Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/eYxLltUjppZRjlbakLuWWSfjujs.roa
File: eYxLltUjppZRjlbakLuWWSfjujs.roa (raw, json)
Hash identifier: Ov4k3wc9gsD8/U45NW2a2Lpn7jA5xWCbUsGBCf/kGu0=
Subject key identifier: 79:8C:4B:96:D5:23:A6:96:51:8E:56:DA:90:BB:96:59:27:E3:BA:3B
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018CC8DF31B60AD64E839FA334B91D153C48
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/eYxLltUjppZRjlbakLuWWSfjujs.roa
Signing time: Tue 02 Jan 2024 06:31:59 +0000
ROA not before: Tue 02 Jan 2024 06:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204831
IP address blocks: 147.234.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:31:b6:0a:d6:4e:83:9f:a3:34:b9:1d:15:3c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 06:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=798c4b96d523a696518e56da90bb965927e3ba3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6e:a8:bb:e7:d2:9f:cc:9d:20:b4:56:5c:8c:
a2:61:c5:f4:ac:2c:30:e5:6d:c3:4b:fa:e2:c0:8b:
3e:7f:32:4a:c6:af:ee:44:24:57:c3:29:9c:1a:13:
95:6d:15:95:79:78:db:73:1a:d4:0c:b4:cc:da:f7:
d3:a3:b5:2d:96:09:d5:d6:25:f7:92:71:b8:9f:e4:
cd:89:6e:fe:33:e2:70:74:c3:64:05:75:4e:49:c6:
8f:cb:eb:76:f8:f0:e4:a7:f3:97:58:d8:93:37:eb:
77:2d:fe:78:93:2a:c7:28:63:9f:e2:43:ee:1b:01:
49:09:22:a6:28:5f:25:ee:d6:b1:ee:7d:61:0a:b8:
44:c1:3d:38:90:43:6f:c7:75:96:33:b9:79:99:a0:
fc:aa:a5:d2:59:a4:6e:01:50:b2:c0:3f:63:20:e5:
be:7d:c4:10:d9:98:75:06:89:78:df:6a:a1:5a:40:
9e:70:60:4d:21:c5:70:f1:fe:2f:8a:0e:19:a8:ea:
d3:bb:ec:c3:5c:fc:c3:ba:c4:79:19:85:8d:c7:3e:
5d:47:51:ec:4f:4a:d5:80:d9:b9:7d:c2:80:d0:09:
39:ad:39:7f:66:0b:32:b1:d9:bf:31:c7:47:77:dc:
4c:15:44:7e:77:de:2d:fb:bb:c6:14:93:d5:28:55:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:8C:4B:96:D5:23:A6:96:51:8E:56:DA:90:BB:96:59:27:E3:BA:3B
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/eYxLltUjppZRjlbakLuWWSfjujs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.25.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:36:f1:75:64:1c:f9:ed:82:7c:43:d5:b1:ce:11:95:07:b5:
87:e4:03:54:9e:05:f6:83:45:81:ea:a3:7b:57:b3:22:7b:6d:
d0:94:b3:c5:c3:32:eb:05:81:c3:b9:11:12:b2:e0:08:b8:69:
72:be:c7:f5:79:c7:b8:bc:2f:36:ee:4c:ec:60:1a:12:4e:87:
b8:44:55:3e:4b:85:3b:b1:ea:28:df:9b:c4:2a:f5:bb:26:84:
da:95:08:64:c8:60:35:cb:aa:19:81:58:a3:83:ef:40:bf:3a:
09:c4:e1:0d:1a:77:ed:6c:be:03:42:28:ca:47:e3:e0:53:2e:
9b:4f:33:9a:a5:91:ac:4e:6d:6c:60:31:5d:11:6c:9e:a3:c5:
81:96:f4:1d:ef:ae:b3:5b:11:3e:07:3c:a2:c5:4e:af:c9:a3:
73:5e:46:5b:d4:e6:39:5c:36:1e:7d:68:02:b4:d7:e5:d3:3e:
8e:c8:7c:8a:0b:6e:29:d1:ca:e6:93:6d:61:cb:34:1c:c2:60:
b0:af:64:f6:9a:66:71:b9:c4:52:80:6f:ce:54:57:76:3e:96:
03:f5:68:f3:2f:77:de:63:9c:2c:39:a1:84:d7:79:7f:be:b5:
89:ba:3a:f9:e4:20:69:e1:14:ac:5b:07:39:a8:e7:e9:93:93:
c3:b9:20:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3zG2CtZOg5+jNLkdFTxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTAyMDYzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OThjNGI5NmQ1MjNhNjk2NTE4ZTU2ZGE5MGJiOTY1OTI3ZTNiYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW6ou+fSn8ydILRWXIyiYcX0rCww
5W3DS/riwIs+fzJKxq/uRCRXwymcGhOVbRWVeXjbcxrUDLTM2vfTo7UtlgnV1iX3
knG4n+TNiW7+M+JwdMNkBXVOScaPy+t2+PDkp/OXWNiTN+t3Lf54kyrHKGOf4kPu
GwFJCSKmKF8l7tax7n1hCrhEwT04kENvx3WWM7l5maD8qqXSWaRuAVCywD9jIOW+
fcQQ2Zh1Bol432qhWkCecGBNIcVw8f4vig4ZqOrTu+zDXPzDusR5GYWNxz5dR1Hs
T0rVgNm5fcKA0Ak5rTl/Zgsysdm/McdHd9xMFUR+d94t+7vGFJPVKFUmRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmMS5bVI6aWUY5W2pC7llkn47o7MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvZVl4TGx0VWpwcFpSamxiYWtMdVdXU2ZqdWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oZMA0G
CSqGSIb3DQEBCwUAA4IBAQCNNvF1ZBz57YJ8Q9WxzhGVB7WH5ANUngX2g0WB6qN7
V7Mie23QlLPFwzLrBYHDuRESsuAIuGlyvsf1ece4vC827kzsYBoSToe4RFU+S4U7
seoo35vEKvW7JoTalQhkyGA1y6oZgVijg+9AvzoJxOENGnftbL4DQijKR+PgUy6b
TzOapZGsTm1sYDFdEWyeo8WBlvQd766zWxE+BzyixU6vyaNzXkZb1OY5XDYefWgC
tNfl0z6OyHyKC24p0crmk21hyzQcwmCwr2T2mmZxucRSgG/OVFd2PpYD9WjzL3fe
Y5wsOaGE13l/vrWJujr55CBp4RSsWwc5qOfpk5PDuSCe
-----END CERTIFICATE-----
Generated at Tue May 28 23:32:02 2024 by rpki-client on console-ams.rpki-client.org