Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/1sjgNKAMdRNFetXEPZINAHENLT8.roa
File: 1sjgNKAMdRNFetXEPZINAHENLT8.roa (raw, json)
Hash identifier: 464bG3NQ7KIWLpV9dx/p/SdncWO4Iz4t2VB5ZIiPPog=
Subject key identifier: D6:C8:E0:34:A0:0C:75:13:45:7A:D5:C4:3D:92:0D:00:71:0D:2D:3F
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 01911C65466D9CAF357547154F819A5A2933
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/1sjgNKAMdRNFetXEPZINAHENLT8.roa
Signing time: Sun 04 Aug 2024 07:58:04 +0000
ROA not before: Sun 04 Aug 2024 07:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 178.248.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1c:65:46:6d:9c:af:35:75:47:15:4f:81:9a:5a:29:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Aug 4 07:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6c8e034a00c7513457ad5c43d920d00710d2d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8a:cb:9d:aa:0f:1d:64:40:0f:75:50:6b:b9:
51:49:79:37:43:f8:38:9b:4d:d1:5f:67:49:0d:78:
fa:1b:c3:56:1e:38:39:fb:98:9a:55:9e:81:60:ef:
11:45:8a:c0:8a:ba:6a:24:a9:63:25:11:53:37:7e:
4c:ea:63:59:cf:b3:3d:79:68:e9:d1:9f:12:55:b0:
68:2f:56:a8:c3:1b:2f:ab:5d:29:93:8e:e6:1b:4c:
b2:d4:98:a6:e1:ea:b6:93:f5:b6:75:37:24:0a:d7:
34:8d:d8:1a:da:05:61:7a:a7:e1:f0:2f:a1:3f:be:
8b:c0:91:6f:cd:0b:9d:fd:c0:97:29:40:fa:ac:2f:
19:f1:e4:94:c4:af:ec:98:3c:5b:16:fd:c4:62:3a:
aa:9f:96:66:70:ae:43:14:82:e6:59:b7:11:51:14:
59:39:26:58:fd:69:59:c8:c7:fa:8f:0b:47:d6:5f:
bc:2f:2f:80:8a:df:ac:7a:c7:19:7a:22:1c:9e:9f:
8e:c6:49:27:9c:7f:16:2f:f2:3e:b9:79:f9:ab:76:
4c:0c:86:f8:d5:cc:f3:10:2d:d5:28:15:98:47:6c:
f4:21:a4:6b:8b:f4:70:b7:a8:7e:b7:8f:d8:d0:c1:
63:e1:8e:9e:2f:a0:8d:31:67:94:c8:bd:6d:e9:4a:
4b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C8:E0:34:A0:0C:75:13:45:7A:D5:C4:3D:92:0D:00:71:0D:2D:3F
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/1sjgNKAMdRNFetXEPZINAHENLT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.76.0/24
Signature Algorithm: sha256WithRSAEncryption
03:a4:8a:40:e3:32:6c:fb:41:c8:b5:43:91:30:f0:29:96:cd:
a5:4f:bb:72:70:c2:a5:7e:1d:18:8a:81:40:8a:53:01:0c:2d:
ee:90:ea:9a:11:2f:1a:18:d7:d6:43:26:31:e7:b2:de:f0:22:
62:59:5b:1b:d9:1e:ee:51:e4:e0:ce:67:b6:10:61:89:be:92:
a7:d3:65:61:ac:49:ac:2c:48:41:a9:42:c6:d0:8e:31:54:9d:
57:10:3a:b0:29:4f:e0:93:77:04:fc:30:65:75:1e:a2:b4:d5:
bb:35:3e:e7:6a:e0:68:b3:47:6c:7d:80:5a:fe:71:16:82:6c:
3d:b7:a9:aa:b5:b8:e0:6f:86:9a:ef:66:38:65:38:b3:de:d9:
0d:74:72:dd:f1:66:31:fd:84:0e:77:54:07:0d:e6:42:9d:24:
5c:d7:1e:72:03:07:d1:3e:6c:02:45:29:7e:08:af:ec:74:dd:
cb:a8:8d:59:95:de:3e:90:08:52:c9:cb:5b:cc:9f:b3:36:80:
28:d0:4d:54:bd:46:63:2f:47:35:e7:a9:78:ec:36:f9:39:46:
fb:8a:43:61:5c:d3:24:9c:24:d3:46:5a:5d:58:3e:23:be:87:
63:8b:cc:0a:8a:0b:61:52:02:7d:a1:b8:5b:b7:2b:47:46:37:
7a:04:2c:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEcZUZtnK81dUcVT4GaWikzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjQwODA0MDc1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmM4ZTAzNGEwMGM3NTEzNDU3YWQ1YzQzZDkyMGQwMDcxMGQyZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYrLnaoPHWRAD3VQa7lRSXk3Q/g4
m03RX2dJDXj6G8NWHjg5+5iaVZ6BYO8RRYrAirpqJKljJRFTN35M6mNZz7M9eWjp
0Z8SVbBoL1aowxsvq10pk47mG0yy1Jim4eq2k/W2dTckCtc0jdga2gVheqfh8C+h
P76LwJFvzQud/cCXKUD6rC8Z8eSUxK/smDxbFv3EYjqqn5ZmcK5DFILmWbcRURRZ
OSZY/WlZyMf6jwtH1l+8Ly+Ait+sescZeiIcnp+OxkknnH8WL/I+uXn5q3ZMDIb4
1czzEC3VKBWYR2z0IaRri/Rwt6h+t4/Y0MFj4Y6eL6CNMWeUyL1t6UpLGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbI4DSgDHUTRXrVxD2SDQBxDS0/MB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvMXNqZ05LQU1kUk5GZXRYRVBaSU5BSEVOTFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvhMMA0G
CSqGSIb3DQEBCwUAA4IBAQADpIpA4zJs+0HItUORMPApls2lT7tycMKlfh0YioFA
ilMBDC3ukOqaES8aGNfWQyYx57Le8CJiWVsb2R7uUeTgzme2EGGJvpKn02VhrEms
LEhBqULG0I4xVJ1XEDqwKU/gk3cE/DBldR6itNW7NT7nauBos0dsfYBa/nEWgmw9
t6mqtbjgb4aa72Y4ZTiz3tkNdHLd8WYx/YQOd1QHDeZCnSRc1x5yAwfRPmwCRSl+
CK/sdN3LqI1Zld4+kAhSyctbzJ+zNoAo0E1UvUZjL0c156l47Db5OUb7ikNhXNMk
nCTTRlpdWD4jvodji8wKigthUgJ9obhbtytHRjd6BCx7
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:30 2024 by rpki-client on console-ams.rpki-client.org