Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/X98en2YIUdhBFdzG5k0Q2Fg8A4o.roa
File: X98en2YIUdhBFdzG5k0Q2Fg8A4o.roa (raw, json)
Hash identifier: ANGHsacjPs5xKz77s4hIDRNVBzlDnh+543YV/F1pbvg=
Subject key identifier: 5F:DF:1E:9F:66:08:51:D8:41:15:DC:C6:E6:4D:10:D8:58:3C:03:8A
Certificate issuer: /CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Certificate serial: 018CC348E9B10F5C582E307A087FC7C473A1
Authority key identifier: 79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/X98en2YIUdhBFdzG5k0Q2Fg8A4o.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13030
IP address blocks: 185.157.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/ebt3Saveb12k6xxu0cV2gWF4RrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/ebt3Saveb12k6xxu0cV2gWF4RrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e9:b1:0f:5c:58:2e:30:7a:08:7f:c7:c4:73:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fdf1e9f660851d84115dcc6e64d10d8583c038a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:75:f3:cf:ca:a3:84:05:4a:aa:27:5f:36:
09:b4:33:28:d6:d9:ea:c2:4a:06:a0:66:e9:8b:b6:
88:00:ad:30:55:bb:38:1b:4f:bf:86:f1:8e:cd:29:
f1:12:42:3b:7d:cb:f0:f9:22:19:f8:6d:7a:12:c7:
4d:ef:02:cf:8d:98:32:67:61:35:69:52:92:29:3f:
dc:99:b4:3c:53:6f:f0:2a:3a:e4:d9:e2:04:f5:79:
12:b2:82:5f:d1:2b:80:64:66:ec:7d:89:5a:04:41:
84:41:f0:3d:9c:5d:58:40:37:df:dd:97:56:aa:90:
56:fe:89:02:ce:26:7f:42:4f:f6:f3:e3:7c:f9:e0:
61:46:7a:0d:25:09:ec:d1:02:45:7e:d9:af:e1:16:
5f:dc:eb:f4:76:aa:2d:f4:02:05:f2:6f:57:73:ec:
c3:67:ae:0f:7d:90:7e:14:e3:3e:d8:94:9a:77:2d:
2e:a7:31:eb:45:d7:90:02:ec:7b:40:09:03:08:de:
0d:3b:89:7c:08:31:b8:e3:37:d7:30:39:31:3d:1b:
1a:67:6c:39:3d:97:00:2f:5f:66:ac:9b:0f:b3:1b:
60:5b:2b:77:f9:28:25:72:04:f0:b2:a1:30:87:e9:
3a:c7:79:ce:96:5b:32:fb:10:e3:16:d9:76:d7:a8:
dc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DF:1E:9F:66:08:51:D8:41:15:DC:C6:E6:4D:10:D8:58:3C:03:8A
X509v3 Authority Key Identifier:
keyid:79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/X98en2YIUdhBFdzG5k0Q2Fg8A4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/ebt3Saveb12k6xxu0cV2gWF4RrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a8:a3:48:9b:60:b0:1f:75:cb:82:2b:c1:60:3c:64:d0:38:
2e:8c:60:f1:0e:25:a8:c0:b7:be:a4:a1:59:a8:fc:db:57:e3:
4b:d7:e3:35:d7:f1:b3:49:f2:e7:40:d1:a4:ac:5f:c8:09:c0:
7d:c5:ef:29:bb:2f:ef:f8:af:a7:21:f6:2f:a8:38:38:95:59:
b2:2f:33:74:06:47:6b:a1:74:3b:9a:af:b9:1d:9c:0e:20:6f:
b8:e6:e4:32:35:ba:99:8b:ed:f7:e6:13:83:a8:d1:1e:e0:80:
d7:b9:ae:0a:82:cb:32:0b:8f:99:b0:e1:1d:9f:4c:ed:44:29:
09:e2:cf:78:9e:cd:36:f6:3a:25:db:5d:fe:d5:5a:bb:45:92:
db:1f:8d:17:f9:6c:4f:f1:ae:d8:7c:2a:22:37:64:d5:59:a1:
fc:1f:cc:b7:a2:0e:8d:5f:7e:1a:1f:1e:86:b8:5c:44:85:5c:
74:30:fa:3a:85:7e:f9:d1:b7:b1:57:0d:b1:36:15:74:06:63:
42:12:e9:a8:69:b4:ba:79:93:33:f5:ed:2e:27:06:1b:ba:b8:
2f:b8:3e:91:74:77:92:55:4a:7f:cf:18:8f:77:ac:e3:c5:db:
3c:f6:db:29:f6:9e:c9:b9:94:5b:a0:46:e7:1d:56:1b:2e:0a:
b7:23:54:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOmxD1xYLjB6CH/HxHOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YmI3NzQ5YWJkZTZmNWRhNGViMWM2ZWQxYzU3NjgxNjE3
ODQ2YjAwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRmMWU5ZjY2MDg1MWQ4NDExNWRjYzZlNjRkMTBkODU4M2MwMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAd188/Ko4QFSqonXzYJtDMo1tnq
wkoGoGbpi7aIAK0wVbs4G0+/hvGOzSnxEkI7fcvw+SIZ+G16EsdN7wLPjZgyZ2E1
aVKSKT/cmbQ8U2/wKjrk2eIE9XkSsoJf0SuAZGbsfYlaBEGEQfA9nF1YQDff3ZdW
qpBW/okCziZ/Qk/28+N8+eBhRnoNJQns0QJFftmv4RZf3Ov0dqot9AIF8m9Xc+zD
Z64PfZB+FOM+2JSady0upzHrRdeQAux7QAkDCN4NO4l8CDG44zfXMDkxPRsaZ2w5
PZcAL19mrJsPsxtgWyt3+SglcgTwsqEwh+k6x3nOllsy+xDjFtl216jcdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/fHp9mCFHYQRXcxuZNENhYPAOKMB8GA1UdIwQY
MBaAFHm7d0mr3m9dpOscbtHFdoFheEawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEt
NDgyNWUxOGQ3MzAxLzEvWDk4ZW4yWUlVZGhCRmR6RzVrMFEyRmc4QTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEtNDgyNWUxOGQ3MzAx
LzEvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0DMA0G
CSqGSIb3DQEBCwUAA4IBAQCoqKNIm2CwH3XLgivBYDxk0DgujGDxDiWowLe+pKFZ
qPzbV+NL1+M11/GzSfLnQNGkrF/ICcB9xe8puy/v+K+nIfYvqDg4lVmyLzN0Bkdr
oXQ7mq+5HZwOIG+45uQyNbqZi+335hODqNEe4IDXua4KgssyC4+ZsOEdn0ztRCkJ
4s94ns029jol213+1Vq7RZLbH40X+WxP8a7YfCoiN2TVWaH8H8y3og6NX34aHx6G
uFxEhVx0MPo6hX750bexVw2xNhV0BmNCEumoabS6eZMz9e0uJwYburgvuD6RdHeS
VUp/zxiPd6zjxds89tsp9p7JuZRboEbnHVYbLgq3I1Q6
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:35 2024 by rpki-client on console-ams.rpki-client.org