Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/a48VG9JSYUwXaaoQGk9Iy4gxInQ.roa
File: a48VG9JSYUwXaaoQGk9Iy4gxInQ.roa (raw, json)
Hash identifier: W6Ym7Z5QH9o3rwWx6+AAcFku5YojQYAN7+8v/vA/jFw=
Subject key identifier: 6B:8F:15:1B:D2:52:61:4C:17:69:AA:10:1A:4F:48:CB:88:31:22:74
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 018CC94DEB0C4A0F514248218477C4B895AC
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/a48VG9JSYUwXaaoQGk9Iy4gxInQ.roa
Signing time: Tue 02 Jan 2024 08:32:55 +0000
ROA not before: Tue 02 Jan 2024 08:32:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59851
IP address blocks: 87.118.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:eb:0c:4a:0f:51:42:48:21:84:77:c4:b8:95:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 2 08:32:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8f151bd252614c1769aa101a4f48cb88312274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6f:13:2b:59:72:79:04:80:cd:22:ef:10:88:
31:c2:d6:6a:9c:42:e4:a0:26:23:f7:00:ee:6a:89:
8d:e4:dc:f5:b8:65:58:cb:12:72:68:06:5b:bf:7b:
7b:51:82:5e:35:7e:de:25:8b:a7:bb:fc:e2:c0:a0:
52:50:fb:fc:3a:e3:b1:87:c7:84:0e:c5:5d:ee:7b:
93:01:f1:87:34:a1:cc:84:35:10:3a:2d:fa:13:89:
63:4a:f8:25:91:1f:f1:57:0e:b8:eb:54:4d:ab:cf:
1b:d9:f9:d5:84:54:11:83:88:9a:6a:2c:b9:00:d7:
25:f9:8f:d8:6e:5a:f7:30:e0:38:c5:7a:4e:d4:6a:
11:ea:9e:ee:0b:20:2e:5e:be:bc:b1:cb:de:b9:2b:
08:e1:24:3d:d2:f4:ec:ed:32:ba:d0:d2:3c:65:5c:
77:9a:d5:80:0a:c4:ff:12:3e:4e:83:e1:4f:42:3d:
83:91:86:f5:04:ef:96:fd:44:14:56:bc:b2:3f:76:
36:c5:e2:46:93:fa:80:d7:2a:4f:65:2a:a3:10:bb:
3a:70:95:b5:ad:ed:50:84:aa:14:43:44:2a:c0:f0:
19:8f:66:20:4c:7b:d4:9a:95:ab:4b:8b:26:62:65:
d3:ae:d0:74:d2:34:48:6f:87:cb:6d:db:0d:2e:db:
e1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8F:15:1B:D2:52:61:4C:17:69:AA:10:1A:4F:48:CB:88:31:22:74
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/a48VG9JSYUwXaaoQGk9Iy4gxInQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.118.135.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7a:3d:19:8a:df:47:1d:9d:2b:2b:c2:e4:2e:08:2e:2f:ba:
ae:f2:b9:2f:2c:9c:14:d5:e2:12:7a:82:b3:de:7c:8c:5b:2f:
20:f9:53:b1:be:73:36:70:c6:3d:f4:bb:4e:28:db:cc:f8:c4:
7c:7b:ba:cb:bd:8c:70:f7:ea:f0:c9:5a:ed:30:1c:97:42:6f:
2a:83:c2:d5:97:c7:8a:3a:b0:99:96:99:36:6e:b5:9c:0f:d7:
1b:2b:85:55:4d:cf:49:ef:43:d2:12:c7:ac:25:66:d5:d9:6b:
17:6d:48:33:69:b1:e5:98:77:41:3d:78:21:0f:53:70:4d:f8:
f7:1e:49:08:d5:39:a4:55:ea:49:6c:a7:e1:dc:a9:75:cd:75:
e5:b4:0d:c8:ac:29:65:97:68:fc:c9:41:35:ce:40:56:48:f6:
cd:90:eb:7f:d2:3d:44:a3:74:03:e8:ff:10:11:6e:49:e8:96:
cf:88:c6:b7:e3:c1:f7:6a:30:b8:7d:dc:75:58:7c:3d:4b:38:
7c:dc:05:81:4b:0e:a0:d1:ff:b5:6f:c4:02:47:f0:bd:79:f4:
09:64:9a:5f:06:1f:28:b7:4a:95:ec:72:f3:49:33:46:ad:31:
4b:a3:83:2f:0e:70:26:78:85:13:ad:51:30:fb:8e:46:13:8c:
4e:dc:d7:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTesMSg9RQkghhHfEuJWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjQwMTAyMDgzMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhmMTUxYmQyNTI2MTRjMTc2OWFhMTAxYTRmNDhjYjg4MzEyMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm8TK1lyeQSAzSLvEIgxwtZqnELk
oCYj9wDuaomN5Nz1uGVYyxJyaAZbv3t7UYJeNX7eJYunu/ziwKBSUPv8OuOxh8eE
DsVd7nuTAfGHNKHMhDUQOi36E4ljSvglkR/xVw6461RNq88b2fnVhFQRg4iaaiy5
ANcl+Y/Yblr3MOA4xXpO1GoR6p7uCyAuXr68scveuSsI4SQ90vTs7TK60NI8ZVx3
mtWACsT/Ej5Og+FPQj2DkYb1BO+W/UQUVryyP3Y2xeJGk/qA1ypPZSqjELs6cJW1
re1QhKoUQ0QqwPAZj2YgTHvUmpWrS4smYmXTrtB00jRIb4fLbdsNLtvh0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuPFRvSUmFMF2mqEBpPSMuIMSJ0MB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvYTQ4Vkc5SlNZVXdYYWFvUUdrOUl5NGd4SW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3aHMA0G
CSqGSIb3DQEBCwUAA4IBAQBjej0Zit9HHZ0rK8LkLgguL7qu8rkvLJwU1eISeoKz
3nyMWy8g+VOxvnM2cMY99LtOKNvM+MR8e7rLvYxw9+rwyVrtMByXQm8qg8LVl8eK
OrCZlpk2brWcD9cbK4VVTc9J70PSEsesJWbV2WsXbUgzabHlmHdBPXghD1NwTfj3
HkkI1TmkVepJbKfh3Kl1zXXltA3IrClll2j8yUE1zkBWSPbNkOt/0j1Eo3QD6P8Q
EW5J6JbPiMa348H3ajC4fdx1WHw9Szh83AWBSw6g0f+1b8QCR/C9efQJZJpfBh8o
t0qV7HLzSTNGrTFLo4MvDnAmeIUTrVEw+45GE4xO3NeA
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:10 2024 by rpki-client on console-ams.rpki-client.org