Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Pkh2Ck-SqRtpYvh5dH_DM2FIVqo.roa
File: Pkh2Ck-SqRtpYvh5dH_DM2FIVqo.roa (raw, json)
Hash identifier: i26KLvsf9cRqBtfC2acdYE0JwMimRLkg+cJf24Fwm/Q=
Subject key identifier: 3E:48:76:0A:4F:92:A9:1B:69:62:F8:79:74:7F:C3:33:61:48:56:AA
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 018CC801336ADD64341B4C1B4459D4E9E91F
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Pkh2Ck-SqRtpYvh5dH_DM2FIVqo.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 153.96.78.0/24 maxlen: 24
153.96.82.0/24 maxlen: 24
153.96.218.0/24 maxlen: 24
153.96.22.0/24 maxlen: 24
153.96.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 04:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:33:6a:dd:64:34:1b:4c:1b:44:59:d4:e9:e9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e48760a4f92a91b6962f879747fc333614856aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e5:9e:e4:f3:a9:46:c9:7d:94:86:f8:5e:94:
0f:88:7c:c2:61:3f:07:5d:25:08:4d:08:03:db:b7:
bd:c4:c3:f2:d5:e0:30:1a:3c:8a:6c:af:a3:95:3e:
73:7a:51:e0:8a:c7:b1:c3:f1:dc:99:38:1c:29:b6:
79:c9:53:04:e0:45:a5:d1:fb:fd:eb:3d:a3:db:6d:
46:80:6c:bf:d9:73:86:97:09:58:41:3a:a6:5a:50:
da:f8:10:59:03:43:12:96:72:8a:af:14:1c:5c:b1:
4f:db:94:e8:81:b4:35:64:4c:1c:aa:c1:c0:da:45:
a7:3d:c6:aa:87:e5:d9:c0:48:7e:1f:74:5d:04:7f:
66:5f:ab:da:2c:e6:5f:d5:c3:e5:5f:fd:1d:1e:57:
4e:ef:47:52:25:56:2f:81:72:02:f1:a8:ac:84:81:
4d:b6:b0:c6:37:25:64:da:d0:ad:c9:f1:32:d9:a9:
40:d5:3a:da:5d:56:94:8b:4c:fc:51:25:60:6a:c6:
0e:c5:73:ad:8d:78:62:98:b5:71:71:d9:2e:d6:12:
34:2a:13:34:3b:57:0b:9f:f8:f6:94:5a:91:3f:fd:
c0:94:16:a5:60:ee:52:9c:b3:2e:ba:dc:a2:78:83:
6e:67:ab:89:6c:9a:53:6c:b3:69:68:8a:85:9a:7e:
81:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:48:76:0A:4F:92:A9:1B:69:62:F8:79:74:7F:C3:33:61:48:56:AA
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Pkh2Ck-SqRtpYvh5dH_DM2FIVqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.22.0/24
153.96.51.0/24
153.96.78.0/24
153.96.82.0/24
153.96.218.0/24
Signature Algorithm: sha256WithRSAEncryption
71:a2:e7:05:65:32:98:cf:a3:af:13:b9:c7:42:79:74:f8:98:
5f:0e:e0:5a:31:5c:69:f6:39:8f:f9:04:8e:d6:02:a0:f8:4b:
64:d1:2b:da:58:7c:f4:66:a3:72:50:53:44:4f:5e:57:c4:97:
8d:77:42:a0:93:39:ae:0e:cf:bd:a9:4e:49:c7:4c:ef:4d:68:
37:82:e8:5f:db:a3:ae:af:a3:91:90:45:0c:82:0e:53:6a:7c:
50:40:42:c5:e6:38:c2:34:8d:68:9d:45:ac:80:74:5a:b3:5a:
c8:ff:86:05:0d:63:36:57:3d:54:79:52:b9:9a:fc:d7:66:32:
7b:80:55:3d:1f:0c:15:4e:4f:e8:a9:6f:04:45:31:93:aa:96:
b1:c9:83:91:af:aa:d6:97:f9:89:80:e5:f1:ae:a4:05:53:dc:
20:74:da:24:2c:1b:4d:f4:48:12:7c:59:47:69:68:60:66:dc:
dc:0c:06:92:ae:bf:47:e9:8d:38:33:16:93:dd:40:5d:6d:b7:
db:af:1f:7a:fa:2e:ac:81:9c:3c:06:83:bb:84:c3:d5:46:ed:
ea:84:cc:24:27:25:34:4b:ee:be:d0:5d:de:ed:3b:b7:04:74:
f6:65:15:91:84:2e:8d:ff:85:6e:f0:64:ab:ea:d4:e9:c5:9c:
99:6f:78:49
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIATNq3WQ0G0wbRFnU6ekfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQ4NzYwYTRmOTJhOTFiNjk2MmY4Nzk3NDdmYzMzMzYxNDg1NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+We5POpRsl9lIb4XpQPiHzCYT8H
XSUITQgD27e9xMPy1eAwGjyKbK+jlT5zelHgisexw/HcmTgcKbZ5yVME4EWl0fv9
6z2j221GgGy/2XOGlwlYQTqmWlDa+BBZA0MSlnKKrxQcXLFP25TogbQ1ZEwcqsHA
2kWnPcaqh+XZwEh+H3RdBH9mX6vaLOZf1cPlX/0dHldO70dSJVYvgXIC8aishIFN
trDGNyVk2tCtyfEy2alA1TraXVaUi0z8USVgasYOxXOtjXhimLVxcdku1hI0KhM0
O1cLn/j2lFqRP/3AlBalYO5SnLMuutyieINuZ6uJbJpTbLNpaIqFmn6BwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD5IdgpPkqkbaWL4eXR/wzNhSFaqMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvUGtoMkNrLVNxUnRwWXZoNWRIX0RNMkZJVnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAmWAWAwQA
mWAzAwQAmWBOAwQAmWBSAwQAmWDaMA0GCSqGSIb3DQEBCwUAA4IBAQBxoucFZTKY
z6OvE7nHQnl0+JhfDuBaMVxp9jmP+QSO1gKg+Etk0SvaWHz0ZqNyUFNET15XxJeN
d0KgkzmuDs+9qU5Jx0zvTWg3guhf26Our6ORkEUMgg5TanxQQELF5jjCNI1onUWs
gHRas1rI/4YFDWM2Vz1UeVK5mvzXZjJ7gFU9HwwVTk/oqW8ERTGTqpaxyYORr6rW
l/mJgOXxrqQFU9wgdNokLBtN9EgSfFlHaWhgZtzcDAaSrr9H6Y04MxaT3UBdbbfb
rx96+i6sgZw8BoO7hMPVRu3qhMwkJyU0S+6+0F3e7Tu3BHT2ZRWRhC6N/4Vu8GSr
6tTpxZyZb3hJ
-----END CERTIFICATE-----
Generated at Mon May 13 07:55:32 2024 by rpki-client on console-fra.rpki-client.org