Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/78owjVfiJyP9pnQNwShVw7ci-4c.roa
File: 78owjVfiJyP9pnQNwShVw7ci-4c.roa (raw, json)
Hash identifier: 811WSRtZpE3ZDgZnY6VYV/sZ5n7y34VWQdXyob1X25g=
Subject key identifier: EF:CA:30:8D:57:E2:27:23:FD:A6:74:0D:C1:28:55:C3:B7:22:FB:87
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 018CC5009D6462E4F4E736DF459B0A5B376A
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/78owjVfiJyP9pnQNwShVw7ci-4c.roa
Signing time: Mon 01 Jan 2024 12:30:00 +0000
ROA not before: Mon 01 Jan 2024 12:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42019
IP address blocks: 178.252.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:9d:64:62:e4:f4:e7:36:df:45:9b:0a:5b:37:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 1 12:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efca308d57e22723fda6740dc12855c3b722fb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d8:1f:34:8b:66:63:34:29:1f:5c:6d:eb:89:
63:b7:a5:7e:f9:67:26:eb:c2:fb:11:b0:68:ea:52:
25:a5:95:93:75:28:a0:d3:c7:ba:50:3c:a6:a7:06:
0a:03:8c:bb:ec:61:1a:ec:a4:36:36:fb:14:30:d7:
63:04:a1:43:5a:cb:64:2b:d1:e1:e7:e8:64:5c:e3:
3b:1a:60:ae:db:15:29:51:36:b8:17:69:29:3f:23:
e8:b0:d0:bd:9e:9d:1c:ba:de:19:24:40:ef:46:4c:
2b:f7:b8:ef:c9:af:0e:b5:47:26:51:e4:62:d3:75:
0d:e2:ad:09:a8:20:ca:1b:34:98:cf:74:31:55:74:
ce:25:c7:81:db:4f:8a:0c:b7:ae:9c:8e:66:34:df:
f4:7c:4e:96:e4:ef:e0:60:e1:44:ac:fb:05:03:6e:
ac:0c:77:8d:b8:d8:54:d3:87:59:58:92:c5:da:18:
7a:b3:64:cc:a6:e0:0b:6f:69:50:93:d9:81:a0:e8:
da:e0:f7:b8:d7:38:71:ae:14:26:18:59:83:bf:05:
c0:8e:6d:da:4c:de:8c:db:09:ac:24:a4:53:73:e3:
12:d4:9d:0d:fc:f6:de:c3:16:7e:1a:3d:5f:46:c5:
07:ab:dd:35:e4:dd:57:d7:40:c8:64:21:bf:46:59:
34:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CA:30:8D:57:E2:27:23:FD:A6:74:0D:C1:28:55:C3:B7:22:FB:87
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/78owjVfiJyP9pnQNwShVw7ci-4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.252.150.0/24
Signature Algorithm: sha256WithRSAEncryption
53:31:8c:27:19:41:6f:09:e5:26:78:73:ed:d9:13:03:03:cd:
cf:b8:34:c2:51:24:f7:d4:e8:7a:e7:95:75:ee:91:22:cf:81:
a5:10:ed:61:83:ef:a3:45:ad:e7:fb:84:63:85:cd:93:85:51:
1a:54:5c:13:5a:86:af:dd:d1:08:f0:8a:19:36:dd:27:11:f2:
f3:84:e8:9c:38:02:16:ca:11:1d:38:b3:09:65:d7:74:b8:01:
be:e0:b8:09:1a:33:67:fe:b0:f4:17:e6:af:a1:77:16:72:ab:
54:6d:22:c8:1f:93:5e:f9:d7:16:8e:af:97:a8:c1:d8:06:c6:
e5:93:b2:90:8c:ae:1e:76:e4:90:2f:56:47:99:25:55:81:00:
18:95:22:c0:0f:eb:64:87:0d:3b:0b:f3:c2:59:9f:66:09:da:
84:36:a2:68:01:e1:8a:ac:d5:f2:50:92:5b:0c:b9:a7:0b:59:
e6:c4:c7:c0:67:74:91:a2:f8:77:32:50:42:9c:c5:cb:f3:8e:
da:cb:94:a6:57:9e:1d:ea:fe:1b:03:6e:8f:dd:2b:81:aa:40:
85:ad:16:a3:75:8f:1b:42:f1:e8:10:c4:ee:19:60:7a:2b:0a:
ad:96:da:8b:90:48:ea:aa:54:a9:67:d5:43:fc:18:56:64:13:
21:c2:a4:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAJ1kYuT05zbfRZsKWzdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjQwMTAxMTIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmNhMzA4ZDU3ZTIyNzIzZmRhNjc0MGRjMTI4NTVjM2I3MjJmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitgfNItmYzQpH1xt64ljt6V++Wcm
68L7EbBo6lIlpZWTdSig08e6UDympwYKA4y77GEa7KQ2NvsUMNdjBKFDWstkK9Hh
5+hkXOM7GmCu2xUpUTa4F2kpPyPosNC9np0cut4ZJEDvRkwr97jvya8OtUcmUeRi
03UN4q0JqCDKGzSYz3QxVXTOJceB20+KDLeunI5mNN/0fE6W5O/gYOFErPsFA26s
DHeNuNhU04dZWJLF2hh6s2TMpuALb2lQk9mBoOja4Pe41zhxrhQmGFmDvwXAjm3a
TN6M2wmsJKRTc+MS1J0N/PbewxZ+Gj1fRsUHq9015N1X10DIZCG/Rlk0GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/KMI1X4icj/aZ0DcEoVcO3IvuHMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvNzhvd2pWZmlKeVA5cG5RTndTaFZ3N2NpLTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvyWMA0G
CSqGSIb3DQEBCwUAA4IBAQBTMYwnGUFvCeUmeHPt2RMDA83PuDTCUST31Oh655V1
7pEiz4GlEO1hg++jRa3n+4Rjhc2ThVEaVFwTWoav3dEI8IoZNt0nEfLzhOicOAIW
yhEdOLMJZdd0uAG+4LgJGjNn/rD0F+avoXcWcqtUbSLIH5Ne+dcWjq+XqMHYBsbl
k7KQjK4eduSQL1ZHmSVVgQAYlSLAD+tkhw07C/PCWZ9mCdqENqJoAeGKrNXyUJJb
DLmnC1nmxMfAZ3SRovh3MlBCnMXL847ay5SmV54d6v4bA26P3SuBqkCFrRajdY8b
QvHoEMTuGWB6KwqtltqLkEjqqlSpZ9VD/BhWZBMhwqQx
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:18:43 2024 by rpki-client on console-ams.rpki-client.org