Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/kaIJ3v6bJMa7_WOSA-9tpwJX8ZI.roa
File: kaIJ3v6bJMa7_WOSA-9tpwJX8ZI.roa (raw, json)
Hash identifier: 24MF8HePt15XNm29GrUVnMlzVaZ+d0n3e3fS3wKI9AA=
Subject key identifier: 91:A2:09:DE:FE:9B:24:C6:BB:FD:63:92:03:EF:6D:A7:02:57:F1:92
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 018CC80134DD6D0369746896045F03CE6AFE
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/kaIJ3v6bJMa7_WOSA-9tpwJX8ZI.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9063
IP address blocks: 153.96.57.0/24 maxlen: 24
153.96.183.0/24 maxlen: 24
153.96.139.0/24 maxlen: 24
153.96.137.0/24 maxlen: 24
153.96.136.0/24 maxlen: 24
153.96.138.0/24 maxlen: 24
129.233.211.0/24 maxlen: 24
153.96.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:34:dd:6d:03:69:74:68:96:04:5f:03:ce:6a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91a209defe9b24c6bbfd639203ef6da70257f192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2a:83:ce:c2:01:1c:df:84:84:c4:e5:a7:e1:
df:b7:30:be:a8:3b:90:95:80:66:f6:ba:13:2c:9d:
97:b7:16:bd:cb:6f:0f:73:a3:b2:3a:16:be:05:f1:
7c:1f:cb:f9:1c:9e:4e:ae:3b:06:62:b4:17:25:e9:
c1:aa:fe:92:50:22:1a:ff:b0:65:b6:cc:75:38:c9:
82:53:6e:8e:cc:2d:9f:9a:ab:e5:a0:af:89:67:d7:
33:5e:5b:b0:41:2c:a2:5b:b8:b8:1f:44:d3:9f:93:
a9:91:7d:de:9a:10:ab:79:8b:1c:88:53:9a:d0:a6:
b3:ed:7d:75:00:d4:b4:0c:c0:81:c5:d4:62:22:a5:
c9:eb:a3:30:02:1b:33:e9:ca:26:4a:d8:fd:d6:dd:
b0:05:27:13:6d:35:08:bc:4b:7b:60:b9:4f:1a:2c:
50:0a:eb:c2:5a:16:ef:49:ca:3c:dc:6f:6c:aa:f5:
b3:4a:23:14:a7:81:f1:33:f6:eb:2a:a0:f7:72:67:
6e:ff:be:52:af:8d:8d:8e:11:2e:7f:02:a5:dc:2d:
81:04:56:e8:05:9a:d5:f7:8e:b5:c2:01:df:e0:9e:
6f:3b:ee:5c:2e:f7:89:eb:ec:d5:ab:85:44:0d:d8:
85:47:10:ba:60:b4:7a:8c:c5:1e:03:9f:38:92:8a:
62:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A2:09:DE:FE:9B:24:C6:BB:FD:63:92:03:EF:6D:A7:02:57:F1:92
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/kaIJ3v6bJMa7_WOSA-9tpwJX8ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.211.0/24
153.96.50.0/24
153.96.57.0/24
153.96.136.0/22
153.96.183.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:65:14:d6:99:bd:97:ef:6b:33:f1:a6:6f:03:84:a0:19:be:
b4:da:fe:7c:a0:fe:65:00:00:5d:ec:51:22:f8:15:71:b3:44:
f8:f1:c9:e9:3c:42:06:33:e0:b0:fb:8f:1c:6d:b1:d7:fd:09:
88:6a:7f:a2:9b:c5:6f:52:88:c1:68:4b:99:f6:54:00:fd:47:
92:83:1b:b4:af:a3:bb:a6:10:cc:b9:d0:72:87:c0:48:81:11:
90:44:a3:15:12:c3:f7:9f:c9:16:cb:2e:df:da:3d:a5:93:0e:
71:f6:17:ce:28:4c:27:52:a4:27:75:ed:a6:20:ce:59:7a:b2:
74:db:0d:1b:80:08:57:71:a0:8e:fa:ac:2c:28:f9:82:68:de:
b0:77:8b:c4:ab:81:89:dd:ce:0d:77:83:a7:ae:de:35:5b:e6:
7a:70:89:4c:26:42:3c:5c:3f:77:89:2a:99:4e:f6:bc:32:b6:
c5:55:0f:8d:3a:78:35:bb:d5:f5:33:20:6b:44:11:a1:c3:b4:
c5:03:74:16:fc:be:4d:2e:92:49:7e:c7:a3:72:83:9a:e7:17:
61:4e:b2:a0:9b:56:d6:04:6d:e7:00:ce:2a:4a:93:0b:13:d1:
23:c5:14:2e:b5:01:e5:d2:14:3e:bb:5f:2a:c4:20:d8:0b:c1:
d2:cb:a2:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIATTdbQNpdGiWBF8Dzmr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWEyMDlkZWZlOWIyNGM2YmJmZDYzOTIwM2VmNmRhNzAyNTdmMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyqDzsIBHN+EhMTlp+HftzC+qDuQ
lYBm9roTLJ2Xtxa9y28Pc6OyOha+BfF8H8v5HJ5OrjsGYrQXJenBqv6SUCIa/7Bl
tsx1OMmCU26OzC2fmqvloK+JZ9czXluwQSyiW7i4H0TTn5OpkX3emhCreYsciFOa
0Kaz7X11ANS0DMCBxdRiIqXJ66MwAhsz6comStj91t2wBScTbTUIvEt7YLlPGixQ
CuvCWhbvSco83G9sqvWzSiMUp4HxM/brKqD3cmdu/75Sr42NjhEufwKl3C2BBFbo
BZrV9461wgHf4J5vO+5cLveJ6+zVq4VEDdiFRxC6YLR6jMUeA584kopihwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJGiCd7+myTGu/1jkgPvbacCV/GSMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEva2FJSjN2NmJKTWE3X1dPU0EtOXRwd0pYOFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAgenTAwQA
mWAyAwQAmWA5AwQCmWCIAwQAmWC3MA0GCSqGSIb3DQEBCwUAA4IBAQBsZRTWmb2X
72sz8aZvA4SgGb602v58oP5lAABd7FEi+BVxs0T48cnpPEIGM+Cw+48cbbHX/QmI
an+im8VvUojBaEuZ9lQA/UeSgxu0r6O7phDMudByh8BIgRGQRKMVEsP3n8kWyy7f
2j2lkw5x9hfOKEwnUqQnde2mIM5ZerJ02w0bgAhXcaCO+qwsKPmCaN6wd4vEq4GJ
3c4Nd4Onrt41W+Z6cIlMJkI8XD93iSqZTva8MrbFVQ+NOng1u9X1MyBrRBGhw7TF
A3QW/L5NLpJJfsejcoOa5xdhTrKgm1bWBG3nAM4qSpMLE9EjxRQutQHl0hQ+u18q
xCDYC8HSy6KX
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:45 2024 by rpki-client on console-ams.rpki-client.org