Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/110_suLtcjswCXLqOyWkehAlU3Y.roa
File: 110_suLtcjswCXLqOyWkehAlU3Y.roa (raw, json)
Hash identifier: LZVYuOhSk5WjJ+YkyMYZB6v7TaCXjd09kgiXNAaH1Gs=
Subject key identifier: D7:5D:3F:B2:E2:ED:72:3B:30:09:72:EA:3B:25:A4:7A:10:25:53:76
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC7946B55A37D11F52E21178CACED4B63
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/110_suLtcjswCXLqOyWkehAlU3Y.roa
Signing time: Tue 02 Jan 2024 00:30:41 +0000
ROA not before: Tue 02 Jan 2024 00:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 168.199.0.0/20 maxlen: 24
168.199.112.0/20 maxlen: 24
168.199.16.0/23 maxlen: 24
168.199.22.0/23 maxlen: 24
168.199.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6b:55:a3:7d:11:f5:2e:21:17:8c:ac:ed:4b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d75d3fb2e2ed723b300972ea3b25a47a10255376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:51:2d:04:52:a8:c6:be:af:07:2e:08:c4:
ba:28:72:ca:fe:15:a7:ef:ac:da:5e:fb:21:fd:1e:
3c:05:9b:89:bf:a6:54:b2:ad:6c:75:c1:68:bf:89:
e0:c0:ae:9f:5c:10:0b:35:20:00:5e:65:64:15:b0:
c7:89:ea:d2:f1:74:47:d6:d7:97:d5:45:b7:66:88:
74:d5:cf:a3:d1:96:e2:da:a9:65:4d:d7:cb:ae:fd:
d6:22:cc:74:36:74:13:dd:3f:75:6d:02:51:13:76:
70:48:99:a3:69:c0:e4:83:96:39:0b:1f:6e:39:98:
7f:1e:70:4d:8c:b5:8a:23:ab:24:de:00:68:b0:67:
8d:82:50:c7:04:e1:84:ee:92:f0:50:6d:f8:0d:de:
da:7a:bd:bf:0c:0c:67:12:68:98:5e:41:ff:2e:f5:
41:23:c2:70:ea:b6:2d:b0:e9:fd:d6:3a:68:53:14:
9d:0d:d1:4a:8d:d8:cb:fe:ff:21:ea:8d:7b:08:6a:
77:15:2c:b5:e0:23:08:51:dd:55:36:c4:e0:f5:f4:
be:7b:a0:ad:b0:1b:2f:90:f7:c6:49:78:a3:cd:e6:
dc:92:40:7a:8d:f2:c9:63:7f:9f:f8:a3:8f:5f:ea:
a5:a9:6d:bc:5c:fa:03:33:04:03:81:10:00:c2:d9:
d1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:5D:3F:B2:E2:ED:72:3B:30:09:72:EA:3B:25:A4:7A:10:25:53:76
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/110_suLtcjswCXLqOyWkehAlU3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.0.0-168.199.17.255
168.199.22.0/23
168.199.48.0/20
168.199.112.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:9b:90:31:58:31:e3:8c:28:c2:e3:a8:86:28:2d:b6:e1:a3:
43:d6:de:67:cd:b3:3a:d3:fa:07:83:e0:52:0c:e6:75:af:24:
d7:e3:8a:ba:9b:75:37:a2:29:7c:60:0d:b6:71:9d:27:a8:c2:
64:63:53:7e:c7:88:ab:8f:a9:f0:b3:68:e1:ae:57:77:70:ac:
27:35:51:09:76:4c:1f:c2:10:e8:18:e4:71:a1:4d:8d:fd:53:
9c:b7:ff:da:0f:7a:49:db:ce:7e:09:8b:a1:c7:91:aa:56:ab:
dd:bd:00:0e:fd:e2:b8:08:08:ed:ae:4b:8c:95:bf:75:d8:8a:
87:a7:ea:d5:24:e2:21:c9:39:b1:f7:92:e1:06:37:d5:57:80:
09:f9:c7:ff:50:50:27:10:91:30:99:11:85:94:14:0f:32:9f:
a0:f2:f4:00:3e:3d:21:b0:59:30:dd:62:e0:dd:f2:93:f6:66:
cd:83:0e:9e:16:37:5f:4d:80:15:56:50:4f:c8:9e:af:0f:d2:
40:1e:fa:6e:68:6f:94:80:d9:33:82:ef:11:21:3e:9b:26:89:
ed:44:d4:4f:c7:8d:c3:f7:03:e7:26:5f:96:48:18:28:c0:76:
fc:c9:64:22:a9:ea:4d:a1:31:83:e7:3e:fa:32:ac:f9:25:8d:
1f:ec:63:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzHlGtVo30R9S4hF4ys7UtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzVkM2ZiMmUyZWQ3MjNiMzAwOTcyZWEzYjI1YTQ3YTEwMjU1Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom5RLQRSqMa+rwcuCMS6KHLK/hWn
76zaXvsh/R48BZuJv6ZUsq1sdcFov4ngwK6fXBALNSAAXmVkFbDHierS8XRH1teX
1UW3Zoh01c+j0Zbi2qllTdfLrv3WIsx0NnQT3T91bQJRE3ZwSJmjacDkg5Y5Cx9u
OZh/HnBNjLWKI6sk3gBosGeNglDHBOGE7pLwUG34Dd7aer2/DAxnEmiYXkH/LvVB
I8Jw6rYtsOn91jpoUxSdDdFKjdjL/v8h6o17CGp3FSy14CMIUd1VNsTg9fS+e6Ct
sBsvkPfGSXijzebckkB6jfLJY3+f+KOPX+qlqW28XPoDMwQDgRAAwtnRzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNddP7Li7XI7MAly6jslpHoQJVN2MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvMTEwX3N1THRjanN3Q1hMcU95V2tlaEFsVTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfMAsDAwCoxwME
AajHEAMEAajHFgMEBKjHMAMEBKjHcDANBgkqhkiG9w0BAQsFAAOCAQEApJuQMVgx
44wowuOohigttuGjQ9beZ82zOtP6B4PgUgzmda8k1+OKupt1N6IpfGANtnGdJ6jC
ZGNTfseIq4+p8LNo4a5Xd3CsJzVRCXZMH8IQ6BjkcaFNjf1TnLf/2g96SdvOfgmL
oceRqlar3b0ADv3iuAgI7a5LjJW/ddiKh6fq1STiIck5sfeS4QY31VeACfnH/1BQ
JxCRMJkRhZQUDzKfoPL0AD49IbBZMN1i4N3yk/ZmzYMOnhY3X02AFVZQT8ierw/S
QB76bmhvlIDZM4LvESE+myaJ7UTUT8eNw/cD5yZflkgYKMB2/MlkIqnqTaExg+c+
+jKs+SWNH+xjAA==
-----END CERTIFICATE-----
Generated at Sat May 4 04:41:09 2024 by rpki-client on console-ams.rpki-client.org