Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/SdxiNDGYYyjxMkaPwWgr1T9XxNI.roa
File: SdxiNDGYYyjxMkaPwWgr1T9XxNI.roa (raw, json)
Hash identifier: DP2MTIdggGgFhDSklgpOvP1pkHcdIVqrs10Mt4j0dmU=
Subject key identifier: 49:DC:62:34:31:98:63:28:F1:32:46:8F:C1:68:2B:D5:3F:57:C4:D2
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018CC8DF2D973653C95C5CA5B07C0C36C907
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/SdxiNDGYYyjxMkaPwWgr1T9XxNI.roa
Signing time: Tue 02 Jan 2024 06:31:58 +0000
ROA not before: Tue 02 Jan 2024 06:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56596
IP address blocks: 147.234.6.0/24 maxlen: 24
147.234.6.0/23 maxlen: 23
147.234.7.0/24 maxlen: 24
147.234.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:2d:97:36:53:c9:5c:5c:a5:b0:7c:0c:36:c9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 06:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49dc623431986328f132468fc1682bd53f57c4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:15:7b:27:9c:8f:ca:64:78:bf:00:a9:ca:17:
64:e9:96:4a:11:7d:07:13:97:92:a3:20:9e:30:62:
97:a2:79:a5:c9:53:6f:cf:6a:cd:f3:e6:7c:9b:e8:
5c:b2:68:2b:03:14:e1:eb:fa:8f:7d:b9:65:1c:24:
1e:58:ef:38:3d:1c:af:ad:58:52:bc:29:66:52:5b:
fa:be:77:b8:a6:fc:10:df:2d:9f:f6:b4:bb:dd:f9:
65:cb:3a:82:e3:ca:40:93:c2:7e:73:7c:77:0c:3a:
79:fb:5d:96:2e:eb:9d:6f:da:27:94:0a:75:da:da:
0f:31:71:93:73:13:3c:4a:ce:00:8a:bb:95:ae:a9:
f2:7d:ab:b2:1e:6a:71:b3:be:ec:47:95:66:26:00:
a1:c0:c0:cb:6b:12:3e:3e:15:4e:dc:9b:47:1e:07:
1a:e0:d5:e1:df:07:fb:1b:97:52:62:b5:6c:b2:a0:
f2:df:83:26:1f:66:26:12:c1:79:16:17:1d:49:cd:
4d:c1:1d:17:38:da:fc:96:02:16:fa:57:11:53:34:
a3:65:bb:ee:be:27:4c:72:52:4c:8a:e7:5a:1a:7e:
1e:21:af:55:f9:42:cd:a4:7b:8c:9d:d4:18:16:6c:
98:29:c7:df:14:94:a2:06:66:0e:84:20:96:5c:1d:
6d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DC:62:34:31:98:63:28:F1:32:46:8F:C1:68:2B:D5:3F:57:C4:D2
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/SdxiNDGYYyjxMkaPwWgr1T9XxNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.6.0/23
147.234.16.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e4:74:44:fd:df:be:79:d6:dc:2d:a2:dc:d1:8b:94:f0:ca:
05:8d:bd:30:4c:11:79:53:92:d6:da:b4:ee:42:4b:17:66:7c:
53:e9:ee:30:08:57:77:28:30:e6:75:9e:58:81:35:69:9f:75:
f7:67:fc:3e:db:0a:20:24:18:16:31:ec:bc:bc:6e:f4:87:c2:
fa:55:26:4b:6e:98:6f:22:22:a0:a8:e5:e4:ed:dc:eb:d6:29:
27:05:7a:4f:57:4b:94:06:62:06:24:6d:a9:2a:53:5b:3f:8c:
04:3a:d7:3c:1b:2f:67:4f:e9:83:c5:b1:e4:66:28:48:cb:89:
3d:9c:98:45:87:68:5b:ab:dc:56:f7:95:d4:e4:76:b1:7d:9a:
86:fc:7c:01:7c:9b:7a:e9:e2:2c:70:64:d7:89:6e:ec:ac:52:
6b:08:e1:4b:bf:9e:07:a8:9e:4d:58:5a:4b:8e:08:95:ae:b2:
6d:da:9b:ce:c9:13:58:82:92:14:48:a9:9c:74:d1:5e:15:b3:
1d:eb:8f:89:65:01:fb:59:dd:19:24:c2:09:b9:74:c2:74:e9:
c7:d9:c1:42:28:8c:35:9f:17:76:cf:bf:29:fa:d3:56:13:40:
08:7c:77:a7:3c:36:31:b3:46:7d:9f:78:6f:2b:3b:65:c7:72:
2b:6b:52:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3y2XNlPJXFylsHwMNskHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTAyMDYzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWRjNjIzNDMxOTg2MzI4ZjEzMjQ2OGZjMTY4MmJkNTNmNTdjNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxV7J5yPymR4vwCpyhdk6ZZKEX0H
E5eSoyCeMGKXonmlyVNvz2rN8+Z8m+hcsmgrAxTh6/qPfbllHCQeWO84PRyvrVhS
vClmUlv6vne4pvwQ3y2f9rS73fllyzqC48pAk8J+c3x3DDp5+12WLuudb9onlAp1
2toPMXGTcxM8Ss4AiruVrqnyfauyHmpxs77sR5VmJgChwMDLaxI+PhVO3JtHHgca
4NXh3wf7G5dSYrVssqDy34MmH2YmEsF5FhcdSc1NwR0XONr8lgIW+lcRUzSjZbvu
vidMclJMiudaGn4eIa9V+ULNpHuMndQYFmyYKcffFJSiBmYOhCCWXB1tvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEncYjQxmGMo8TJGj8FoK9U/V8TSMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvU2R4aU5ER1lZeWp4TWthUHdXZ3IxVDlYeE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBk+oGAwQA
k+oQMA0GCSqGSIb3DQEBCwUAA4IBAQBC5HRE/d++edbcLaLc0YuU8MoFjb0wTBF5
U5LW2rTuQksXZnxT6e4wCFd3KDDmdZ5YgTVpn3X3Z/w+2wogJBgWMey8vG70h8L6
VSZLbphvIiKgqOXk7dzr1iknBXpPV0uUBmIGJG2pKlNbP4wEOtc8Gy9nT+mDxbHk
ZihIy4k9nJhFh2hbq9xW95XU5HaxfZqG/HwBfJt66eIscGTXiW7srFJrCOFLv54H
qJ5NWFpLjgiVrrJt2pvOyRNYgpIUSKmcdNFeFbMd64+JZQH7Wd0ZJMIJuXTCdOnH
2cFCKIw1nxd2z78p+tNWE0AIfHenPDYxs0Z9n3hvKztlx3Ira1Js
-----END CERTIFICATE-----
Generated at Tue May 28 22:52:58 2024 by rpki-client on console-fra.rpki-client.org