Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/xVEHhrExMV27MVUqK0MH7O3Wk9Q.roa
File: xVEHhrExMV27MVUqK0MH7O3Wk9Q.roa (raw, json)
Hash identifier: LoltQhe4mGE6VSJ1O5SUq+ApjnW7RFROwXUjy+TQnmc=
Subject key identifier: C5:51:07:86:B1:31:31:5D:BB:31:55:2A:2B:43:07:EC:ED:D6:93:D4
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 018F10839086339122C8E86764D54B4AEF68
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/xVEHhrExMV27MVUqK0MH7O3Wk9Q.roa
Signing time: Wed 24 Apr 2024 14:30:08 +0000
ROA not before: Wed 24 Apr 2024 14:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44712
IP address blocks: 151.249.104.0/21 maxlen: 24
2a01:a8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:83:90:86:33:91:22:c8:e8:67:64:d5:4b:4a:ef:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Apr 24 14:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5510786b131315dbb31552a2b4307ecedd693d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:74:06:24:ae:34:cb:07:53:57:5a:13:e4:7b:
08:82:7f:4c:1e:ac:f4:32:af:5b:5c:3e:34:69:2c:
b5:65:87:5d:b9:89:2f:f9:12:32:8c:c8:d8:df:b9:
e0:2e:e5:94:c3:68:9c:ac:61:8b:8e:4e:71:b2:f1:
75:e4:28:1f:60:84:28:a4:d1:21:a8:2f:25:c7:32:
82:bf:e7:b7:aa:1d:e6:1d:0a:ad:1f:e8:30:1e:ba:
d0:ff:b0:ea:ec:ec:ef:fc:36:d1:87:42:14:67:27:
9c:48:f9:dd:a7:fc:e0:31:7b:dd:7d:80:9c:fb:3e:
3d:6d:59:86:49:76:e7:d1:ae:5a:40:3a:47:fb:68:
81:a3:c6:c4:8e:09:7a:04:2e:5d:d5:37:70:4b:b2:
d0:89:01:30:09:e7:b0:63:d3:0f:a0:da:6b:a4:be:
bc:e4:d3:1b:be:c2:a7:95:ac:8a:01:52:10:06:19:
dd:49:f6:a4:93:f4:25:9b:bb:21:80:3f:c6:78:72:
da:33:44:b3:32:7e:c5:58:8d:bc:82:49:26:c8:fa:
4f:43:c5:7a:ed:6f:e6:cb:90:f4:7c:d9:5f:e7:a6:
ce:43:19:12:b1:51:dd:f2:34:42:5c:fb:c0:2f:10:
1f:3c:51:18:2f:da:37:b6:e3:e4:ef:28:d6:36:9e:
45:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:51:07:86:B1:31:31:5D:BB:31:55:2A:2B:43:07:EC:ED:D6:93:D4
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/xVEHhrExMV27MVUqK0MH7O3Wk9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.104.0/21
IPv6:
2a01:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:08:3a:f4:ce:d4:12:8d:b2:8b:f7:fb:f4:e0:31:8e:34:af:
73:23:cf:b6:31:e2:a3:09:42:be:2f:de:2e:94:b6:27:70:3d:
b9:f4:04:5f:59:d4:59:19:36:ee:a5:f5:81:ce:91:52:3d:f1:
46:fc:53:4a:18:2e:bc:b6:d7:e0:78:64:27:6a:84:12:4b:c7:
4d:ad:a4:66:ba:d5:3b:93:01:18:67:9d:a6:21:63:ce:a5:ed:
b9:90:56:18:0d:ca:41:44:6a:cd:cf:7f:39:fa:67:62:cb:16:
01:94:8e:8b:77:03:a4:d3:ff:9f:b5:3a:02:e5:0a:4a:81:f5:
e0:d8:5a:8b:b4:45:16:73:5f:a9:e5:b8:16:28:79:a7:ab:40:
dc:73:06:aa:0f:1d:77:64:23:b4:ea:f1:72:ac:1f:7b:c8:ad:
c6:2a:65:c3:3a:de:f7:d0:d8:fb:d9:d6:f0:ab:62:8a:10:93:
de:e8:79:af:f5:89:90:b4:1f:e5:92:cd:97:bd:5e:e9:1b:3e:
31:86:6e:be:c2:6a:03:06:83:30:09:15:ae:6b:da:7c:d6:83:
a0:27:db:1a:91:1e:a4:46:a6:56:e8:06:6d:5c:33:58:89:01:
83:72:d7:34:bf:14:19:0e:14:38:c0:ae:ed:5a:8f:5d:42:a9:
7d:4c:c7:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8Qg5CGM5EiyOhnZNVLSu9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjQwNDI0MTQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTUxMDc4NmIxMzEzMTVkYmIzMTU1MmEyYjQzMDdlY2VkZDY5M2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXQGJK40ywdTV1oT5HsIgn9MHqz0
Mq9bXD40aSy1ZYdduYkv+RIyjMjY37ngLuWUw2icrGGLjk5xsvF15CgfYIQopNEh
qC8lxzKCv+e3qh3mHQqtH+gwHrrQ/7Dq7Ozv/DbRh0IUZyecSPndp/zgMXvdfYCc
+z49bVmGSXbn0a5aQDpH+2iBo8bEjgl6BC5d1TdwS7LQiQEwCeewY9MPoNprpL68
5NMbvsKnlayKAVIQBhndSfakk/Qlm7shgD/GeHLaM0SzMn7FWI28gkkmyPpPQ8V6
7W/my5D0fNlf56bOQxkSsVHd8jRCXPvALxAfPFEYL9o3tuPk7yjWNp5FRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVRB4axMTFduzFVKitDB+zt1pPUMB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEveFZFSGhyRXhNVjI3TVZVcUswTUg3TzNXazlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDl/loMA0E
AgACMAcDBQMqAajAMA0GCSqGSIb3DQEBCwUAA4IBAQBACDr0ztQSjbKL9/v04DGO
NK9zI8+2MeKjCUK+L94ulLYncD259ARfWdRZGTbupfWBzpFSPfFG/FNKGC68ttfg
eGQnaoQSS8dNraRmutU7kwEYZ52mIWPOpe25kFYYDcpBRGrNz385+mdiyxYBlI6L
dwOk0/+ftToC5QpKgfXg2FqLtEUWc1+p5bgWKHmnq0DccwaqDx13ZCO06vFyrB97
yK3GKmXDOt730Nj72dbwq2KKEJPe6Hmv9YmQtB/lks2XvV7pGz4xhm6+wmoDBoMw
CRWua9p81oOgJ9sakR6kRqZW6AZtXDNYiQGDctc0vxQZDhQ4wK7tWo9dQql9TMfA
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:50 2024 by rpki-client on console-fra.rpki-client.org