Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/G2ZuznFw4_fznTAklVihXP9JTX4.roa
File: G2ZuznFw4_fznTAklVihXP9JTX4.roa (raw, json)
Hash identifier: GILdWGseH8hM1YOtjRtagdk/iDGi/4fYfYjD8OrAtzo=
Subject key identifier: 1B:66:6E:CE:71:70:E3:F7:F3:9D:30:24:95:58:A1:5C:FF:49:4D:7E
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0193621FFC225B55591A5EAD70FCA63B769F
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/G2ZuznFw4_fznTAklVihXP9JTX4.roa
Signing time: Mon 25 Nov 2024 07:01:23 +0000
ROA not before: Mon 25 Nov 2024 07:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/23 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:1f:fc:22:5b:55:59:1a:5e:ad:70:fc:a6:3b:76:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Nov 25 07:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b666ece7170e3f7f39d30249558a15cff494d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3c:b9:31:5c:69:c5:8a:73:ac:54:d1:bb:ff:
22:77:72:42:ce:98:ac:49:f8:73:1b:38:41:af:df:
be:b2:24:b6:65:86:8d:0c:95:fa:fc:f9:80:06:91:
8a:d7:45:03:9a:24:17:12:a4:e0:90:f0:ab:ee:1b:
80:09:94:92:d3:0b:d8:47:87:0d:7b:b5:08:75:4d:
45:e9:43:97:8c:d0:8c:68:5b:9d:75:7f:52:31:e0:
56:1f:f3:e0:6a:a9:0f:20:dc:f7:92:fd:9b:0d:ba:
8f:d3:b3:12:e2:27:0a:82:f9:70:9f:6a:99:e8:e6:
f3:44:33:f8:32:ae:85:c1:94:35:6f:51:75:63:44:
76:24:db:0b:77:24:d7:d3:62:e8:c0:01:e5:c2:f5:
c0:90:0f:53:78:11:e9:a3:52:b7:1b:e8:76:7f:00:
6b:97:00:b8:a9:4b:c5:a8:57:0e:99:56:62:e0:ec:
e8:65:a1:7c:0f:50:88:fa:ac:06:08:76:2c:c2:ce:
b0:b3:ee:0c:36:36:3b:1d:65:f6:9a:9d:65:fb:bb:
90:98:70:5d:13:24:5f:7e:b0:92:31:bb:43:65:2f:
69:a6:6c:ee:c5:44:3b:98:5e:bb:78:ce:f9:49:75:
d5:31:7a:f0:f4:b4:95:3c:ac:88:98:c1:24:ce:0c:
3a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:66:6E:CE:71:70:E3:F7:F3:9D:30:24:95:58:A1:5C:FF:49:4D:7E
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/G2ZuznFw4_fznTAklVihXP9JTX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0-140.150.10.255
140.150.12.0/24
140.150.18.0/23
140.150.21.0/24
140.150.24.0/23
140.150.28.0-140.150.33.255
Signature Algorithm: sha256WithRSAEncryption
a7:9e:a5:79:22:9e:98:b7:89:01:bb:a8:f1:b1:68:37:e8:6d:
df:57:f1:1e:16:d9:4c:e7:58:a8:45:bd:e5:8f:67:88:b7:7e:
d3:4f:49:e1:18:59:91:e7:16:30:37:2d:4c:ec:ba:08:09:36:
5d:5d:e6:4d:e6:02:17:43:a7:ec:a6:a9:db:5b:2a:16:59:43:
24:4e:60:93:8c:20:ac:46:ef:34:d6:48:92:0a:a5:e2:bd:61:
a6:5f:67:85:35:88:4b:07:4d:81:cc:60:bd:34:ec:e8:40:2f:
3e:39:4b:94:ad:d6:79:35:38:1a:9b:c1:da:54:8e:3c:9a:b0:
80:3e:98:ff:e8:0c:a7:4a:0f:37:44:b1:c9:25:5c:3d:bc:58:
d9:bd:d8:32:68:42:23:bd:89:75:c6:b8:7b:a8:21:17:2b:3e:
9b:cd:f9:8d:1b:7a:00:31:06:65:7e:21:1f:90:cc:de:6b:6a:
39:83:74:12:13:9a:21:89:c5:8f:89:3e:1f:97:87:3f:c2:3a:
13:d0:d8:41:32:22:3c:fb:74:f2:61:ab:60:48:f2:ca:56:8f:
a1:0c:b1:b6:0e:b4:b2:cd:97:9a:1f:bf:42:12:73:54:c3:52:
09:e8:35:e4:bf:de:8b:33:d0:51:9e:ee:7f:53:b0:70:15:31:
36:04:41:11
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZNiH/wiW1VZGl6tcPymO3afMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMTI1MDcwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY2NmVjZTcxNzBlM2Y3ZjM5ZDMwMjQ5NTU4YTE1Y2ZmNDk0ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDy5MVxpxYpzrFTRu/8id3JCzpis
SfhzGzhBr9++siS2ZYaNDJX6/PmABpGK10UDmiQXEqTgkPCr7huACZSS0wvYR4cN
e7UIdU1F6UOXjNCMaFuddX9SMeBWH/PgaqkPINz3kv2bDbqP07MS4icKgvlwn2qZ
6ObzRDP4Mq6FwZQ1b1F1Y0R2JNsLdyTX02LowAHlwvXAkA9TeBHpo1K3G+h2fwBr
lwC4qUvFqFcOmVZi4OzoZaF8D1CI+qwGCHYsws6ws+4MNjY7HWX2mp1l+7uQmHBd
EyRffrCSMbtDZS9ppmzuxUQ7mF67eM75SXXVMXrw9LSVPKyImMEkzgw62wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBtmbs5xcOP3850wJJVYoVz/SU1+MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvRzJadXpuRnc0X2Z6blRBa2xWaWhYUDlKVFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAATAzMAsDAwGMlgME
AIyWCgMEAIyWDAMEAYyWEgMEAIyWFQMEAYyWGDAMAwQCjJYcAwQBjJYgMA0GCSqG
SIb3DQEBCwUAA4IBAQCnnqV5Ip6Yt4kBu6jxsWg36G3fV/EeFtlM51ioRb3lj2eI
t37TT0nhGFmR5xYwNy1M7LoICTZdXeZN5gIXQ6fspqnbWyoWWUMkTmCTjCCsRu80
1kiSCqXivWGmX2eFNYhLB02BzGC9NOzoQC8+OUuUrdZ5NTgam8HaVI48mrCAPpj/
6AynSg83RLHJJVw9vFjZvdgyaEIjvYl1xrh7qCEXKz6bzfmNG3oAMQZlfiEfkMze
a2o5g3QSE5ohicWPiT4fl4c/wjoT0NhBMiI8+3TyYatgSPLKVo+hDLG2DrSyzZea
H79CEnNUw1IJ6DXkv96LM9BRnu5/U7BwFTE2BEER
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:14:24 2024 by rpki-client on console-ams.rpki-client.org