Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/DvUs8fd0UJPig6ldTNUDbxii9yA.roa
File: DvUs8fd0UJPig6ldTNUDbxii9yA.roa (raw, json)
Hash identifier: y4A+CaUsF560uFkAcFiA4/n7J5LbR56qm/O6gdIs0AE=
Subject key identifier: 0E:F5:2C:F1:F7:74:50:93:E2:83:A9:5D:4C:D5:03:6F:18:A2:F7:20
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 018CC6B922F392E76DD899716AD113A99244
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/DvUs8fd0UJPig6ldTNUDbxii9yA.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1759
IP address blocks: 143.161.74.0/24 maxlen: 24
143.161.91.0/24 maxlen: 24
143.161.92.0/22 maxlen: 22
143.161.96.0/22 maxlen: 22
143.161.100.0/23 maxlen: 23
2a05:6747::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:22:f3:92:e7:6d:d8:99:71:6a:d1:13:a9:92:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ef52cf1f7745093e283a95d4cd5036f18a2f720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8d:b5:c1:42:34:6e:58:e4:44:ce:e0:a4:54:
ad:e7:d9:20:dd:88:33:ce:a3:46:88:f2:2e:de:78:
eb:45:fb:72:15:3f:4e:89:85:95:21:19:45:25:3a:
f2:6d:b5:e3:fa:01:62:36:8f:9d:eb:ed:77:a7:f1:
e0:8d:97:15:00:18:af:40:23:6f:58:35:68:42:92:
51:b0:49:b8:17:53:fd:e7:a6:33:29:a0:7e:e2:6d:
76:99:38:86:5f:ae:e3:e6:9c:8f:34:ca:16:f1:dc:
8f:00:c2:9f:10:64:f0:54:7e:99:f7:8d:4b:9c:3a:
33:0c:76:e2:94:d1:4c:f3:ac:57:4a:96:b5:b2:1e:
08:8e:99:f8:3b:5a:a4:fa:99:98:82:c0:ea:18:1c:
47:e0:0f:92:25:21:9b:31:10:3a:96:f8:23:40:84:
0e:84:c7:3a:4b:49:43:50:72:a1:fd:6b:91:df:1a:
12:77:93:63:28:17:93:48:8d:88:a4:6f:08:69:94:
e2:64:06:1c:93:09:c6:52:e6:7f:1c:13:fe:3c:83:
95:dc:7a:3a:f4:31:ca:22:da:d9:34:a0:40:8e:4d:
92:06:1e:18:b1:0c:6b:e9:f9:c1:42:d7:d0:4e:fa:
c8:73:7e:01:dd:81:7e:de:09:d7:62:61:0f:6e:1b:
51:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F5:2C:F1:F7:74:50:93:E2:83:A9:5D:4C:D5:03:6F:18:A2:F7:20
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/DvUs8fd0UJPig6ldTNUDbxii9yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.161.74.0/24
143.161.91.0-143.161.101.255
IPv6:
2a05:6747::/48
Signature Algorithm: sha256WithRSAEncryption
75:6e:3b:7b:f6:2a:51:aa:16:35:3f:fb:68:70:44:e1:bf:74:
c4:8d:fa:d5:90:fb:d9:53:a8:3b:d9:04:98:0c:a6:38:5d:07:
d4:c2:75:cd:9f:b8:16:0d:b8:4d:c3:d3:ba:fe:0d:68:f8:d1:
1e:94:bd:44:b0:dd:ff:05:f5:3f:53:6b:89:b6:16:a3:4b:7e:
ad:67:85:ba:20:e8:7a:d1:46:8b:66:e0:48:6f:2b:d1:ae:3c:
3c:de:f4:8c:5f:ce:92:fc:ac:c6:bc:1c:5a:0e:2f:72:96:d5:
a4:24:ca:15:69:c7:72:c5:f4:d0:12:da:d7:ec:e7:cb:3c:2c:
58:ef:46:86:52:ee:e8:e9:83:ac:5a:f9:a6:07:b1:4c:e6:4a:
91:71:4a:17:5a:14:c9:bf:c3:fa:cd:66:53:c1:7d:7e:52:21:
d6:ac:aa:c9:bd:c2:8c:28:9b:3b:e4:27:9d:c5:92:9f:53:d9:
1d:a2:03:61:c6:36:6e:75:ec:2c:7e:87:a5:5e:d1:9d:6b:1f:
58:5c:d8:4c:df:14:83:8f:cb:4c:87:64:c1:00:bb:23:06:b3:
6f:7e:fd:18:f8:14:e9:cf:3c:01:16:41:76:72:38:04:e4:5f:
9c:fd:cd:c2:0b:a7:ef:4d:3e:11:62:e3:26:f5:06:dd:74:f2:
01:ad:66:ad
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzGuSLzkudt2JlxatETqZJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjc5MzgwZmU0MDc0MzljYzJlY2QzZmFjMTgxNTdkYjM2
Y2Y3NjgwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWY1MmNmMWY3NzQ1MDkzZTI4M2E5NWQ0Y2Q1MDM2ZjE4YTJmNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko21wUI0bljkRM7gpFSt59kg3Ygz
zqNGiPIu3njrRftyFT9OiYWVIRlFJTrybbXj+gFiNo+d6+13p/HgjZcVABivQCNv
WDVoQpJRsEm4F1P956YzKaB+4m12mTiGX67j5pyPNMoW8dyPAMKfEGTwVH6Z941L
nDozDHbilNFM86xXSpa1sh4Ijpn4O1qk+pmYgsDqGBxH4A+SJSGbMRA6lvgjQIQO
hMc6S0lDUHKh/WuR3xoSd5NjKBeTSI2IpG8IaZTiZAYckwnGUuZ/HBP+PIOV3Ho6
9DHKItrZNKBAjk2SBh4YsQxr6fnBQtfQTvrIc34B3YF+3gnXYmEPbhtRHwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFA71LPH3dFCT4oOpXUzVA28YovcgMB8GA1UdIwQY
MBaAFCm3k4D+QHQ5zC7NP6wYFX2zbPdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWIt
MWU4NDIxMThkYjZmLzEvRHZVczhmZDBVSlBpZzZsZFROVURieGlpOXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWItMWU4NDIxMThkYjZm
LzEvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAj6FKMAwD
BACPoVsDBAGPoWQwDwQCAAIwCQMHACoFZ0cAADANBgkqhkiG9w0BAQsFAAOCAQEA
dW47e/YqUaoWNT/7aHBE4b90xI361ZD72VOoO9kEmAymOF0H1MJ1zZ+4Fg24TcPT
uv4NaPjRHpS9RLDd/wX1P1NribYWo0t+rWeFuiDoetFGi2bgSG8r0a48PN70jF/O
kvysxrwcWg4vcpbVpCTKFWnHcsX00BLa1+znyzwsWO9GhlLu6OmDrFr5pgexTOZK
kXFKF1oUyb/D+s1mU8F9flIh1qyqyb3CjCibO+QnncWSn1PZHaIDYcY2bnXsLH6H
pV7RnWsfWFzYTN8Ug4/LTIdkwQC7Iwazb379GPgU6c88ARZBdnI4BORfnP3Nwgun
700+EWLjJvUG3XTyAa1mrQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:53:14 2024 by rpki-client on console-fra.rpki-client.org