Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/pi0bP3kYpAZJF_AQuWfzMLBKJRA.roa
File: pi0bP3kYpAZJF_AQuWfzMLBKJRA.roa (raw, json)
Hash identifier: 1kLRy6XaqQO+0zX2vuf5RcsVMfEf+sx9BcVyXo8W7uE=
Subject key identifier: A6:2D:1B:3F:79:18:A4:06:49:17:F0:10:B9:67:F3:30:B0:4A:25:10
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018CC348EFD182CE67AA61692F42A0B10BA1
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/pi0bP3kYpAZJF_AQuWfzMLBKJRA.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397192
IP address blocks: 78.143.245.0/24 maxlen: 24
78.143.247.0/24 maxlen: 24
5.226.176.0/21 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
2a03:a860:51::/48 maxlen: 48
2a03:a860:61::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ef:d1:82:ce:67:aa:61:69:2f:42:a0:b1:0b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a62d1b3f7918a4064917f010b967f330b04a2510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:53:1b:78:01:50:a4:be:8f:19:f0:8c:e1:f3:
51:6e:79:80:c8:cd:1f:f5:a1:68:9e:b8:62:1a:27:
e8:ce:11:f3:06:92:69:94:80:33:16:2a:7b:f6:cf:
b2:e3:88:24:68:66:01:76:86:1a:47:4b:f3:3d:cc:
ad:e2:75:7e:3a:74:27:c5:1f:2c:7b:29:bc:40:c9:
4e:b0:90:49:f3:57:8a:d6:9d:41:33:1e:92:9b:c7:
89:35:b0:45:12:d0:33:f9:06:10:32:74:d3:04:bf:
3b:a0:ac:7d:29:38:92:a9:83:0f:6f:f4:31:19:de:
ce:68:49:5b:18:f5:a8:27:b6:a2:39:7a:d2:e4:55:
05:34:2d:bb:02:e8:4a:1f:4c:0d:a8:37:1e:06:d5:
8d:0a:52:8d:04:f0:3d:69:a7:6b:78:89:6f:1c:dc:
02:0c:71:4b:36:d7:f2:da:96:a7:ec:10:19:6f:be:
d6:b3:cf:f6:3d:9e:26:5c:e2:65:95:9a:e0:68:d2:
32:cb:73:a7:3b:fc:2c:8a:0c:16:70:32:8a:fb:c9:
0c:c0:3e:16:d3:78:88:fb:77:df:55:86:22:e5:13:
0c:d7:45:9b:07:9e:0b:0f:39:d3:fb:58:30:4c:e9:
74:21:3b:f7:36:e0:2d:89:2a:f3:4a:73:6b:91:84:
b6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2D:1B:3F:79:18:A4:06:49:17:F0:10:B9:67:F3:30:B0:4A:25:10
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/pi0bP3kYpAZJF_AQuWfzMLBKJRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
78.143.245.0/24
78.143.247.0/24
IPv6:
2a03:a860:51::/48
2a03:a860:61::/48
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
82:09:39:96:2b:db:04:cc:77:8d:2e:ce:97:80:83:dc:c0:36:
a7:94:5a:1f:fc:af:df:87:00:8a:a9:e6:e5:a5:15:82:f0:68:
9c:bf:c7:21:2d:29:6f:78:2b:92:cd:eb:de:b5:f7:c2:3c:98:
c8:5e:8e:2c:30:fe:12:4b:26:bf:51:59:2e:c2:a0:18:45:b1:
71:33:5b:66:5b:e4:3c:3f:31:48:cf:cd:c0:3f:f9:1a:e2:12:
a8:20:41:5d:fb:9a:cf:c4:87:9b:fa:16:a4:2a:93:d5:78:f8:
10:79:8f:a1:ce:ee:b7:bc:3f:a0:f6:f6:4f:76:7b:b8:f0:bb:
cd:3b:c2:b9:1d:4d:48:99:23:13:ee:a8:d7:99:91:48:0e:a4:
e3:ea:7c:7f:24:49:fe:60:54:2d:54:ce:8f:97:89:c7:d2:18:
ea:47:e4:09:8a:7c:f2:3c:88:f8:c5:9b:d5:d3:7c:43:8a:33:
ab:0e:33:f8:d5:c9:ec:5e:0a:73:7d:81:e3:80:a1:0c:c5:5c:
01:e9:bd:b1:1d:46:79:b8:77:98:3a:fc:cb:b1:ba:40:8b:13:
6d:7a:eb:8e:22:65:2b:84:7f:d5:12:c7:20:15:b7:f6:89:a1:
ae:87:0e:74:05:93:c6:ce:62:5d:f2:8a:b8:54:4a:98:ed:13:
4d:c7:e0:3c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzDSO/Rgs5nqmFpL0KgsQuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJkMWIzZjc5MThhNDA2NDkxN2YwMTBiOTY3ZjMzMGIwNGEyNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllMbeAFQpL6PGfCM4fNRbnmAyM0f
9aFonrhiGifozhHzBpJplIAzFip79s+y44gkaGYBdoYaR0vzPcyt4nV+OnQnxR8s
eym8QMlOsJBJ81eK1p1BMx6Sm8eJNbBFEtAz+QYQMnTTBL87oKx9KTiSqYMPb/Qx
Gd7OaElbGPWoJ7aiOXrS5FUFNC27AuhKH0wNqDceBtWNClKNBPA9aadreIlvHNwC
DHFLNtfy2pan7BAZb77Ws8/2PZ4mXOJllZrgaNIyy3OnO/wsigwWcDKK+8kMwD4W
03iI+3ffVYYi5RMM10WbB54LDznT+1gwTOl0ITv3NuAtiSrzSnNrkYS2xQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKYtGz95GKQGSRfwELln8zCwSiUQMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvcGkwYlAza1lwQVpKRl9BUXVXZnpNTEJLSlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAYBAIAATASAwQDBeKwAwQA
To/1AwQATo/3MCAEAgACMBoDBwAqA6hgAFEDBwAqA6hgAGEDBgAqA6hgCjANBgkq
hkiG9w0BAQsFAAOCAQEAggk5livbBMx3jS7Ol4CD3MA2p5RaH/yv34cAiqnm5aUV
gvBonL/HIS0pb3grks3r3rX3wjyYyF6OLDD+Eksmv1FZLsKgGEWxcTNbZlvkPD8x
SM/NwD/5GuISqCBBXfuaz8SHm/oWpCqT1Xj4EHmPoc7ut7w/oPb2T3Z7uPC7zTvC
uR1NSJkjE+6o15mRSA6k4+p8fyRJ/mBULVTOj5eJx9IY6kfkCYp88jyI+MWb1dN8
Q4ozqw4z+NXJ7F4Kc32B44ChDMVcAem9sR1Gebh3mDr8y7G6QIsTbXrrjiJlK4R/
1RLHIBW39omhrocOdAWTxs5iXfKKuFRKmO0TTcfgPA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:10:42 2024 by rpki-client on console-fra.rpki-client.org