Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/pCg89jqhhIkZSwM-P2O-9pzfz2M.roa
File: pCg89jqhhIkZSwM-P2O-9pzfz2M.roa (raw, json)
Hash identifier: 5dRfobw3/NI8ZCp50z64YNIGquTXrhLxxCRxuP/1Doo=
Subject key identifier: A4:28:3C:F6:3A:A1:84:89:19:4B:03:3E:3F:63:BE:F6:9C:DF:CF:63
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 0191EDA39F2E430FDEA8AC82AF30227D5590
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/pCg89jqhhIkZSwM-P2O-9pzfz2M.roa
Signing time: Fri 13 Sep 2024 23:06:48 +0000
ROA not before: Fri 13 Sep 2024 23:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 146.255.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ed:a3:9f:2e:43:0f:de:a8:ac:82:af:30:22:7d:55:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Sep 13 23:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4283cf63aa18489194b033e3f63bef69cdfcf63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:2c:1f:e9:11:6e:f4:6b:25:38:d2:10:ca:
12:82:4c:a4:a8:67:a9:39:91:b3:23:dc:31:f6:96:
81:9a:15:27:26:34:c1:20:af:0c:52:fd:7f:1b:72:
29:28:69:cf:01:21:0c:b5:9c:56:46:83:25:5c:0e:
70:6e:84:91:73:69:b2:58:45:54:93:20:e9:67:86:
8a:e9:51:83:62:c8:85:8f:8b:65:7b:22:29:2c:31:
f0:e8:99:f3:52:1e:36:63:ca:6c:3b:e7:90:1f:38:
c8:59:41:07:a2:b9:8d:c7:06:9f:17:94:b6:59:88:
ff:f1:37:ca:55:ae:11:97:a2:cb:02:18:fb:8e:da:
66:80:6b:6a:ca:9a:b0:77:3e:0d:2a:06:7d:61:58:
ef:a4:33:82:b5:6b:3f:7a:09:78:64:ec:b3:79:0a:
7b:56:e2:10:2d:64:5a:8f:3b:fa:0e:a8:78:7a:b7:
3f:57:9f:85:21:3b:8c:58:06:2b:ba:7e:a1:eb:61:
14:0b:ed:fd:bc:44:6b:20:0c:06:7c:e2:dc:bc:8b:
73:86:5d:39:a4:2f:58:8f:5b:68:e5:fa:2d:78:4b:
e9:0e:ad:72:0a:f5:59:6d:7a:38:65:96:02:0d:a7:
2d:86:2d:0e:41:f7:a0:62:50:e2:e9:8b:fb:8e:32:
cc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:28:3C:F6:3A:A1:84:89:19:4B:03:3E:3F:63:BE:F6:9C:DF:CF:63
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/pCg89jqhhIkZSwM-P2O-9pzfz2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.32.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:1f:6e:84:85:ff:0c:73:bf:6e:9e:1f:d6:2f:ce:d8:11:93:
c6:ba:81:9e:9b:1c:d3:ca:57:9f:cd:04:6f:be:76:8e:e1:c4:
88:59:e8:ab:ea:a7:7a:6a:6b:31:f4:98:0c:5b:f2:ec:3f:5e:
73:8f:b8:87:7f:fc:33:4f:c3:68:8d:71:5b:4e:1a:19:e9:cf:
e5:3c:c7:17:9a:18:3b:39:e5:63:78:fa:af:58:cf:e4:39:61:
78:94:80:e1:17:00:cd:4e:8e:2a:cc:22:73:e5:04:13:31:6c:
84:fe:b1:85:63:3d:b7:b4:a1:d1:01:7d:23:2d:f9:95:d3:55:
5c:61:cb:0f:33:0a:81:7c:41:43:59:39:8a:66:1e:0c:fb:6f:
d4:87:5d:21:6a:cf:69:34:33:7e:8e:97:7f:c7:97:64:5a:67:
d5:27:97:a6:ac:c8:d6:fd:eb:c3:3c:a4:6d:04:ec:8d:01:86:
d5:9d:79:f3:1f:c7:9c:b8:fe:08:92:88:e2:5b:6a:a9:5e:8e:
66:5f:7c:44:3b:ff:30:c6:25:3c:bb:24:f4:20:54:08:9c:91:
af:ec:6a:d0:0f:09:84:16:bc:6a:3b:68:0d:d1:d7:b1:e6:15:
6b:4d:88:7c:20:df:bb:d4:ab:07:97:74:75:c9:86:b3:fa:4f:
9c:1c:d6:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHto58uQw/eqKyCrzAifVWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwOTEzMjMwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI4M2NmNjNhYTE4NDg5MTk0YjAzM2UzZjYzYmVmNjljZGZjZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudQsH+kRbvRrJTjSEMoSgkykqGep
OZGzI9wx9paBmhUnJjTBIK8MUv1/G3IpKGnPASEMtZxWRoMlXA5wboSRc2myWEVU
kyDpZ4aK6VGDYsiFj4tleyIpLDHw6JnzUh42Y8psO+eQHzjIWUEHormNxwafF5S2
WYj/8TfKVa4Rl6LLAhj7jtpmgGtqypqwdz4NKgZ9YVjvpDOCtWs/egl4ZOyzeQp7
VuIQLWRajzv6Dqh4erc/V5+FITuMWAYrun6h62EUC+39vERrIAwGfOLcvItzhl05
pC9Yj1to5foteEvpDq1yCvVZbXo4ZZYCDacthi0OQfegYlDi6Yv7jjLMDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQoPPY6oYSJGUsDPj9jvvac389jMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvcENnODlqcWhoSWtaU3dNLVAyTy05cHpmejJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkv8gMA0G
CSqGSIb3DQEBCwUAA4IBAQA7H26Ehf8Mc79unh/WL87YEZPGuoGemxzTylefzQRv
vnaO4cSIWeir6qd6amsx9JgMW/LsP15zj7iHf/wzT8NojXFbThoZ6c/lPMcXmhg7
OeVjePqvWM/kOWF4lIDhFwDNTo4qzCJz5QQTMWyE/rGFYz23tKHRAX0jLfmV01Vc
YcsPMwqBfEFDWTmKZh4M+2/Uh10has9pNDN+jpd/x5dkWmfVJ5emrMjW/evDPKRt
BOyNAYbVnXnzH8ecuP4IkojiW2qpXo5mX3xEO/8wxiU8uyT0IFQInJGv7GrQDwmE
FrxqO2gN0dex5hVrTYh8IN+71KsHl3R1yYaz+k+cHNaz
-----END CERTIFICATE-----
Generated at Tue Oct 22 18:59:19 2024 by rpki-client on console-ams.rpki-client.org