Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/0IdjxIZKElldlD9uE5zt8xEGGAQ.roa
File: 0IdjxIZKElldlD9uE5zt8xEGGAQ.roa (raw, json)
Hash identifier: jTS9ynTSeFkFtRByVfBdBXdx+DWqRZyXv+t0z+sKNLE=
Subject key identifier: D0:87:63:C4:86:4A:12:59:5D:94:3F:6E:13:9C:ED:F3:11:06:18:04
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018CC3B6D56A685FF2422D963511EFDBC9D7
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/0IdjxIZKElldlD9uE5zt8xEGGAQ.roa
Signing time: Mon 01 Jan 2024 06:29:48 +0000
ROA not before: Mon 01 Jan 2024 06:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399587
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d5:6a:68:5f:f2:42:2d:96:35:11:ef:db:c9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 1 06:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d08763c4864a12595d943f6e139cedf311061804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:03:11:c9:2b:26:a2:cf:2e:f4:98:73:e5:
e4:c5:8f:f1:f3:b5:59:da:d5:01:b0:0f:6a:0d:15:
54:d9:8c:2b:a4:29:cd:21:78:34:7f:d3:79:f3:46:
4c:1f:da:3d:1a:71:91:44:b9:cc:c9:71:de:0a:3b:
74:ba:81:5d:ee:e2:64:13:d0:06:30:4e:0b:4b:26:
47:71:e9:51:96:93:32:7c:fb:d0:3c:8d:69:4b:85:
9c:13:b6:79:06:85:f4:1d:99:c8:a8:4b:b6:49:ff:
69:31:d6:4b:73:97:6e:44:6f:16:d2:2b:8b:45:ef:
ca:22:70:71:a2:80:a8:4a:2a:fb:a4:35:51:a0:0b:
dd:06:3c:34:7a:eb:48:5d:c0:4a:f6:7c:2d:77:67:
a7:89:57:e4:96:d5:99:2b:90:0b:85:13:30:6c:f7:
10:3a:1b:3d:27:d7:3c:48:2c:26:8a:ad:2b:bb:c3:
5b:ba:1e:40:21:23:fb:ab:e2:60:d1:ff:08:8b:36:
2f:29:74:9b:2e:1f:38:b0:08:d0:71:55:79:9d:2c:
e4:7f:f5:27:69:ce:b3:91:16:3d:a8:93:70:61:0f:
5a:1d:85:97:22:b6:e6:41:e6:30:bd:42:0d:1d:af:
04:0c:6d:7b:9f:3f:a0:88:c4:0e:29:36:82:2d:4d:
65:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:87:63:C4:86:4A:12:59:5D:94:3F:6E:13:9C:ED:F3:11:06:18:04
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/0IdjxIZKElldlD9uE5zt8xEGGAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.48.0/22
178.171.62.0/23
Signature Algorithm: sha256WithRSAEncryption
92:c3:ba:64:28:b9:75:35:3a:be:9e:f8:3f:98:10:81:3b:b6:
fc:d5:53:05:e1:de:e8:54:3b:8a:90:67:b6:61:fa:c1:30:a3:
79:86:f6:16:e1:c5:58:96:ea:49:5c:de:07:09:16:b1:f2:bb:
b6:2e:ed:8f:aa:38:26:bf:ad:08:d1:49:a1:8c:94:a0:d3:b5:
82:2f:bb:a0:f1:d7:10:fc:8a:52:9b:5e:73:20:d2:c0:4f:e8:
83:b3:4e:b0:41:9c:be:29:26:af:91:17:67:3b:a3:64:7b:5b:
29:08:fc:75:f9:e6:7a:42:ea:dd:f4:ff:2a:88:54:b8:ca:bb:
4e:56:87:ec:b3:d4:48:24:fc:7e:74:87:41:e5:68:91:09:4a:
0a:b5:11:a3:bc:18:36:f0:2d:c9:3b:4f:99:cc:99:1f:de:33:
28:d9:51:8d:5f:15:74:56:2f:c2:4e:4e:c8:52:fb:6d:85:62:
9a:71:7b:92:bc:c8:4f:49:9d:60:f2:9c:06:78:0c:ee:f2:db:
f8:f8:1d:5d:86:71:0a:93:17:2b:33:d4:27:2f:49:c6:da:b9:
d7:6d:39:3a:ae:51:f3:9f:92:cb:3b:62:ff:52:39:a0:47:54:
d2:3a:0b:eb:73:86:9b:90:af:23:9f:58:a5:94:77:96:3f:87:
f2:9f:27:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDttVqaF/yQi2WNRHv28nXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTAxMDYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg3NjNjNDg2NGExMjU5NWQ5NDNmNmUxMzljZWRmMzExMDYxODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAligDEckrJqLPLvSYc+XkxY/x87VZ
2tUBsA9qDRVU2YwrpCnNIXg0f9N580ZMH9o9GnGRRLnMyXHeCjt0uoFd7uJkE9AG
ME4LSyZHcelRlpMyfPvQPI1pS4WcE7Z5BoX0HZnIqEu2Sf9pMdZLc5duRG8W0iuL
Re/KInBxooCoSir7pDVRoAvdBjw0eutIXcBK9nwtd2eniVfkltWZK5ALhRMwbPcQ
Ohs9J9c8SCwmiq0ru8Nbuh5AISP7q+Jg0f8IizYvKXSbLh84sAjQcVV5nSzkf/Un
ac6zkRY9qJNwYQ9aHYWXIrbmQeYwvUINHa8EDG17nz+giMQOKTaCLU1lwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNCHY8SGShJZXZQ/bhOc7fMRBhgEMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvMElkanhJWktFbGxkbEQ5dUU1enQ4eEVHR0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQBsqs+MA0GCSqGSIb3DQEBCwUAA4IBAQCSw7pkKLl1NTq+nvg/mBCBO7b8
1VMF4d7oVDuKkGe2YfrBMKN5hvYW4cVYlupJXN4HCRax8ru2Lu2Pqjgmv60I0Umh
jJSg07WCL7ug8dcQ/IpSm15zINLAT+iDs06wQZy+KSavkRdnO6Nke1spCPx1+eZ6
Qurd9P8qiFS4yrtOVofss9RIJPx+dIdB5WiRCUoKtRGjvBg28C3JO0+ZzJkf3jMo
2VGNXxV0Vi/CTk7IUvtthWKacXuSvMhPSZ1g8pwGeAzu8tv4+B1dhnEKkxcrM9Qn
L0nG2rnXbTk6rlHzn5LLO2L/UjmgR1TSOgvrc4abkK8jn1illHeWP4fynyfn
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:25 2024 by rpki-client on console-fra.rpki-client.org