Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/h2Q5w956czCaOD9s1UbLxhtwBsI.roa
File: h2Q5w956czCaOD9s1UbLxhtwBsI.roa (raw, json)
Hash identifier: nKcJ57edtd57dmoTfHG358pNE/LdiSJ1CCv5aN3Z9M4=
Subject key identifier: 87:64:39:C3:DE:7A:73:30:9A:38:3F:6C:D5:46:CB:C6:1B:70:06:C2
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019012F0E1BC025D3E425BD44E10D11B5DAD
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/h2Q5w956czCaOD9s1UbLxhtwBsI.roa
Signing time: Thu 13 Jun 2024 18:51:34 +0000
ROA not before: Thu 13 Jun 2024 18:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 147.136.64.0/22 maxlen: 22
147.136.70.0/24 maxlen: 24
168.199.141.0/24 maxlen: 24
168.199.159.0/24 maxlen: 24
168.199.209.0/24 maxlen: 24
168.199.225.0/24 maxlen: 24
192.95.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:12:f0:e1:bc:02:5d:3e:42:5b:d4:4e:10:d1:1b:5d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jun 13 18:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=876439c3de7a73309a383f6cd546cbc61b7006c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:23:51:78:63:7a:9a:94:c2:4d:ea:9f:9e:9d:
fa:43:b7:1f:5c:84:21:f4:c1:3c:2f:05:d2:61:17:
e2:04:09:74:ef:f4:18:7f:0b:3e:39:21:2b:ee:28:
f8:b5:35:34:d4:1f:1a:84:47:73:b5:38:13:35:4d:
5a:4c:c4:8e:7a:ba:e6:59:3a:e4:06:ff:36:c5:c4:
0c:5d:87:49:02:2b:bb:88:73:84:57:6f:3a:e4:15:
9d:0b:c5:92:52:3f:94:6c:af:0b:13:b8:80:d7:6a:
34:da:ec:87:46:77:bb:3a:d1:7e:21:76:b3:63:c4:
bc:50:d7:b3:96:1e:ae:90:39:c3:d2:cb:99:2b:0b:
00:94:7c:ad:77:b3:7d:54:39:f1:76:90:cd:d1:8b:
f9:2a:12:62:79:ed:dd:7b:0e:f8:0a:11:23:ba:56:
15:3a:d0:ae:1c:aa:2d:b5:9b:ae:a5:62:0d:38:83:
88:c0:fc:e4:fd:2f:07:85:53:fd:99:92:02:5c:bd:
ef:97:33:7e:82:8d:d8:e4:e9:5a:15:39:dd:75:ff:
ef:f1:63:07:f3:f4:a9:d0:33:e8:8e:8b:3b:fe:ad:
a7:83:b1:96:2f:6e:45:e1:bf:f2:eb:5d:23:3b:6d:
35:ad:44:69:ed:60:78:bf:1e:30:4d:d6:85:51:eb:
f5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:64:39:C3:DE:7A:73:30:9A:38:3F:6C:D5:46:CB:C6:1B:70:06:C2
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/h2Q5w956czCaOD9s1UbLxhtwBsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.64.0/22
147.136.70.0/24
168.199.141.0/24
168.199.159.0/24
168.199.209.0/24
168.199.225.0/24
192.95.85.0/24
Signature Algorithm: sha256WithRSAEncryption
77:1d:25:42:84:3d:ad:f4:32:42:b2:07:77:e0:8b:db:22:36:
84:6e:b2:21:d0:96:ce:5c:39:96:d9:85:3a:3c:b9:3b:32:1d:
99:0c:50:49:cc:b2:0b:c1:9e:61:e2:8c:78:fb:21:34:24:33:
b8:e0:f2:9a:32:6f:d0:70:52:6c:c9:5f:fb:40:bd:25:ad:e9:
e5:a4:08:a2:f8:93:af:c0:4b:a2:17:88:8f:ab:0e:81:7b:1e:
7b:ed:82:84:75:5b:28:a2:f3:f0:47:90:52:fc:d2:fe:4d:15:
54:0b:5b:4c:28:37:97:be:9c:b6:8b:03:0b:71:5d:f9:52:dd:
3b:aa:e8:5b:af:1d:0a:a3:d6:e4:73:40:4a:43:69:3a:81:cc:
6b:d4:18:ca:ef:d7:79:0d:4f:4a:2f:73:80:98:0f:eb:2b:f9:
f5:9f:dd:8f:27:84:66:85:11:17:10:56:9a:74:58:d0:fe:6b:
17:3a:ab:a4:2e:67:b4:e2:3c:cc:ec:ca:eb:0d:41:a6:41:ce:
94:a6:e8:c8:d7:e0:fd:04:01:d4:c2:c8:46:46:2c:48:96:9f:
63:60:17:89:2f:48:e8:ba:e5:ee:5e:a9:39:43:95:de:80:c6:
84:03:da:24:42:c1:59:8f:c8:ed:0b:2b:b0:85:c6:7a:21:a8:
6c:a8:ce:c2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZAS8OG8Al0+QlvUThDRG12tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwNjEzMTg1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY0MzljM2RlN2E3MzMwOWEzODNmNmNkNTQ2Y2JjNjFiNzAwNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyNReGN6mpTCTeqfnp36Q7cfXIQh
9ME8LwXSYRfiBAl07/QYfws+OSEr7ij4tTU01B8ahEdztTgTNU1aTMSOerrmWTrk
Bv82xcQMXYdJAiu7iHOEV2865BWdC8WSUj+UbK8LE7iA12o02uyHRne7OtF+IXaz
Y8S8UNezlh6ukDnD0suZKwsAlHytd7N9VDnxdpDN0Yv5KhJiee3dew74ChEjulYV
OtCuHKottZuupWINOIOIwPzk/S8HhVP9mZICXL3vlzN+go3Y5OlaFTnddf/v8WMH
8/Sp0DPojos7/q2ng7GWL25F4b/y610jO201rURp7WB4vx4wTdaFUev1vwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIdkOcPeenMwmjg/bNVGy8YbcAbCMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvaDJRNXc5NTZjekNhT0Q5czFVYkx4aHR3QnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCk4hAAwQA
k4hGAwQAqMeNAwQAqMefAwQAqMfRAwQAqMfhAwQAwF9VMA0GCSqGSIb3DQEBCwUA
A4IBAQB3HSVChD2t9DJCsgd34IvbIjaEbrIh0JbOXDmW2YU6PLk7Mh2ZDFBJzLIL
wZ5h4ox4+yE0JDO44PKaMm/QcFJsyV/7QL0lrenlpAii+JOvwEuiF4iPqw6Bex57
7YKEdVsoovPwR5BS/NL+TRVUC1tMKDeXvpy2iwMLcV35Ut07quhbrx0Ko9bkc0BK
Q2k6gcxr1BjK79d5DU9KL3OAmA/rK/n1n92PJ4RmhREXEFaadFjQ/msXOqukLme0
4jzM7MrrDUGmQc6UpujI1+D9BAHUwshGRixIlp9jYBeJL0jouuXuXqk5Q5XegMaE
A9okQsFZj8jtCyuwhcZ6IahsqM7C
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:28:27 2024 by rpki-client on console-fra.rpki-client.org