Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/mQCshe8AYhY30ha3keRQ9ES4onM.roa
File: mQCshe8AYhY30ha3keRQ9ES4onM.roa (raw, json)
Hash identifier: 8KZDCctMgLcMm/fuIa3vC+WT92YZO6Z2C8ft5sDZMP4=
Subject key identifier: 99:00:AC:85:EF:00:62:16:37:D2:16:B7:91:E4:50:F4:44:B8:A2:73
Certificate issuer: /CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Certificate serial: 018CC492FDF1758CE23EC29EB85C2DE93B68
Authority key identifier: 61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/mQCshe8AYhY30ha3keRQ9ES4onM.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35280
IP address blocks: 159.60.128.0/18 maxlen: 24
159.60.32.0/19 maxlen: 24
159.60.64.0/19 maxlen: 24
159.60.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fd:f1:75:8c:e2:3e:c2:9e:b8:5c:2d:e9:3b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9900ac85ef00621637d216b791e450f444b8a273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:83:06:c9:69:8f:c1:ee:49:ef:e1:b8:e9:33:
dd:17:9c:21:48:af:6f:c8:bd:5b:d7:2f:7a:6d:6b:
58:94:e3:1c:b2:f0:39:dc:20:ab:ed:ba:92:34:6f:
a2:3c:f2:12:49:bc:8b:cd:19:dc:ab:d2:b5:e0:78:
8d:f3:b0:12:0d:c7:19:2a:bf:98:d8:7b:e7:0c:4b:
f0:21:08:0f:ab:ce:db:49:ac:cf:e0:e2:64:06:4e:
14:68:26:54:61:5b:d8:0a:dc:ac:a1:32:a2:5c:97:
b5:16:78:86:ea:e6:ac:96:aa:e4:2c:99:bb:59:83:
a6:d2:32:0d:ad:24:24:22:59:47:be:af:56:cb:1f:
65:8f:ad:e7:97:93:2e:53:42:9f:7c:2f:38:92:b1:
61:ce:ea:c3:2c:16:c3:fe:ca:99:87:4c:c7:c3:38:
02:ec:91:3c:c9:ab:f1:1a:7a:81:be:56:61:63:ec:
64:c2:6e:8f:68:ae:9e:a4:f9:c7:cb:34:b2:c5:61:
79:dc:32:8c:b3:ee:96:f1:54:25:5c:cb:c3:7f:80:
e0:06:34:55:1d:75:b1:9b:c9:c6:c8:d4:c1:f3:0b:
b7:c4:61:4c:8c:46:d0:f6:44:50:01:eb:37:63:93:
62:4e:44:46:ff:47:2c:5d:6c:a0:b2:43:2b:c3:68:
a3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:00:AC:85:EF:00:62:16:37:D2:16:B7:91:E4:50:F4:44:B8:A2:73
X509v3 Authority Key Identifier:
keyid:61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/mQCshe8AYhY30ha3keRQ9ES4onM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.60.32.0-159.60.191.255
Signature Algorithm: sha256WithRSAEncryption
91:c3:50:1e:cc:89:0d:07:47:a0:51:30:81:d8:c7:7e:3f:62:
35:5c:e7:9e:72:13:24:3f:38:96:a9:43:48:bb:1e:9a:5e:ee:
ac:d1:77:40:73:af:71:c4:cf:9d:aa:8d:a4:c6:a9:d0:e8:fe:
37:53:ae:13:59:72:4b:e3:ef:be:45:7f:d2:84:4e:c6:f4:a6:
27:c1:e5:98:62:68:05:39:27:36:81:71:8c:c3:b4:d0:a3:35:
41:67:76:29:23:87:ac:52:3e:4f:50:18:d9:5d:fe:0a:08:14:
fe:0f:37:1a:2d:20:73:f0:9c:d0:5a:1e:1f:84:22:d6:ac:fa:
74:68:0f:8b:ee:7d:ea:ac:8f:67:dc:49:23:f9:bf:18:fc:3b:
99:1d:fa:f7:8a:42:87:94:52:e8:2a:43:78:8e:85:7d:e9:3b:
22:89:ea:dd:2a:c6:51:37:a7:a1:d1:f3:5b:bb:69:66:92:8c:
0c:7a:4d:6b:88:87:b2:bf:99:78:dc:57:87:4a:84:3a:11:c9:
8a:d2:f5:c5:2c:fc:da:5b:ab:83:91:94:c4:62:6b:86:fe:cd:
05:c2:f7:93:af:ea:54:1e:56:8f:37:ab:98:fc:3c:30:eb:48:
e9:e1:6b:d5:c8:10:fd:98:03:5e:95:5d:53:03:09:28:7c:9d:
35:7e:cc:02
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEkv3xdYziPsKeuFwt6TtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjNlMWNhYjhjYmY1YjNjNmUwZmJiZTE0OTFmNDhkYTYw
Y2FlNmMwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAwYWM4NWVmMDA2MjE2MzdkMjE2Yjc5MWU0NTBmNDQ0YjhhMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4MGyWmPwe5J7+G46TPdF5whSK9v
yL1b1y96bWtYlOMcsvA53CCr7bqSNG+iPPISSbyLzRncq9K14HiN87ASDccZKr+Y
2HvnDEvwIQgPq87bSazP4OJkBk4UaCZUYVvYCtysoTKiXJe1FniG6uaslqrkLJm7
WYOm0jINrSQkIllHvq9Wyx9lj63nl5MuU0KffC84krFhzurDLBbD/sqZh0zHwzgC
7JE8yavxGnqBvlZhY+xkwm6PaK6epPnHyzSyxWF53DKMs+6W8VQlXMvDf4DgBjRV
HXWxm8nGyNTB8wu3xGFMjEbQ9kRQAes3Y5NiTkRG/0csXWygskMrw2ijvwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJkArIXvAGIWN9IWt5HkUPREuKJzMB8GA1UdIwQY
MBaAFGGz4cq4y/WzxuD7vhSR9I2mDK5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQt
OTQ3Y2M1NGViZTAyLzEvbVFDc2hlOEFZaFkzMGhhM2tlUlE5RVM0b25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQtOTQ3Y2M1NGViZTAy
LzEvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWfPCAD
BAafPIAwDQYJKoZIhvcNAQELBQADggEBAJHDUB7MiQ0HR6BRMIHYx34/YjVc555y
EyQ/OJapQ0i7Hppe7qzRd0Bzr3HEz52qjaTGqdDo/jdTrhNZckvj775Ff9KETsb0
pifB5ZhiaAU5JzaBcYzDtNCjNUFndikjh6xSPk9QGNld/goIFP4PNxotIHPwnNBa
Hh+EItas+nRoD4vufeqsj2fcSSP5vxj8O5kd+veKQoeUUugqQ3iOhX3pOyKJ6t0q
xlE3p6HR81u7aWaSjAx6TWuIh7K/mXjcV4dKhDoRyYrS9cUs/Npbq4ORlMRia4b+
zQXC95Ov6lQeVo83q5j8PDDrSOnha9XIEP2YA16VXVMDCSh8nTV+zAI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:29:43 2024 by rpki-client on console-ams.rpki-client.org