06:1c:a8:5d:fc:98:e2:e4:b1:c6:
8e:d7:5d:b2:91:84:f9:0b:70:09:96:50:7d:7d:3e:d5:bc:08:
85:aa:be:14:fa:fc:90:92:a7:69:b5:b2:f6:39:70:73:44:47:
9b:f5:3d:48:81:63:43:1d:c4:b3:f7:d6:f8:4c:f9:d8:e7:1c:
f3:87:4d:2a:3f:02:6e:bd:39:0e:24:e3:25:ec:cb:04:e9:1e:
63:f4:8c:04:5b:57:b2:ae:2f:d9:b5:9f:89:af:b5:94:68:a3:
30:d4:86:fa:06:b5:b0:ce:69:01:26:2e:74:10:c8:08:02:30:
5a:42:17:59:01:38:6a:dd:43:7f:be:4b:d9:d0:d3:82:95:c5:
f2:69:46:8a:d1:ed:57:1f:b5:49:1c:62:23:1b:1b:eb:58:fc:
f2:86:fb:3e:c2:16:5f:2c:b3:fb:56:f9:ad:5b:61:ba:51:b9:
ed:a9:da:34:85:81:d8:b3:fe:74:2a:24:e4:54:31:a7:34:41:
1b:72:c3:ad:e1:82:c0:c9:04:7f:52:a6:76:bf:79:f1:b6:39:
b0:41:d1:e7:aa:cf:21:1b:c3:9d:e9:10:12:a4:67:37:1e:2c:
0c:03:fe:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC/0I1t4jila07Y8ushdjRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmM2FjNzIwYTExN2I3NGQ0ZDEzYzI2M2Y3OTQ3NzkyOWVk
YmI0YmMwHhcNMjQwNzE3MDgzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmFiOWJhOGM3NGFiZGVhMDAzNTEzM2UwZTJiZjZlMGU3NjNiMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBfheDSKeXCKBoaDJUNA2Kltq1is
ddXyG7x3l8gqCbRKqt2Fx2VsUg5+gQk+lCKHz/SUj4fKF3tJhz5PoTU0w7cC3vcC
u7n+eA/RhmmoeQBkZU0iI/WLBuQ812aYnkaMSwdAUVE6o1kyFKB5DBqNSb8xk/bX
5aecqRMeAXt3fk8XVFl+UpTulvuhr/7j8rtO0JHz86LPDAami2QVsXsvoW35dfVm
TmUoEYoRNFj9W3dD0TECWCxINH7dIdptqg/NWhLpX1hNiXD+iqbWOixnX2XL9XWQ
oe3lDaAFVFK6YQNCHXdmcfcoY9J8xxkxCX6xaIDk38lUbyhfec0hTpojzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNurm6jHSr3qADUTPg4r9uDnY7AkMB8GA1UdIwQY
MBaAFL86xyChF7dNTRPCY/eUd5Ke27S8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjVmNWUtN2I3ZC00YjI4LWE5YjMt
MGFjMWJiZDQzNGQwLzEvMjZ1YnFNZEt2ZW9BTlJNLURpdjI0T2Rqc0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjVmNWUtN2I3ZC00YjI4LWE5YjMtMGFjMWJiZDQzNGQw
LzEvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHaIMA0G
CSqGSIb3DQEBCwUAA4IBAQCscQUh1qqbSkcyKQA3PNJu8lsJg6E85ubOHgYcqF38
mOLkscaO112ykYT5C3AJllB9fT7VvAiFqr4U+vyQkqdptbL2OXBzREeb9T1IgWND
HcSz99b4TPnY5xzzh00qPwJuvTkOJOMl7MsE6R5j9IwEW1eyri/ZtZ+Jr7WUaKMw
1Ib6BrWwzmkBJi50EMgIAjBaQhdZAThq3UN/vkvZ0NOClcXyaUaK0e1XH7VJHGIj
GxvrWPzyhvs+whZfLLP7VvmtW2G6Ubntqdo0hYHYs/50KiTkVDGnNEEbcsOt4YLA
yQR/UqZ2v3nxtjmwQdHnqs8hG8Od6RASpGc3HiwMA/6e
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:19:05 2024 by rpki-client on console-ams.rpki-client.org