Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/7Ud8KO9IRQZfuLmsgVphr9D5i2Y.roa
File: 7Ud8KO9IRQZfuLmsgVphr9D5i2Y.roa (raw, json)
Hash identifier: Wh3/hG6IA3kYuE+ahI6kPHoYSl+LK+2xys5ziDHSnIA=
Subject key identifier: ED:47:7C:28:EF:48:45:06:5F:B8:B9:AC:81:5A:61:AF:D0:F9:8B:66
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0192D82417730E0E90A39A523E341BA821AC
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/7Ud8KO9IRQZfuLmsgVphr9D5i2Y.roa
Signing time: Tue 29 Oct 2024 11:58:16 +0000
ROA not before: Tue 29 Oct 2024 11:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 138.124.3.0/24 maxlen: 24
138.124.4.0/24 maxlen: 24
138.124.10.0/24 maxlen: 24
138.124.15.0/24 maxlen: 24
138.124.16.0/24 maxlen: 24
138.124.19.0/24 maxlen: 24
138.124.20.0/24 maxlen: 24
138.124.30.0/24 maxlen: 24
138.124.31.0/24 maxlen: 24
138.124.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:24:17:73:0e:0e:90:a3:9a:52:3e:34:1b:a8:21:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Oct 29 11:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed477c28ef4845065fb8b9ac815a61afd0f98b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a6:79:d0:80:85:f0:a8:e5:14:6e:df:4a:4f:
2d:3d:c9:ee:41:8c:b3:54:7f:23:ef:21:09:19:02:
07:7c:db:aa:32:60:fc:af:33:3e:1c:1c:2c:da:13:
c1:3c:11:08:8c:94:f6:aa:3b:27:b6:51:8e:d7:d5:
a8:29:70:7a:84:0d:3b:a6:13:3f:49:00:69:23:1c:
1c:fb:a7:02:6a:d5:a4:c9:e4:76:7d:20:77:bb:ab:
60:94:38:4e:17:0b:09:91:f6:52:6f:31:63:41:bf:
3f:b1:f9:86:f6:3a:c6:0f:61:95:61:a6:8b:da:85:
b1:af:56:7e:ef:19:d0:17:e6:58:5d:b7:42:c9:dc:
8e:8d:b8:df:8b:d5:8d:3b:eb:d9:14:d8:7a:a3:6a:
c0:4a:8d:86:14:9c:6d:54:12:0f:d1:a2:85:72:cc:
d0:b5:4f:87:5e:bc:b2:77:71:64:dc:81:27:cb:36:
84:77:8c:47:65:24:15:ec:c7:2e:41:13:86:97:ae:
d3:50:5f:71:78:40:5a:58:89:3a:c1:66:2f:9f:72:
7a:1e:72:20:1f:76:e2:fa:a7:c9:d2:bd:7f:cb:58:
f1:40:45:61:d5:55:43:db:21:f1:cc:aa:7e:d4:ef:
35:91:8d:a9:c8:a5:9e:f4:99:c4:cc:bc:68:ec:85:
e8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:47:7C:28:EF:48:45:06:5F:B8:B9:AC:81:5A:61:AF:D0:F9:8B:66
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/7Ud8KO9IRQZfuLmsgVphr9D5i2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.3.0-138.124.4.255
138.124.10.0/24
138.124.15.0-138.124.16.255
138.124.19.0-138.124.20.255
138.124.30.0/23
138.124.125.0/24
Signature Algorithm: sha256WithRSAEncryption
80:fa:4f:0e:a4:50:b0:aa:e7:10:d6:4d:f7:12:ca:e6:b1:82:
d8:ac:9e:0c:5e:9f:82:ce:6c:bc:2a:c0:4c:18:db:a7:23:1a:
68:bf:cc:ed:e7:cd:a5:f4:07:2d:f6:ad:ba:c4:05:bf:07:f7:
0f:d9:36:a4:7a:e3:22:03:a1:d4:bd:6f:76:3c:3d:c4:84:23:
85:d4:db:4b:9c:fd:00:9d:40:6c:1c:5c:9e:9e:e9:e5:6b:2a:
b7:63:f4:71:69:66:6b:39:b7:16:82:4a:b6:42:76:ab:e9:ac:
d2:69:09:4a:db:6e:cf:25:c4:51:f0:97:b5:e2:47:5a:34:af:
a0:72:d7:5f:fd:61:02:39:a0:ac:48:8b:33:62:0f:3a:78:3c:
b8:92:60:43:24:fe:f3:1a:17:9e:f1:1d:10:d8:6f:12:9d:64:
cc:06:56:53:16:65:55:9b:0a:82:d7:2d:5f:f6:5a:cc:cc:3f:
a2:92:ed:a5:77:f8:ec:70:c3:c7:31:eb:d0:7c:ec:d7:8c:19:
44:c2:8b:e3:e0:e3:78:68:98:6f:13:9d:96:78:dc:9d:9b:2d:
bc:8d:36:a9:25:a4:1d:0c:da:3b:48:d8:65:0d:22:f3:7b:19:
7d:56:ea:50:1e:60:54:98:e0:8b:ab:dd:95:28:2e:c6:01:10:
81:14:7e:8a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZLYJBdzDg6Qo5pSPjQbqCGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMDI5MTE1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ3N2MyOGVmNDg0NTA2NWZiOGI5YWM4MTVhNjFhZmQwZjk4YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qZ50ICF8KjlFG7fSk8tPcnuQYyz
VH8j7yEJGQIHfNuqMmD8rzM+HBws2hPBPBEIjJT2qjsntlGO19WoKXB6hA07phM/
SQBpIxwc+6cCatWkyeR2fSB3u6tglDhOFwsJkfZSbzFjQb8/sfmG9jrGD2GVYaaL
2oWxr1Z+7xnQF+ZYXbdCydyOjbjfi9WNO+vZFNh6o2rASo2GFJxtVBIP0aKFcszQ
tU+HXryyd3Fk3IEnyzaEd4xHZSQV7McuQROGl67TUF9xeEBaWIk6wWYvn3J6HnIg
H3bi+qfJ0r1/y1jxQEVh1VVD2yHxzKp+1O81kY2pyKWe9JnEzLxo7IXoAwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO1HfCjvSEUGX7i5rIFaYa/Q+YtmMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvN1VkOEtPOUlSUVpmdUxtc2dWcGhyOUQ1aTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBACKfAMD
BACKfAQDBACKfAowDAMEAIp8DwMEAIp8EDAMAwQAinwTAwQAinwUAwQBinweAwQA
inx9MA0GCSqGSIb3DQEBCwUAA4IBAQCA+k8OpFCwqucQ1k33EsrmsYLYrJ4MXp+C
zmy8KsBMGNunIxpov8zt582l9Act9q26xAW/B/cP2TakeuMiA6HUvW92PD3EhCOF
1NtLnP0AnUBsHFyenunlayq3Y/RxaWZrObcWgkq2Qnar6azSaQlK227PJcRR8Je1
4kdaNK+gctdf/WECOaCsSIszYg86eDy4kmBDJP7zGhee8R0Q2G8SnWTMBlZTFmVV
mwqC1y1f9lrMzD+iku2ld/jscMPHMevQfOzXjBlEwovj4ON4aJhvE52WeNydmy28
jTapJaQdDNo7SNhlDSLzexl9VupQHmBUmOCLq92VKC7GARCBFH6K
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:08:39 2024 by rpki-client on console-ams.rpki-client.org