Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/sRMhEW0dD1HTVmNX5BI1R-xwQZA.roa
File: sRMhEW0dD1HTVmNX5BI1R-xwQZA.roa (raw, json)
Hash identifier: weA9cq7xtqRgVZKqI3pg16TzmzLLN4ubF0AtYTO4Fho=
Subject key identifier: B1:13:21:11:6D:1D:0F:51:D3:56:63:57:E4:12:35:47:EC:70:41:90
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 018CC7275F3D0C0F7EE8AC712E74EE8EC8AC
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/sRMhEW0dD1HTVmNX5BI1R-xwQZA.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9583
IP address blocks: 159.151.254.0/24 maxlen: 24
192.109.146.0/24 maxlen: 24
2a07:8145::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5f:3d:0c:0f:7e:e8:ac:71:2e:74:ee:8e:c8:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b11321116d1d0f51d3566357e4123547ec704190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:da:81:1c:3a:dc:32:6b:69:48:59:42:4f:7e:
66:1e:84:5a:3b:e7:8f:dc:7e:5c:21:22:c9:cb:d5:
96:77:22:1e:ff:4b:f6:d9:be:99:a5:36:a2:2f:74:
7a:61:93:cb:f4:b3:76:46:1e:95:e4:a9:e9:5e:92:
7f:eb:fc:a1:7d:62:9a:d9:e2:59:19:8f:73:44:3d:
e4:41:d6:f5:6b:fe:3a:d2:f8:37:65:fe:f3:ff:77:
93:37:f4:65:56:5d:8e:06:85:5d:f3:74:bc:ee:9d:
2d:05:d7:f1:06:c4:07:20:58:3e:a4:ce:1e:dc:d2:
2c:bf:b9:4b:b3:f1:1a:e1:81:29:6e:60:10:d8:32:
71:e9:03:24:19:c7:47:50:c9:12:68:d8:a9:2d:a0:
1b:d4:0b:96:e1:61:d1:4f:34:b7:48:88:dc:48:1c:
61:de:36:ff:88:34:d7:ff:d7:99:6a:5f:e1:7b:09:
82:57:02:e2:59:b9:95:a3:1d:30:82:2e:f9:77:1b:
08:3d:4e:06:c4:f4:d9:87:de:4e:d4:24:7a:96:81:
09:ef:76:c6:3f:28:2c:ad:cd:23:60:99:8e:ad:25:
1f:e6:99:1b:01:7f:0c:24:32:f5:48:8a:e8:4c:58:
94:59:0d:7e:e4:aa:dd:fc:5d:73:27:e2:67:91:9e:
59:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:13:21:11:6D:1D:0F:51:D3:56:63:57:E4:12:35:47:EC:70:41:90
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/sRMhEW0dD1HTVmNX5BI1R-xwQZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.254.0/24
192.109.146.0/24
IPv6:
2a07:8145::/36
Signature Algorithm: sha256WithRSAEncryption
3c:65:26:69:ac:4c:e1:20:8e:c8:85:7a:af:a4:3a:ea:35:9b:
05:aa:65:49:57:fa:5f:0d:06:a4:84:20:7e:d4:7f:38:0b:0e:
23:97:3b:38:b7:46:ef:80:83:5a:f8:5f:8c:a5:b6:97:47:a5:
ad:c1:0e:3e:31:53:b2:ae:82:0d:56:d4:5b:10:7b:14:0a:0a:
0e:86:ef:fb:bf:e7:da:93:30:81:db:73:46:9a:d2:d8:9c:e6:
13:79:d5:08:ea:d9:a5:88:6f:a9:83:a2:45:09:24:ee:1a:aa:
8e:d9:7b:c6:d7:27:9e:f1:19:88:92:66:c9:59:3e:3f:e6:cc:
f0:62:37:02:4c:cc:8e:2d:7a:d9:d2:58:0a:c6:82:81:24:65:
77:f0:d3:34:5b:45:fc:0e:38:c2:c7:ab:44:8c:b4:ee:ee:11:
0a:b7:8b:6f:7f:d4:c5:38:25:9b:41:7d:21:aa:cf:ac:b7:38:
e7:67:39:43:fe:2d:74:a5:fa:9a:e8:10:81:f4:a8:49:69:64:
be:ef:59:e2:16:2a:70:b7:15:ed:9a:e9:03:5c:5e:5a:f0:11:
b6:f1:8e:a9:83:f9:33:89:29:60:01:f4:22:5d:a8:d5:e6:17:
64:86:7f:0e:3d:b4:d0:38:c3:92:1d:03:e8:72:ae:79:f2:17:
52:28:b7:e7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzHJ189DA9+6KxxLnTujsisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTEzMjExMTZkMWQwZjUxZDM1NjYzNTdlNDEyMzU0N2VjNzA0MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NqBHDrcMmtpSFlCT35mHoRaO+eP
3H5cISLJy9WWdyIe/0v22b6ZpTaiL3R6YZPL9LN2Rh6V5KnpXpJ/6/yhfWKa2eJZ
GY9zRD3kQdb1a/460vg3Zf7z/3eTN/RlVl2OBoVd83S87p0tBdfxBsQHIFg+pM4e
3NIsv7lLs/Ea4YEpbmAQ2DJx6QMkGcdHUMkSaNipLaAb1AuW4WHRTzS3SIjcSBxh
3jb/iDTX/9eZal/hewmCVwLiWbmVox0wgi75dxsIPU4GxPTZh95O1CR6loEJ73bG
Pygsrc0jYJmOrSUf5pkbAX8MJDL1SIroTFiUWQ1+5Krd/F1zJ+JnkZ5Z0QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLETIRFtHQ9R01ZjV+QSNUfscEGQMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvc1JNaEVXMGREMUhUVm1OWDVCSTFSLXh3UVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAn5f+AwQA
wG2SMA4EAgACMAgDBgQqB4FFADANBgkqhkiG9w0BAQsFAAOCAQEAPGUmaaxM4SCO
yIV6r6Q66jWbBaplSVf6Xw0GpIQgftR/OAsOI5c7OLdG74CDWvhfjKW2l0elrcEO
PjFTsq6CDVbUWxB7FAoKDobv+7/n2pMwgdtzRprS2JzmE3nVCOrZpYhvqYOiRQkk
7hqqjtl7xtcnnvEZiJJmyVk+P+bM8GI3AkzMji162dJYCsaCgSRld/DTNFtF/A44
wserRIy07u4RCreLb3/UxTglm0F9IarPrLc452c5Q/4tdKX6mugQgfSoSWlkvu9Z
4hYqcLcV7ZrpA1xeWvARtvGOqYP5M4kpYAH0Il2o1eYXZIZ/Dj200DjDkh0D6HKu
efIXUii35w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:37 2024 by rpki-client on console-fra.rpki-client.org