Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/SSDNSjN3IW9MQcUVRFDFXK0gklk.roa
File: SSDNSjN3IW9MQcUVRFDFXK0gklk.roa (raw, json)
Hash identifier: pr9oWa4tIzTujkFNvG5gEv9A3+QP2NKCxDz/GhwOVbk=
Subject key identifier: 49:20:CD:4A:33:77:21:6F:4C:41:C5:15:44:50:C5:5C:AD:20:92:59
Certificate issuer: /CN=10953e607670ff738eee6a6b577d8c8b2804e1e1
Certificate serial: 018CC7955A07A426406AC663606F63CC740E
Authority key identifier: 10:95:3E:60:76:70:FF:73:8E:EE:6A:6B:57:7D:8C:8B:28:04:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/SSDNSjN3IW9MQcUVRFDFXK0gklk.roa
Signing time: Tue 02 Jan 2024 00:31:43 +0000
ROA not before: Tue 02 Jan 2024 00:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8473
IP address blocks: 176.124.224.0/23 maxlen: 23
176.124.225.0/24 maxlen: 24
176.124.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5a:07:a4:26:40:6a:c6:63:60:6f:63:cc:74:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10953e607670ff738eee6a6b577d8c8b2804e1e1
Validity
Not Before: Jan 2 00:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4920cd4a3377216f4c41c5154450c55cad209259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:30:98:aa:21:88:4f:13:dc:fc:4b:29:53:72:
e2:e0:3d:26:0a:25:3d:6c:6c:6b:50:7a:2d:c0:2c:
19:96:4c:56:6f:0c:6f:c1:c3:07:b2:7b:d4:8f:f7:
21:80:dd:80:aa:78:4a:b9:9a:ee:62:69:61:c8:95:
af:56:3f:fb:85:87:d7:55:38:51:e5:66:d9:37:67:
4b:84:51:ee:e7:df:4e:e8:8f:77:fa:98:fd:ef:69:
e2:6b:67:fa:8a:22:fa:0c:c3:c4:55:84:88:ed:8d:
7a:ea:44:b1:6e:c6:93:c5:42:e4:88:1f:3b:55:97:
d5:f1:2d:43:d5:c7:d5:7a:f3:be:0e:2f:cc:2c:ef:
fa:1a:58:c7:b1:c3:34:7a:f4:5a:a1:be:34:70:70:
1b:06:45:20:7c:97:bc:16:63:88:f8:b3:76:22:8a:
e0:ea:cc:43:68:55:46:7c:e0:b4:2b:72:7a:84:ef:
bf:aa:c5:ee:92:ab:3e:1f:83:10:5a:31:bd:93:a2:
89:1d:b0:36:27:83:7d:91:30:41:35:d8:b5:bb:e2:
ef:c2:2a:5c:e4:ca:38:83:cc:38:a1:65:5f:95:7d:
cb:91:4b:f4:00:95:8f:01:2f:5e:5d:83:c9:24:54:
2e:f4:37:aa:86:d3:f0:4e:7e:95:b5:d2:9d:08:86:
7f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:20:CD:4A:33:77:21:6F:4C:41:C5:15:44:50:C5:5C:AD:20:92:59
X509v3 Authority Key Identifier:
keyid:10:95:3E:60:76:70:FF:73:8E:EE:6A:6B:57:7D:8C:8B:28:04:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/SSDNSjN3IW9MQcUVRFDFXK0gklk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.224.0/23
Signature Algorithm: sha256WithRSAEncryption
55:23:14:a3:6d:be:13:bd:9d:ab:e6:91:53:71:bc:5f:de:f3:
f1:7b:ed:28:c1:5d:cc:d3:ce:84:5f:4c:36:fc:ba:b4:23:31:
67:e9:4e:12:ef:21:06:2a:67:a2:15:39:6b:12:32:15:bf:d3:
25:c8:62:9f:7c:2b:6c:24:b1:0e:0b:b5:51:a6:9b:57:b1:aa:
df:76:07:0d:c8:86:ec:9a:9f:06:00:3d:49:70:5e:7f:b9:a9:
b5:8a:ba:22:d3:13:72:78:85:b6:f4:0e:28:7b:08:06:d5:60:
79:bb:43:ac:67:0a:8c:a7:6e:c8:0d:a8:63:93:a6:a2:1b:e9:
01:0b:d2:9d:c5:d4:92:00:03:45:85:a1:a7:09:54:84:cd:28:
d7:0b:62:5e:82:ff:2e:db:fc:95:99:d5:cb:8a:1d:df:42:42:
ed:49:d6:06:4f:ec:21:5e:9d:53:50:5c:dc:8c:92:34:06:68:
be:86:31:8a:57:47:7d:29:80:de:7e:c0:a6:b5:51:cd:3e:46:
b7:88:e6:4b:da:4b:10:fd:de:d7:83:a5:2c:35:02:ed:36:22:
47:64:eb:59:a9:38:8d:53:bc:0a:15:90:5b:51:18:69:fd:0d:
3b:d8:05:6f:0b:63:7d:fb:e4:ac:2e:ea:05:d4:0c:15:4a:99:
e0:e6:01:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlVoHpCZAasZjYG9jzHQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTUzZTYwNzY3MGZmNzM4ZWVlNmE2YjU3N2Q4YzhiMjgw
NGUxZTEwHhcNMjQwMTAyMDAzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTIwY2Q0YTMzNzcyMTZmNGM0MWM1MTU0NDUwYzU1Y2FkMjA5MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zCYqiGITxPc/EspU3Li4D0mCiU9
bGxrUHotwCwZlkxWbwxvwcMHsnvUj/chgN2AqnhKuZruYmlhyJWvVj/7hYfXVThR
5WbZN2dLhFHu599O6I93+pj972nia2f6iiL6DMPEVYSI7Y166kSxbsaTxULkiB87
VZfV8S1D1cfVevO+Di/MLO/6GljHscM0evRaob40cHAbBkUgfJe8FmOI+LN2Iorg
6sxDaFVGfOC0K3J6hO+/qsXukqs+H4MQWjG9k6KJHbA2J4N9kTBBNdi1u+Lvwipc
5Mo4g8w4oWVflX3LkUv0AJWPAS9eXYPJJFQu9DeqhtPwTn6VtdKdCIZ/uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkgzUozdyFvTEHFFURQxVytIJJZMB8GA1UdIwQY
MBaAFBCVPmB2cP9zju5qa1d9jIsoBOHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpVLVlIWndfM09PN21wclYzMk1peWdFNGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hOTkzNTUtMmQwMS00ZGE1LThlNzMt
MWJjNTUyYzAwZGQ3LzEvU1NETlNqTjNJVzlNUWNVVlJGREZYSzBna2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hOTkzNTUtMmQwMS00ZGE1LThlNzMtMWJjNTUyYzAwZGQ3
LzEvRUpVLVlIWndfM09PN21wclYzMk1peWdFNGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHzgMA0G
CSqGSIb3DQEBCwUAA4IBAQBVIxSjbb4TvZ2r5pFTcbxf3vPxe+0owV3M086EX0w2
/Lq0IzFn6U4S7yEGKmeiFTlrEjIVv9MlyGKffCtsJLEOC7VRpptXsarfdgcNyIbs
mp8GAD1JcF5/uam1iroi0xNyeIW29A4oewgG1WB5u0OsZwqMp27IDahjk6aiG+kB
C9KdxdSSAANFhaGnCVSEzSjXC2Jegv8u2/yVmdXLih3fQkLtSdYGT+whXp1TUFzc
jJI0Bmi+hjGKV0d9KYDefsCmtVHNPka3iOZL2ksQ/d7Xg6UsNQLtNiJHZOtZqTiN
U7wKFZBbURhp/Q072AVvC2N9++SsLuoF1AwVSpng5gGZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:23:33 2024 by rpki-client on console-ams.rpki-client.org