Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/q7_vpp0z3ETNWgZw8-cuuwv3ybA.roa
File: q7_vpp0z3ETNWgZw8-cuuwv3ybA.roa (raw, json)
Hash identifier: DGP8Nm7BSp3QJIh83Lq0KYxMP50+r9VIQwFjGbdX9F0=
Subject key identifier: AB:BF:EF:A6:9D:33:DC:44:CD:5A:06:70:F3:E7:2E:BB:0B:F7:C9:B0
Certificate issuer: /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial: 018CC3B6F0F4C804DB7B4E74A9305D9812D1
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/q7_vpp0z3ETNWgZw8-cuuwv3ybA.roa
Signing time: Mon 01 Jan 2024 06:29:55 +0000
ROA not before: Mon 01 Jan 2024 06:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23921
IP address blocks: 156.114.16.0/24 maxlen: 24
156.114.17.0/24 maxlen: 24
156.114.16.0/23 maxlen: 23
156.114.18.0/24 maxlen: 24
156.114.19.0/24 maxlen: 24
156.114.18.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f0:f4:c8:04:db:7b:4e:74:a9:30:5d:98:12:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Validity
Not Before: Jan 1 06:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abbfefa69d33dc44cd5a0670f3e72ebb0bf7c9b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f0:00:6c:c7:43:f2:2d:1f:6f:b7:58:b4:38:
4a:70:36:37:e2:8b:6d:9d:e8:ae:04:0d:42:a0:ef:
48:d7:3f:3d:cc:05:70:da:50:20:c4:fa:26:a2:10:
99:a8:00:dd:c0:73:97:4a:52:e1:bd:1a:52:f9:c8:
ba:8e:8b:b9:89:3d:d2:32:56:94:55:c1:8c:1b:30:
d0:3f:ff:ea:5f:c4:61:62:b6:ac:df:fe:17:40:5b:
7a:81:fa:74:3e:08:10:68:88:64:e7:7a:ef:0a:f3:
a1:87:61:f0:3c:02:94:53:d1:54:66:6f:7e:f1:49:
8c:ee:b7:88:2c:7c:cd:d6:67:1f:02:98:9e:d2:66:
e8:57:f8:17:74:be:5c:af:9e:8c:f1:d2:73:3d:b6:
a1:d8:0c:3e:4b:a0:17:02:2a:e8:2f:bc:54:8a:95:
f1:19:b5:8c:7a:c6:db:ee:76:97:94:6f:1b:e1:41:
86:59:ba:90:3c:4d:33:cb:c2:a1:ff:e7:6d:5a:25:
52:f7:26:bb:ab:0e:9b:28:41:97:93:81:d5:77:83:
e1:01:82:62:01:1a:3f:80:8e:bb:49:1c:f4:6f:0e:
42:fd:a4:96:bb:ea:81:be:22:3e:1f:17:32:33:29:
25:ae:07:0b:6c:54:7a:2c:85:81:aa:32:5e:7b:54:
07:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BF:EF:A6:9D:33:DC:44:CD:5A:06:70:F3:E7:2E:BB:0B:F7:C9:B0
X509v3 Authority Key Identifier:
keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/q7_vpp0z3ETNWgZw8-cuuwv3ybA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.114.16.0/22
Signature Algorithm: sha256WithRSAEncryption
85:0e:0b:73:de:25:b8:a9:55:e0:05:32:88:ce:f4:16:85:60:
d9:03:22:bf:16:09:a2:2b:ab:82:3d:ca:9f:40:62:2e:13:e3:
03:14:91:d5:90:cd:f3:e5:7f:ed:2a:d9:bb:07:89:0c:e7:a4:
6f:97:1f:ed:90:97:98:27:61:f6:a8:c7:b1:9e:a7:d7:82:f8:
6f:26:63:5a:67:ea:28:9a:1d:5c:87:19:d9:c5:d3:b8:d2:1d:
a1:21:ef:fa:e0:71:e1:16:10:b5:6f:80:e5:26:be:b8:58:10:
6b:66:58:b2:e3:27:71:c6:15:4e:98:ac:47:19:c5:fd:70:bb:
bd:96:d9:53:d8:b8:80:ac:09:aa:52:4d:2c:59:92:8b:6d:c6:
86:b4:2d:eb:72:e0:dc:8f:7e:e1:5a:98:ba:8b:fb:4f:44:83:
13:57:b3:96:ae:ef:18:fd:a1:70:99:8c:20:98:02:59:e0:58:
de:a6:1d:32:8f:f8:3f:eb:b2:9a:27:46:10:3b:14:43:60:8d:
a9:c0:dd:f9:38:e5:6f:89:34:0a:7d:69:b5:04:be:96:3f:6e:
b1:66:a8:37:97:93:8d:12:35:b4:e0:13:84:ec:73:c1:15:0e:
04:23:b4:a4:ca:38:32:e8:c6:44:77:6c:ab:4d:26:cc:bd:81:
d3:74:e1:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvD0yATbe050qTBdmBLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWNlNDFjYmMyYzMwNjI2ZWYyYTI4ZDE4MzlmMmQ2YzQ3
NTdmM2YwHhcNMjQwMTAxMDYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmJmZWZhNjlkMzNkYzQ0Y2Q1YTA2NzBmM2U3MmViYjBiZjdjOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfAAbMdD8i0fb7dYtDhKcDY34ott
neiuBA1CoO9I1z89zAVw2lAgxPomohCZqADdwHOXSlLhvRpS+ci6jou5iT3SMlaU
VcGMGzDQP//qX8RhYras3/4XQFt6gfp0PggQaIhk53rvCvOhh2HwPAKUU9FUZm9+
8UmM7reILHzN1mcfApie0mboV/gXdL5cr56M8dJzPbah2Aw+S6AXAiroL7xUipXx
GbWMesbb7naXlG8b4UGGWbqQPE0zy8Kh/+dtWiVS9ya7qw6bKEGXk4HVd4PhAYJi
ARo/gI67SRz0bw5C/aSWu+qBviI+HxcyMyklrgcLbFR6LIWBqjJee1QHQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKu/76adM9xEzVoGcPPnLrsL98mwMB8GA1UdIwQY
MBaAFMrs5By8LDBibvKijRg58tbEdX8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWIt
ZDg1MWU0MGQ1N2JmLzEvcTdfdnBwMHozRVROV2dadzgtY3V1d3YzeWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWItZDg1MWU0MGQ1N2Jm
LzEveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnHIQMA0G
CSqGSIb3DQEBCwUAA4IBAQCFDgtz3iW4qVXgBTKIzvQWhWDZAyK/FgmiK6uCPcqf
QGIuE+MDFJHVkM3z5X/tKtm7B4kM56Rvlx/tkJeYJ2H2qMexnqfXgvhvJmNaZ+oo
mh1chxnZxdO40h2hIe/64HHhFhC1b4DlJr64WBBrZliy4ydxxhVOmKxHGcX9cLu9
ltlT2LiArAmqUk0sWZKLbcaGtC3rcuDcj37hWpi6i/tPRIMTV7OWru8Y/aFwmYwg
mAJZ4Fjeph0yj/g/67KaJ0YQOxRDYI2pwN35OOVviTQKfWm1BL6WP26xZqg3l5ON
EjW04BOE7HPBFQ4EI7Skyjgy6MZEd2yrTSbMvYHTdOGQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:57 2024 by rpki-client on console-fra.rpki-client.org