Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/pW7KIsBt7f2hEqOzfFiEgWKE5o4.roa
File: pW7KIsBt7f2hEqOzfFiEgWKE5o4.roa (raw, json)
Hash identifier: 59Eb3QpvZQ9ZgzAavZpX85dCTyqfsHFsFyV3MyL78tQ=
Subject key identifier: A5:6E:CA:22:C0:6D:ED:FD:A1:12:A3:B3:7C:58:84:81:62:84:E6:8E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018CC801C1DB05BF6B74E0C1F30A60218A3C
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/pW7KIsBt7f2hEqOzfFiEgWKE5o4.roa
Signing time: Tue 02 Jan 2024 02:30:07 +0000
ROA not before: Tue 02 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 176.46.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c1:db:05:bf:6b:74:e0:c1:f3:0a:60:21:8a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a56eca22c06dedfda112a3b37c5884816284e68e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:f8:5a:04:ab:fb:71:6c:f7:31:26:3a:2b:
84:8b:dd:35:ec:d1:e3:1a:8e:4a:95:a7:45:19:f2:
8a:23:25:0d:d6:ac:a7:bc:20:f2:35:a6:c2:9c:0e:
b0:d3:90:3f:14:38:50:63:a9:d2:d9:4b:dc:4d:fb:
d4:85:fe:ba:e0:35:96:9b:17:9a:5d:c0:d6:69:dc:
30:67:a1:f5:01:5c:28:2f:55:f5:c7:2f:e3:fd:3e:
26:1b:e5:2c:4b:79:1b:41:01:2d:99:07:40:ba:b1:
86:7a:21:45:09:c8:21:47:19:a5:8e:c7:cc:cd:79:
8f:e6:5a:e2:fe:07:96:a7:3d:48:dc:9c:0f:5e:40:
b3:c6:1e:a6:83:48:2d:84:56:89:dc:9f:00:3d:2a:
aa:4c:7b:06:22:9a:8b:f9:ee:cd:a9:1a:04:33:1c:
9d:03:e1:b2:67:32:2a:10:81:72:ca:9c:c3:1c:8a:
c4:6f:c9:d4:3c:e3:61:a7:e6:a9:81:5c:a9:2e:a5:
23:bd:36:9a:56:cc:72:e4:07:43:79:23:17:8c:57:
1b:3a:dd:66:43:8f:83:53:d8:b1:52:79:79:f5:b7:
4b:58:04:ca:ff:99:c4:ab:b3:0e:54:7c:f9:d4:31:
97:3a:d3:bd:18:59:06:15:2b:cc:da:67:ae:bc:38:
ec:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6E:CA:22:C0:6D:ED:FD:A1:12:A3:B3:7C:58:84:81:62:84:E6:8E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/pW7KIsBt7f2hEqOzfFiEgWKE5o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.137.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:4e:a9:bf:a8:7a:94:a4:17:e6:95:d3:fb:c8:79:b3:f4:96:
5d:da:d7:d9:dd:a5:80:df:3d:ca:99:93:76:66:c8:c9:5e:62:
b4:d6:9e:42:2d:9f:1e:32:77:7d:50:1d:7a:0c:2a:b0:f5:af:
62:68:19:bb:3d:a3:00:aa:d1:9a:56:3c:0b:c2:93:47:f0:1a:
ee:ef:93:d4:06:ab:01:dc:c9:e5:8f:5c:67:4c:8d:e1:27:fd:
76:b9:9a:99:fe:03:49:88:de:88:ef:b2:3c:43:f1:45:29:fe:
c8:5b:ef:f4:15:b7:41:2b:11:11:32:35:dc:da:4f:9c:0d:df:
19:36:34:90:f2:44:a9:1b:1d:ea:8b:51:fc:19:44:57:f4:18:
ac:32:ae:67:73:71:30:96:45:d7:14:6d:33:8d:e1:5e:8f:c3:
8b:57:34:09:19:5d:23:5a:f0:02:f1:67:22:7d:21:df:b7:37:
d5:95:56:20:a0:43:66:40:36:e4:13:fa:78:a9:85:f6:bc:0c:
9a:f3:c6:ef:38:b2:e1:b7:ef:f1:5e:4c:39:11:fb:eb:41:d2:
1f:20:f4:70:34:23:dc:cc:e0:a2:b9:84:80:d0:16:91:10:99:
73:c6:5e:54:57:98:c0:08:8a:32:41:ad:d8:1c:93:03:29:54:
f7:de:f0:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAcHbBb9rdODB8wpgIYo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTAyMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTZlY2EyMmMwNmRlZGZkYTExMmEzYjM3YzU4ODQ4MTYyODRlNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZT4WgSr+3Fs9zEmOiuEi9017NHj
Go5KladFGfKKIyUN1qynvCDyNabCnA6w05A/FDhQY6nS2UvcTfvUhf664DWWmxea
XcDWadwwZ6H1AVwoL1X1xy/j/T4mG+UsS3kbQQEtmQdAurGGeiFFCcghRxmljsfM
zXmP5lri/geWpz1I3JwPXkCzxh6mg0gthFaJ3J8APSqqTHsGIpqL+e7NqRoEMxyd
A+GyZzIqEIFyypzDHIrEb8nUPONhp+apgVypLqUjvTaaVsxy5AdDeSMXjFcbOt1m
Q4+DU9ixUnl59bdLWATK/5nEq7MOVHz51DGXOtO9GFkGFSvM2meuvDjsRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVuyiLAbe39oRKjs3xYhIFihOaOMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcFc3S0lzQnQ3ZjJoRXFPemZGaUVnV0tFNW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQCKTqm/qHqUpBfmldP7yHmz9JZd2tfZ3aWA3z3KmZN2
ZsjJXmK01p5CLZ8eMnd9UB16DCqw9a9iaBm7PaMAqtGaVjwLwpNH8Bru75PUBqsB
3Mnlj1xnTI3hJ/12uZqZ/gNJiN6I77I8Q/FFKf7IW+/0FbdBKxERMjXc2k+cDd8Z
NjSQ8kSpGx3qi1H8GURX9BisMq5nc3EwlkXXFG0zjeFej8OLVzQJGV0jWvAC8Wci
fSHftzfVlVYgoENmQDbkE/p4qYX2vAya88bvOLLht+/xXkw5EfvrQdIfIPRwNCPc
zOCiuYSA0BaREJlzxl5UV5jACIoyQa3YHJMDKVT33vA2
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:11 2024 by rpki-client on console-fra.rpki-client.org