Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/_S9Na2K4sRMloa0r66BqZuvAiic.roa
File: _S9Na2K4sRMloa0r66BqZuvAiic.roa (raw, json)
Hash identifier: Fhl2nm0Goj2xhV3NO2ZXJVpHfxh3oKjVVIt3OrP/GL4=
Subject key identifier: FD:2F:4D:6B:62:B8:B1:13:25:A1:AD:2B:EB:A0:6A:66:EB:C0:8A:27
Certificate issuer: /CN=e4ba91d626504ccbc64d89740b63cb2eb4234f70
Certificate serial: 018CCA2B2534FF742462A51CD43EAC051265
Authority key identifier: E4:BA:91:D6:26:50:4C:CB:C6:4D:89:74:0B:63:CB:2E:B4:23:4F:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LqR1iZQTMvGTYl0C2PLLrQjT3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/_S9Na2K4sRMloa0r66BqZuvAiic.roa
Signing time: Tue 02 Jan 2024 12:34:34 +0000
ROA not before: Tue 02 Jan 2024 12:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 138.248.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/5LqR1iZQTMvGTYl0C2PLLrQjT3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/5LqR1iZQTMvGTYl0C2PLLrQjT3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/5LqR1iZQTMvGTYl0C2PLLrQjT3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:25:34:ff:74:24:62:a5:1c:d4:3e:ac:05:12:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4ba91d626504ccbc64d89740b63cb2eb4234f70
Validity
Not Before: Jan 2 12:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd2f4d6b62b8b11325a1ad2beba06a66ebc08a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d6:c8:2e:da:f3:85:bf:fd:2b:d0:5b:8b:6f:
90:41:24:84:b5:26:62:7c:c0:b9:40:01:4b:68:5a:
36:4e:10:df:15:df:e3:4e:a1:48:eb:67:2d:0e:6c:
00:cd:f0:00:86:83:7f:47:a3:22:04:5e:4d:69:43:
77:6f:c7:12:96:0c:cb:0f:35:e5:a3:b3:3c:d7:7c:
bf:59:b3:dc:e8:3b:09:32:0a:0a:31:fa:40:c6:99:
17:69:69:4c:1c:b6:a4:a8:c7:6d:aa:33:f6:5a:fd:
fa:a7:fe:28:52:7d:79:3e:73:ee:89:8a:04:6a:c1:
9f:41:20:d5:09:e2:9d:4e:62:a1:5a:6c:fa:ad:a8:
87:dc:4f:69:5b:17:2c:57:6b:99:85:09:2a:95:30:
66:07:77:6c:3f:dc:1b:4d:e1:35:be:a6:ad:d8:6d:
a5:3b:ea:1f:7b:5c:5a:c8:61:5d:c8:f2:ce:1a:d1:
f1:a0:03:27:6a:32:a0:0c:92:13:ac:4e:c5:69:c9:
85:63:e3:95:5a:2b:57:3b:d2:99:fc:b3:ae:b9:28:
ac:bb:a0:05:0e:cc:fb:e3:50:ac:19:4e:a9:37:4a:
ef:54:47:9a:fa:3b:71:8d:01:34:7e:e7:3d:67:97:
ba:8f:4f:ac:e0:43:cb:d0:84:2a:84:3d:66:b9:57:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2F:4D:6B:62:B8:B1:13:25:A1:AD:2B:EB:A0:6A:66:EB:C0:8A:27
X509v3 Authority Key Identifier:
keyid:E4:BA:91:D6:26:50:4C:CB:C6:4D:89:74:0B:63:CB:2E:B4:23:4F:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LqR1iZQTMvGTYl0C2PLLrQjT3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/_S9Na2K4sRMloa0r66BqZuvAiic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/5LqR1iZQTMvGTYl0C2PLLrQjT3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.248.0.0/20
Signature Algorithm: sha256WithRSAEncryption
52:8d:18:f0:e5:85:27:ef:2f:b8:96:c2:1d:46:53:43:d0:56:
fc:0f:ef:45:ba:06:96:fd:b6:28:53:99:00:cb:a5:d2:7f:ee:
a7:26:d3:fe:c9:e7:b9:b2:9f:b9:38:4e:4e:40:d8:c6:6d:75:
c7:91:ab:68:44:8a:59:76:a6:21:8e:da:b2:02:0c:e4:9c:1a:
9d:85:11:72:5b:c6:8f:d1:95:cd:1c:36:5a:e7:1a:59:46:5e:
7a:fd:5f:39:37:8a:7b:b2:db:7d:64:9b:37:5a:7e:f3:05:be:
b2:5d:36:c4:be:4f:ff:9e:f0:2f:2c:ec:6c:81:69:98:90:32:
90:d2:e0:53:d9:70:38:cd:81:ec:fd:e8:68:2c:99:97:99:7f:
17:6e:7d:54:ec:e2:b0:52:67:b6:6d:7c:bc:d6:a2:a2:51:f0:
ad:d8:22:54:8a:93:4b:e4:9e:40:cd:80:bc:f3:51:8f:6b:53:
23:b7:8a:bc:a8:c0:55:1f:06:90:2e:c3:c5:6a:27:3d:0e:12:
3e:0c:b9:a9:5b:4c:c3:6b:04:32:a6:85:0c:90:1c:d5:8c:43:
e9:d9:4f:a3:4b:25:9c:ab:80:83:e1:e0:10:2a:f9:18:18:85:
41:2b:f5:c1:db:38:08:93:ea:2e:d1:a9:97:fc:cf:10:7f:d9:
11:da:f0:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKyU0/3QkYqUc1D6sBRJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmE5MWQ2MjY1MDRjY2JjNjRkODk3NDBiNjNjYjJlYjQy
MzRmNzAwHhcNMjQwMTAyMTIzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJmNGQ2YjYyYjhiMTEzMjVhMWFkMmJlYmEwNmE2NmViYzA4YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9bILtrzhb/9K9Bbi2+QQSSEtSZi
fMC5QAFLaFo2ThDfFd/jTqFI62ctDmwAzfAAhoN/R6MiBF5NaUN3b8cSlgzLDzXl
o7M813y/WbPc6DsJMgoKMfpAxpkXaWlMHLakqMdtqjP2Wv36p/4oUn15PnPuiYoE
asGfQSDVCeKdTmKhWmz6raiH3E9pWxcsV2uZhQkqlTBmB3dsP9wbTeE1vqat2G2l
O+ofe1xayGFdyPLOGtHxoAMnajKgDJITrE7FacmFY+OVWitXO9KZ/LOuuSisu6AF
Dsz741CsGU6pN0rvVEea+jtxjQE0fuc9Z5e6j0+s4EPL0IQqhD1muVfnLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0vTWtiuLETJaGtK+ugambrwIonMB8GA1UdIwQY
MBaAFOS6kdYmUEzLxk2JdAtjyy60I09wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxxUjFpWlFUTXZHVFlsMEMyUExMclFqVDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84ODdlOTQtZWI5Ny00MTA5LTlkYTgt
Y2JmMThkMmQ2NmMzLzEvX1M5TmEySzRzUk1sb2EwcjY2QnFadXZBaWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84ODdlOTQtZWI5Ny00MTA5LTlkYTgtY2JmMThkMmQ2NmMz
LzEvNUxxUjFpWlFUTXZHVFlsMEMyUExMclFqVDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEivgAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSjRjw5YUn7y+4lsIdRlND0Fb8D+9FugaW/bYoU5kA
y6XSf+6nJtP+yee5sp+5OE5OQNjGbXXHkatoRIpZdqYhjtqyAgzknBqdhRFyW8aP
0ZXNHDZa5xpZRl56/V85N4p7stt9ZJs3Wn7zBb6yXTbEvk//nvAvLOxsgWmYkDKQ
0uBT2XA4zYHs/ehoLJmXmX8Xbn1U7OKwUme2bXy81qKiUfCt2CJUipNL5J5AzYC8
81GPa1Mjt4q8qMBVHwaQLsPFaic9DhI+DLmpW0zDawQypoUMkBzVjEPp2U+jSyWc
q4CD4eAQKvkYGIVBK/XB2zgIk+ou0amX/M8Qf9kR2vCG
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:03:20 2024 by rpki-client on console-ams.rpki-client.org