Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Kb01xUl-D7eTQRyGkZ9Y7KRRvs8.roa
File: Kb01xUl-D7eTQRyGkZ9Y7KRRvs8.roa (raw, json)
Hash identifier: ISjRoCk2ryiUGo/hqd+FtSfOh7Res2T4MLhGh5SWVrs=
Subject key identifier: 29:BD:35:C5:49:7E:0F:B7:93:41:1C:86:91:9F:58:EC:A4:51:BE:CF
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018CC3B6D2593103ADAD1CBC55F00DD0C203
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Kb01xUl-D7eTQRyGkZ9Y7KRRvs8.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/22 maxlen: 22
178.171.48.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
178.171.60.0/22 maxlen: 22
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 10:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d2:59:31:03:ad:ad:1c:bc:55:f0:0d:d0:c2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29bd35c5497e0fb793411c86919f58eca451becf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:01:f2:ee:6a:49:ea:a3:f5:0b:d7:f1:0e:
2e:8f:c2:65:78:d8:20:92:d2:c8:b3:e4:f2:10:d7:
4c:af:58:ba:61:97:28:64:f1:91:22:bb:e4:1c:d8:
5e:42:33:98:51:37:1f:f3:6c:8a:b2:d7:46:15:c9:
92:07:73:f2:c3:3d:23:25:d3:d7:ca:63:84:53:f6:
36:29:98:bb:7b:8b:f8:6b:08:88:b4:99:20:f5:2a:
32:86:c0:56:70:8b:92:c5:d6:52:4e:c6:b3:f3:e6:
50:8c:4a:bb:77:64:84:cc:6f:e8:a6:6c:32:ce:4a:
3f:a8:c7:f8:c8:5a:fd:c6:e7:32:bd:9f:00:d5:e2:
f3:75:af:8c:d1:3b:31:71:46:cf:d6:d1:ea:5f:21:
c7:91:51:1c:53:63:e1:91:54:d7:ca:d0:cc:d5:51:
4a:fe:05:93:eb:53:fe:f8:df:28:9d:df:9e:42:d9:
34:1c:b8:28:a5:b3:b6:56:0e:96:5f:2e:d5:14:65:
27:fe:e1:7f:37:0e:8e:23:6e:93:1b:64:eb:74:5a:
ee:d4:e7:76:de:a1:81:bb:84:9e:7e:6c:75:d1:c3:
5b:83:7b:f8:37:fd:09:76:dd:3d:9a:42:9b:2e:cb:
13:ec:d5:1e:ac:e2:d9:1e:43:13:52:88:f7:b5:87:
34:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BD:35:C5:49:7E:0F:B7:93:41:1C:86:91:9F:58:EC:A4:51:BE:CF
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Kb01xUl-D7eTQRyGkZ9Y7KRRvs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.48.0/22
178.171.60.0/22
Signature Algorithm: sha256WithRSAEncryption
10:cb:d9:84:38:9c:66:75:53:9c:75:82:a9:05:23:d4:23:50:
68:77:1e:1e:92:b8:57:50:f0:b5:ed:fa:6e:af:38:db:e6:2e:
2a:25:3b:25:5d:03:78:f6:78:44:b0:60:02:2a:05:fb:05:a7:
6e:4d:ef:fb:e5:b1:ee:fa:a7:73:b2:56:ae:35:de:7f:00:4b:
b0:03:d7:36:ae:7f:7e:a1:da:ff:54:d7:44:6f:d4:b0:9d:b0:
f2:b0:8a:11:02:07:7d:5a:03:df:51:2c:42:f1:de:db:72:db:
e9:d7:14:1d:b6:9e:c1:23:d3:e8:a5:54:88:27:83:ae:b7:0e:
e8:f1:f8:65:f4:a7:6a:61:f0:9d:86:3b:a2:d3:06:00:a7:93:
b9:d5:02:b3:e2:64:0b:50:d3:b7:da:95:06:8d:70:5e:4e:c8:
de:0e:8b:e3:1b:c1:27:f0:38:5d:79:fe:4d:87:3f:b4:20:48:
71:81:3d:d9:8e:69:77:df:ff:a1:6d:86:74:5b:72:e0:e3:88:
f3:fd:1d:61:98:62:20:bd:a0:85:d9:e9:7c:b5:55:f3:15:14:
9f:b0:27:f4:10:e4:b7:5b:d2:60:7b:6f:df:72:69:7a:d0:ed:
80:1d:fe:da:8d:54:40:51:75:94:c0:74:dd:92:ef:8c:eb:26:
6f:7c:c1:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDttJZMQOtrRy8VfAN0MIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJkMzVjNTQ5N2UwZmI3OTM0MTFjODY5MTlmNThlY2E0NTFiZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvasB8u5qSeqj9QvX8Q4uj8JleNgg
ktLIs+TyENdMr1i6YZcoZPGRIrvkHNheQjOYUTcf82yKstdGFcmSB3Pywz0jJdPX
ymOEU/Y2KZi7e4v4awiItJkg9SoyhsBWcIuSxdZSTsaz8+ZQjEq7d2SEzG/opmwy
zko/qMf4yFr9xucyvZ8A1eLzda+M0TsxcUbP1tHqXyHHkVEcU2PhkVTXytDM1VFK
/gWT61P++N8ond+eQtk0HLgopbO2Vg6WXy7VFGUn/uF/Nw6OI26TG2TrdFru1Od2
3qGBu4Sefmx10cNbg3v4N/0Jdt09mkKbLssT7NUerOLZHkMTUoj3tYc0KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCm9NcVJfg+3k0EchpGfWOykUb7PMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvS2IwMXhVbC1EN2VUUVJ5R2taOVk3S1JSdnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQCsqs8MA0GCSqGSIb3DQEBCwUAA4IBAQAQy9mEOJxmdVOcdYKpBSPUI1Bo
dx4ekrhXUPC17fpurzjb5i4qJTslXQN49nhEsGACKgX7BaduTe/75bHu+qdzslau
Nd5/AEuwA9c2rn9+odr/VNdEb9SwnbDysIoRAgd9WgPfUSxC8d7bctvp1xQdtp7B
I9PopVSIJ4Outw7o8fhl9KdqYfCdhjui0wYAp5O51QKz4mQLUNO32pUGjXBeTsje
DovjG8En8Dhdef5Nhz+0IEhxgT3Zjml33/+hbYZ0W3Lg44jz/R1hmGIgvaCF2el8
tVXzFRSfsCf0EOS3W9Jge2/fcml60O2AHf7ajVRAUXWUwHTdku+M6yZvfMEm
-----END CERTIFICATE-----
Generated at Thu May 9 18:06:49 2024 by rpki-client on console-ams.rpki-client.org