Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/9L7UvQQGhWV8ymKT3JjCvRfnnpE.roa
File: 9L7UvQQGhWV8ymKT3JjCvRfnnpE.roa (raw, json)
Hash identifier: qPtqo9hF17QSWiHCyKukfkf6Mw1HCOCLe8snidpxJ5Q=
Subject key identifier: F4:BE:D4:BD:04:06:85:65:7C:CA:62:93:DC:98:C2:BD:17:E7:9E:91
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0191BC68FC65DA36FD10FAE7551258F64B02
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/9L7UvQQGhWV8ymKT3JjCvRfnnpE.roa
Signing time: Wed 04 Sep 2024 09:41:22 +0000
ROA not before: Wed 04 Sep 2024 09:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 138.124.0.0/17 maxlen: 24
138.124.245.0/24 maxlen: 24
138.124.246.0/24 maxlen: 24
138.124.247.0/24 maxlen: 24
138.124.251.0/24 maxlen: 24
138.124.252.0/24 maxlen: 24
138.124.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:68:fc:65:da:36:fd:10:fa:e7:55:12:58:f6:4b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Sep 4 09:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4bed4bd040685657cca6293dc98c2bd17e79e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cd:8a:95:3d:b5:11:88:69:61:d4:63:01:a2:
70:4e:bb:6d:d5:f9:9e:05:04:2c:d1:1e:b5:96:fd:
b3:0a:0e:4e:be:34:4d:0a:f8:80:bb:57:88:dc:f9:
6b:73:07:70:ba:ec:15:c9:dd:52:b7:fc:a5:a1:90:
c1:45:8b:40:aa:fe:74:66:7d:24:ea:98:15:9c:80:
37:eb:50:86:4e:59:1b:47:67:b8:94:cb:2c:8b:26:
7c:5b:81:9c:4c:1f:c4:63:51:7d:ed:66:ee:df:f1:
bb:bd:11:b1:74:86:67:10:a3:1a:9b:39:8e:2b:c9:
c5:08:3e:5f:60:fb:b7:c0:bf:89:f3:64:0e:85:40:
71:08:e0:d1:02:b0:82:81:48:c6:cf:2e:48:a9:0d:
9b:4d:d3:47:d9:bf:23:8a:da:f2:5f:79:ea:30:32:
43:6a:35:2a:17:42:b5:65:78:dc:b4:41:86:04:36:
e1:ee:48:dc:b3:20:02:9a:b3:c2:a4:31:6e:7b:e7:
fe:9f:54:6d:dc:2e:76:8f:e4:41:1e:96:d4:d6:81:
4d:e0:f2:84:70:41:c7:71:0a:a8:e5:14:97:64:a8:
dc:8e:27:ea:72:c3:34:61:9b:68:a6:50:8c:27:c6:
a7:9b:a8:6a:12:a3:b0:17:21:cf:a3:9e:88:f2:0f:
47:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BE:D4:BD:04:06:85:65:7C:CA:62:93:DC:98:C2:BD:17:E7:9E:91
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/9L7UvQQGhWV8ymKT3JjCvRfnnpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.0.0/17
138.124.245.0-138.124.247.255
138.124.251.0-138.124.253.255
Signature Algorithm: sha256WithRSAEncryption
a0:dd:c1:9f:4c:10:26:0d:1b:22:cd:73:ac:8d:d0:0c:9b:f9:
f9:c8:34:bc:c1:6e:e5:25:3e:93:24:d6:3a:b7:e7:f8:e2:7f:
f0:1c:b5:c8:93:88:7a:8c:2c:b7:af:fa:cc:78:e8:2c:4b:a8:
eb:d5:1a:7f:8d:ee:96:01:bf:56:83:8d:62:88:9b:d4:a4:da:
57:77:62:b1:1d:f5:09:be:ff:00:b7:2f:9a:93:20:93:12:16:
7b:79:71:dc:91:3b:cd:2c:b9:27:35:be:9a:38:59:a6:b0:08:
ef:c7:8e:bf:32:89:fb:98:95:9a:03:74:18:cd:8a:e3:d9:ac:
99:01:a7:98:00:9f:9f:d6:b4:5a:79:93:f9:f4:6c:5d:d3:d1:
92:2f:df:9b:24:54:e3:f1:d5:14:d5:7d:55:88:32:59:fd:93:
4d:e9:ea:a3:d0:b7:41:d0:0c:0a:9c:62:ac:1d:9d:d8:ad:0c:
08:48:92:9a:01:1f:71:0a:23:de:92:a7:d5:81:27:d3:75:28:
7d:0c:6a:30:db:9f:68:8d:c9:22:1c:29:de:45:d4:96:e8:30:
28:36:4b:c3:bd:45:19:4d:d4:89:13:34:fe:34:cd:40:44:32:
6b:99:2a:0d:c9:88:f1:44:42:da:81:2b:dc:c1:1b:46:c5:ea:
f7:7c:5f:24
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZG8aPxl2jb9EPrnVRJY9ksCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQwOTA0MDk0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJlZDRiZDA0MDY4NTY1N2NjYTYyOTNkYzk4YzJiZDE3ZTc5ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s2KlT21EYhpYdRjAaJwTrtt1fme
BQQs0R61lv2zCg5OvjRNCviAu1eI3PlrcwdwuuwVyd1St/yloZDBRYtAqv50Zn0k
6pgVnIA361CGTlkbR2e4lMssiyZ8W4GcTB/EY1F97Wbu3/G7vRGxdIZnEKMamzmO
K8nFCD5fYPu3wL+J82QOhUBxCODRArCCgUjGzy5IqQ2bTdNH2b8jitryX3nqMDJD
ajUqF0K1ZXjctEGGBDbh7kjcsyACmrPCpDFue+f+n1Rt3C52j+RBHpbU1oFN4PKE
cEHHcQqo5RSXZKjcjifqcsM0YZtoplCMJ8anm6hqEqOwFyHPo56I8g9H4QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPS+1L0EBoVlfMpik9yYwr0X556RMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvOUw3VXZRUUdoV1Y4eW1LVDNKakN2UmZubnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQHinwAMAwD
BACKfPUDBAOKfPAwDAMEAIp8+wMEAYp8/DANBgkqhkiG9w0BAQsFAAOCAQEAoN3B
n0wQJg0bIs1zrI3QDJv5+cg0vMFu5SU+kyTWOrfn+OJ/8By1yJOIeowst6/6zHjo
LEuo69Uaf43ulgG/VoONYoib1KTaV3disR31Cb7/ALcvmpMgkxIWe3lx3JE7zSy5
JzW+mjhZprAI78eOvzKJ+5iVmgN0GM2K49msmQGnmACfn9a0WnmT+fRsXdPRki/f
myRU4/HVFNV9VYgyWf2TTenqo9C3QdAMCpxirB2d2K0MCEiSmgEfcQoj3pKn1YEn
03UofQxqMNufaI3JIhwp3kXUlugwKDZLw71FGU3UiRM0/jTNQEQya5kqDcmI8URC
2oEr3MEbRsXq93xfJA==
-----END CERTIFICATE-----
Generated at Fri Sep 27 21:59:04 2024 by rpki-client on console-ams.rpki-client.org