Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/t9F8dY0PEBZp_VZ3YVBBc7CSe-o.roa
File: t9F8dY0PEBZp_VZ3YVBBc7CSe-o.roa (raw, json)
Hash identifier: h+k4HNy10swJtkhmU2Yv7+HS7rzLsWGT9CVEOoxeEMU=
Subject key identifier: B7:D1:7C:75:8D:0F:10:16:69:FD:56:77:61:50:41:73:B0:92:7B:EA
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 018CC726002F985407EA2EC82C07D2AF2616
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/t9F8dY0PEBZp_VZ3YVBBc7CSe-o.roa
Signing time: Mon 01 Jan 2024 22:30:05 +0000
ROA not before: Mon 01 Jan 2024 22:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39013
IP address blocks: 151.237.66.0/24 maxlen: 24
151.237.82.0/23 maxlen: 23
151.237.80.0/22 maxlen: 22
151.237.80.0/23 maxlen: 23
151.237.90.0/24 maxlen: 24
151.237.88.0/23 maxlen: 23
194.69.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:00:2f:98:54:07:ea:2e:c8:2c:07:d2:af:26:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 1 22:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d17c758d0f101669fd567761504173b0927bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c7:e8:dd:fa:0b:27:b6:a1:4e:94:e3:c9:ed:
29:f7:9b:3e:49:16:63:05:d9:a0:5c:96:2d:94:7e:
dd:b0:e7:4d:2b:83:ed:a1:9f:84:3b:ce:6c:44:30:
9b:95:72:25:5b:33:3d:d7:ba:a9:b2:6e:a9:f2:d6:
25:a2:fd:22:ba:0a:3a:cb:1d:af:ba:15:ea:36:37:
99:41:e1:c1:6b:9b:7a:e7:aa:59:ef:08:ce:32:0f:
12:38:23:8b:a2:63:01:54:c6:cd:2a:e9:d1:0f:c7:
c1:b6:e2:2a:95:cd:24:c4:c1:92:6e:56:b1:fb:92:
ef:83:12:d7:44:5d:62:34:49:e5:f5:73:51:8f:c7:
0a:56:aa:d8:b7:f5:e6:23:44:18:86:dc:b8:92:b3:
f8:25:0b:c9:f2:cd:4f:26:ae:c5:a8:cb:24:75:60:
45:53:93:ab:2c:f8:27:07:39:79:7e:f9:55:4a:cd:
2d:c0:3e:04:ec:62:27:57:ad:1b:dc:4a:c1:37:4a:
34:b0:42:07:b2:6c:4d:d2:8a:d9:ed:a4:f1:a3:78:
62:63:3b:7f:e0:98:ae:bc:d7:c2:76:b4:63:6a:46:
07:11:41:df:07:76:32:1f:7d:94:71:bc:9e:d4:3a:
2a:8c:9d:5c:0f:41:9b:df:f9:95:3a:f0:41:c4:0a:
42:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D1:7C:75:8D:0F:10:16:69:FD:56:77:61:50:41:73:B0:92:7B:EA
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/t9F8dY0PEBZp_VZ3YVBBc7CSe-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.66.0/24
151.237.80.0/22
151.237.88.0-151.237.90.255
194.69.203.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:67:a8:12:11:08:f1:95:bc:51:d5:37:87:85:8a:01:bc:cc:
dc:5b:a7:15:bc:d1:50:5f:af:a5:a1:39:5b:09:35:bc:bd:4e:
71:e9:d3:3f:67:02:fe:66:45:f6:2a:6d:cb:9c:23:44:72:0f:
4d:2c:ba:2b:c9:e0:e0:60:a6:02:a9:27:24:d8:22:77:7f:e5:
a0:0c:be:00:f3:31:d2:29:5c:35:e7:60:e3:91:b8:a3:f7:b7:
4f:25:be:67:b1:b6:51:aa:a0:2d:72:f4:e4:b5:e1:22:03:40:
8d:35:21:11:9e:21:64:12:7b:9b:5d:81:e1:2d:30:d9:5a:7a:
ca:13:68:08:00:32:51:fd:1e:c2:d8:a1:ee:50:89:9c:6a:f8:
a3:8d:2e:5c:d7:5d:7c:33:88:fb:ae:64:83:51:ae:0e:55:4e:
7c:2f:b0:f6:19:ac:a0:53:ef:95:f8:68:f5:6c:60:c8:8b:97:
fe:2e:cc:19:a9:72:1d:bd:58:c0:1e:0c:e7:57:a6:72:e4:f2:
92:8d:48:4a:6d:1c:ba:98:73:ba:ed:d4:20:f0:13:3a:5a:b1:
28:31:ee:2f:93:d2:c2:93:a0:b4:5b:7c:a9:cd:53:39:ee:f0:
b5:12:bf:bb:d8:48:68:bb:e2:29:d8:a3:6b:fa:02:0e:97:f8:
80:ba:2f:3e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJgAvmFQH6i7ILAfSryYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjQwMTAxMjIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QxN2M3NThkMGYxMDE2NjlmZDU2Nzc2MTUwNDE3M2IwOTI3YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcfo3foLJ7ahTpTjye0p95s+SRZj
BdmgXJYtlH7dsOdNK4PtoZ+EO85sRDCblXIlWzM917qpsm6p8tYlov0iugo6yx2v
uhXqNjeZQeHBa5t656pZ7wjOMg8SOCOLomMBVMbNKunRD8fBtuIqlc0kxMGSblax
+5LvgxLXRF1iNEnl9XNRj8cKVqrYt/XmI0QYhty4krP4JQvJ8s1PJq7FqMskdWBF
U5OrLPgnBzl5fvlVSs0twD4E7GInV60b3ErBN0o0sEIHsmxN0orZ7aTxo3hiYzt/
4JiuvNfCdrRjakYHEUHfB3YyH32Ucbye1DoqjJ1cD0Gb3/mVOvBBxApCAwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLfRfHWNDxAWaf1Wd2FQQXOwknvqMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvdDlGOGRZMFBFQlpwX1ZaM1lWQkJjN0NTZS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAl+1CAwQC
l+1QMAwDBAOX7VgDBACX7VoDBADCRcswDQYJKoZIhvcNAQELBQADggEBAF9nqBIR
CPGVvFHVN4eFigG8zNxbpxW80VBfr6WhOVsJNby9TnHp0z9nAv5mRfYqbcucI0Ry
D00suivJ4OBgpgKpJyTYInd/5aAMvgDzMdIpXDXnYOORuKP3t08lvmextlGqoC1y
9OS14SIDQI01IRGeIWQSe5tdgeEtMNlaesoTaAgAMlH9HsLYoe5QiZxq+KONLlzX
XXwziPuuZINRrg5VTnwvsPYZrKBT75X4aPVsYMiLl/4uzBmpch29WMAeDOdXpnLk
8pKNSEptHLqYc7rt1CDwEzpasSgx7i+T0sKToLRbfKnNUznu8LUSv7vYSGi74inY
o2v6Ag6X+IC6Lz4=
-----END CERTIFICATE-----
Generated at Thu May 9 18:10:52 2024 by rpki-client on console-ams.rpki-client.org