Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/n-X8EB0YTWqFT_06KFF7e1nsbg0.roa
File: n-X8EB0YTWqFT_06KFF7e1nsbg0.roa (raw, json)
Hash identifier: GyGtVrbgBlQg1bdRx5egkjnmjRPej4MWON8Q+CMEh3Q=
Subject key identifier: 9F:E5:FC:10:1D:18:4D:6A:85:4F:FD:3A:28:51:7B:7B:59:EC:6E:0D
Certificate issuer: /CN=95380935e7e8a21ec32b65a7fc4ed7d468278521
Certificate serial: 018CC72738E0EE5014FA711DAE2C265F6453
Authority key identifier: 95:38:09:35:E7:E8:A2:1E:C3:2B:65:A7:FC:4E:D7:D4:68:27:85:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/n-X8EB0YTWqFT_06KFF7e1nsbg0.roa
Signing time: Mon 01 Jan 2024 22:31:25 +0000
ROA not before: Mon 01 Jan 2024 22:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 148.200.0.0/21 maxlen: 21
148.200.14.0/24 maxlen: 24
148.200.240.0/21 maxlen: 21
148.200.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/lTgJNefooh7DK2Wn_E7X1GgnhSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/lTgJNefooh7DK2Wn_E7X1GgnhSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:38:e0:ee:50:14:fa:71:1d:ae:2c:26:5f:64:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95380935e7e8a21ec32b65a7fc4ed7d468278521
Validity
Not Before: Jan 1 22:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe5fc101d184d6a854ffd3a28517b7b59ec6e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d5:96:e1:1c:03:a4:01:9c:29:e2:b2:36:7a:
9f:aa:f3:3f:d5:b9:e9:a0:96:59:22:60:1e:cf:53:
78:92:8b:be:de:68:3e:19:d4:84:d2:6b:f6:6b:5b:
77:45:0c:18:45:8a:d1:59:2f:2a:a7:de:78:8e:ba:
84:ef:56:d2:4f:37:17:92:83:ed:64:ee:45:31:71:
5a:bc:82:7a:60:25:df:fc:79:24:36:53:2b:73:91:
5c:d6:b7:5b:b4:1f:95:ca:e3:39:e3:25:86:5d:de:
94:82:27:71:49:c9:4f:3c:fd:a8:26:f6:ee:a3:1b:
3d:fc:d8:29:0a:2e:76:cb:44:38:52:30:41:cf:82:
b6:80:b4:7f:20:be:56:4c:46:d4:89:d4:9b:65:db:
b4:28:98:19:2e:07:a6:0a:8b:a2:ce:f0:9f:00:96:
4b:c0:ea:c6:f9:de:91:e3:9a:34:ea:25:c4:46:43:
25:c5:45:1e:a3:b6:ed:f4:4b:fd:4c:89:ca:e0:a7:
e4:0d:0c:79:74:c9:64:f5:4d:02:68:ca:13:fb:aa:
93:e4:79:58:a6:c5:66:95:7e:74:ea:fb:b3:14:49:
8d:0c:45:93:4a:b5:71:a8:e6:b2:85:b2:d1:4f:44:
40:64:41:b2:43:12:8e:fe:4a:a1:0b:ef:b6:95:f7:
ca:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E5:FC:10:1D:18:4D:6A:85:4F:FD:3A:28:51:7B:7B:59:EC:6E:0D
X509v3 Authority Key Identifier:
keyid:95:38:09:35:E7:E8:A2:1E:C3:2B:65:A7:FC:4E:D7:D4:68:27:85:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/n-X8EB0YTWqFT_06KFF7e1nsbg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/lTgJNefooh7DK2Wn_E7X1GgnhSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.200.0.0/21
148.200.14.0/24
148.200.140.0/22
148.200.240.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:6a:67:f4:f8:d9:d9:4e:91:25:70:74:99:37:23:49:7a:85:
41:12:1a:01:b7:c8:1b:aa:79:27:f4:c4:35:0e:bc:60:e8:8a:
0a:bc:47:5f:69:48:2a:09:89:0d:e0:94:fa:a7:38:61:71:f7:
7c:74:5e:28:19:ec:15:cb:14:d5:7a:b1:51:45:51:b6:53:75:
06:1e:9e:5c:e2:bc:af:13:42:5a:82:b0:33:b9:71:7d:70:74:
5c:3d:92:0b:a0:fa:4c:9a:4e:82:1b:42:af:cd:71:9e:7a:b5:
f7:13:6b:29:99:85:16:d1:59:ad:18:ae:d3:04:14:e4:61:96:
54:ad:eb:e7:db:64:15:72:00:ac:ac:a9:07:92:46:1c:b7:8f:
05:f7:87:c3:12:de:83:66:94:fe:ee:a1:8b:a7:88:56:c6:a2:
c8:e1:3f:8b:1e:1d:fb:5b:b9:05:23:9b:8c:65:60:a1:c7:40:
30:bc:92:d6:ba:db:72:ab:e6:fc:6d:2f:5e:2e:5e:4e:5a:90:
31:03:73:3e:ba:75:de:5a:1f:48:b5:0b:45:b6:39:41:fb:60:
a8:c1:62:7f:06:95:c3:31:2e:7c:98:69:73:41:48:3c:b8:b7:
ac:f4:02:2f:15:73:01:65:d8:d3:cf:24:02:bb:56:bc:ae:57:
f3:6c:75:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJzjg7lAU+nEdriwmX2RTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MzgwOTM1ZTdlOGEyMWVjMzJiNjVhN2ZjNGVkN2Q0Njgy
Nzg1MjEwHhcNMjQwMTAxMjIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU1ZmMxMDFkMTg0ZDZhODU0ZmZkM2EyODUxN2I3YjU5ZWM2ZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNWW4RwDpAGcKeKyNnqfqvM/1bnp
oJZZImAez1N4kou+3mg+GdSE0mv2a1t3RQwYRYrRWS8qp954jrqE71bSTzcXkoPt
ZO5FMXFavIJ6YCXf/HkkNlMrc5Fc1rdbtB+VyuM54yWGXd6UgidxSclPPP2oJvbu
oxs9/NgpCi52y0Q4UjBBz4K2gLR/IL5WTEbUidSbZdu0KJgZLgemCouizvCfAJZL
wOrG+d6R45o06iXERkMlxUUeo7bt9Ev9TInK4KfkDQx5dMlk9U0CaMoT+6qT5HlY
psVmlX506vuzFEmNDEWTSrVxqOayhbLRT0RAZEGyQxKO/kqhC++2lffKUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ/l/BAdGE1qhU/9OihRe3tZ7G4NMB8GA1UdIwQY
MBaAFJU4CTXn6KIewytlp/xO19RoJ4UhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFRnSk5lZm9vaDdESzJXbl9FN1gxR2duaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MjYzMWItZmRmMy00MTNmLThmMjIt
ZWNlMDg4ZjAxODI3LzEvbi1YOEVCMFlUV3FGVF8wNktGRjdlMW5zYmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MjYzMWItZmRmMy00MTNmLThmMjItZWNlMDg4ZjAxODI3
LzEvbFRnSk5lZm9vaDdESzJXbl9FN1gxR2duaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDlMgAAwQA
lMgOAwQClMiMAwQDlMjwMA0GCSqGSIb3DQEBCwUAA4IBAQCfamf0+NnZTpElcHSZ
NyNJeoVBEhoBt8gbqnkn9MQ1Drxg6IoKvEdfaUgqCYkN4JT6pzhhcfd8dF4oGewV
yxTVerFRRVG2U3UGHp5c4ryvE0JagrAzuXF9cHRcPZILoPpMmk6CG0KvzXGeerX3
E2spmYUW0VmtGK7TBBTkYZZUrevn22QVcgCsrKkHkkYct48F94fDEt6DZpT+7qGL
p4hWxqLI4T+LHh37W7kFI5uMZWChx0AwvJLWuttyq+b8bS9eLl5OWpAxA3M+unXe
Wh9ItQtFtjlB+2CowWJ/BpXDMS58mGlzQUg8uLes9AIvFXMBZdjTzyQCu1a8rlfz
bHVJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:51 2024 by rpki-client on console-ams.rpki-client.org