Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/P9xfvowjwUTJ1BeBZWftNJoTRTY.roa
File: P9xfvowjwUTJ1BeBZWftNJoTRTY.roa (raw, json)
Hash identifier: PCS3CVpHKLNPd59/He1D9rndMZygMly1wpKkhCi7M84=
Subject key identifier: 3F:DC:5F:BE:8C:23:C1:44:C9:D4:17:81:65:67:ED:34:9A:13:45:36
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 018CC72748FF5C61E0A2240C21D8042BD5DB
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/P9xfvowjwUTJ1BeBZWftNJoTRTY.roa
Signing time: Mon 01 Jan 2024 22:31:29 +0000
ROA not before: Mon 01 Jan 2024 22:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 128.139.0.0/17 maxlen: 17
128.139.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:48:ff:5c:61:e0:a2:24:0c:21:d8:04:2b:d5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Jan 1 22:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fdc5fbe8c23c144c9d417816567ed349a134536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b2:ac:02:a7:01:fd:b7:7c:df:40:88:14:92:
be:8e:79:63:b3:bc:e5:57:24:5f:65:ed:9b:7b:ea:
8c:38:b9:d9:95:9a:5f:8e:8b:2d:d2:2e:02:eb:84:
c2:a3:f0:8c:a2:81:3e:6f:9b:0d:2c:4a:ec:20:14:
25:7a:c4:17:5f:cb:37:ea:5e:ab:2f:4b:de:c8:14:
b8:21:ca:61:a5:35:8e:8d:7a:fb:0e:0f:68:1e:30:
90:db:74:84:d9:fc:a1:da:17:3d:ae:e6:41:40:54:
2b:71:3c:f3:17:bf:ca:8d:5b:b6:fa:67:2a:76:bf:
ad:af:18:f9:19:a8:50:d4:db:e3:f4:2e:38:0f:a6:
5c:09:7f:05:85:6c:83:63:a0:4b:06:c7:8b:30:f1:
b0:70:a8:30:5c:94:b5:3d:7e:0e:8d:e6:b6:73:47:
40:af:f2:37:4c:2a:27:19:b2:0c:6b:2d:c3:d2:fe:
7b:04:57:9e:49:4b:29:4e:f0:44:55:5b:b3:e6:3d:
89:c1:a7:f5:49:ca:79:a4:88:9f:c3:f8:e4:79:0a:
72:db:05:fc:fc:d8:fe:86:13:b5:8b:23:9c:a5:6b:
92:2c:a3:45:40:25:49:32:e5:39:25:98:43:ab:3d:
40:ea:fc:10:02:31:d1:7d:12:36:df:80:0b:57:a5:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DC:5F:BE:8C:23:C1:44:C9:D4:17:81:65:67:ED:34:9A:13:45:36
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/P9xfvowjwUTJ1BeBZWftNJoTRTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:76:7c:a3:74:47:c7:90:72:4a:15:e4:d0:ec:86:67:33:cf:
69:c6:7d:87:62:ef:79:7a:95:94:5f:cc:b7:d6:de:ee:28:f0:
5e:1d:5a:e3:87:27:1e:96:97:a4:ee:5c:c5:4c:71:5e:95:9a:
17:14:06:67:10:bc:47:41:b5:f4:11:0d:6c:fc:10:24:7c:35:
5a:04:2d:b5:46:c2:a7:0c:28:44:79:d8:c8:53:0b:92:ca:5c:
56:3c:8d:a2:63:c5:10:04:59:be:3a:6b:7f:39:9b:22:ec:29:
5f:a6:4e:87:64:ea:2e:36:3a:4a:5c:22:aa:55:f0:2e:a8:e5:
d1:7f:05:f0:79:fb:79:2b:21:e1:5d:c3:53:c2:f8:2b:0e:c8:
1a:1d:39:b5:31:c8:bc:ec:6f:83:cb:f3:b8:8f:f8:98:80:22:
a1:0f:a9:a6:76:5a:48:de:bd:70:1d:ce:8a:18:53:35:96:95:
a7:04:c9:25:67:80:42:62:f3:6d:b8:a6:d8:5e:8d:5a:f2:aa:
64:35:6e:e0:d2:2b:6e:22:1d:54:e4:79:6b:56:b8:37:e8:c5:
6b:27:60:cc:08:48:f8:f9:14:45:de:17:3a:c4:db:ed:60:c6:
f7:87:b8:88:69:1b:06:24:99:1a:40:7f:0d:16:bf:29:b8:eb:
16:71:73:85
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzHJ0j/XGHgoiQMIdgEK9XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRjNWZiZThjMjNjMTQ0YzlkNDE3ODE2NTY3ZWQzNDlhMTM0NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7KsAqcB/bd830CIFJK+jnljs7zl
VyRfZe2be+qMOLnZlZpfjost0i4C64TCo/CMooE+b5sNLErsIBQlesQXX8s36l6r
L0veyBS4IcphpTWOjXr7Dg9oHjCQ23SE2fyh2hc9ruZBQFQrcTzzF7/KjVu2+mcq
dr+trxj5GahQ1Nvj9C44D6ZcCX8FhWyDY6BLBseLMPGwcKgwXJS1PX4Ojea2c0dA
r/I3TConGbIMay3D0v57BFeeSUspTvBEVVuz5j2Jwaf1Scp5pIifw/jkeQpy2wX8
/Nj+hhO1iyOcpWuSLKNFQCVJMuU5JZhDqz1A6vwQAjHRfRI234ALV6WaxQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFD/cX76MI8FEydQXgWVn7TSaE0U2MB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvUDl4ZnZvd2p3VVRKMUJlQlpXZnROSm9UUlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgIswDQYJ
KoZIhvcNAQELBQADggEBAI12fKN0R8eQckoV5NDshmczz2nGfYdi73l6lZRfzLfW
3u4o8F4dWuOHJx6Wl6TuXMVMcV6VmhcUBmcQvEdBtfQRDWz8ECR8NVoELbVGwqcM
KER52MhTC5LKXFY8jaJjxRAEWb46a385myLsKV+mTodk6i42OkpcIqpV8C6o5dF/
BfB5+3krIeFdw1PC+CsOyBodObUxyLzsb4PL87iP+JiAIqEPqaZ2WkjevXAdzooY
UzWWlacEySVngEJi8224pthejVryqmQ1buDSK24iHVTkeWtWuDfoxWsnYMwISPj5
FEXeFzrE2+1gxveHuIhpGwYkmRpAfw0Wvym46xZxc4U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:49 2024 by rpki-client on console-ams.rpki-client.org