Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/M6UOqfJXqFcYTfchRFGdDbaGY5s.roa
File: M6UOqfJXqFcYTfchRFGdDbaGY5s.roa (raw, json)
Hash identifier: KRDo3+ThehRITJy11OX6jEFrlkauVGJU5o5zvy1cmVo=
Subject key identifier: 33:A5:0E:A9:F2:57:A8:57:18:4D:F7:21:44:51:9D:0D:B6:86:63:9B
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018CC5DC893EE0603ABD97155A1B268F38AB
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/M6UOqfJXqFcYTfchRFGdDbaGY5s.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64249
IP address blocks: 147.189.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:89:3e:e0:60:3a:bd:97:15:5a:1b:26:8f:38:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33a50ea9f257a857184df72144519d0db686639b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:42:e6:0d:22:ea:48:db:27:c0:20:6c:39:55:
f1:02:b8:07:18:91:a1:8a:ea:ef:2b:ef:91:31:a6:
0e:ea:55:65:72:de:2d:45:b5:a7:69:76:d3:64:d0:
34:de:b2:b2:df:81:73:c2:aa:e2:e9:2e:23:cc:0e:
b9:0f:fd:2e:a0:27:18:09:05:9d:63:16:98:4c:34:
ec:5b:07:1c:92:81:16:d6:f7:2e:00:1f:5e:fa:22:
8c:e0:bb:01:f7:61:41:24:6e:08:24:20:86:29:65:
3b:89:af:47:6f:85:1f:0c:2f:b0:ab:a8:3e:a0:9a:
c3:93:a9:37:f5:1e:6c:79:25:6b:b9:81:ac:77:90:
c4:2e:cf:60:73:70:f6:1b:f1:f1:e0:a8:6d:54:04:
da:c5:e5:fd:92:ef:93:a3:88:e3:4d:f6:57:54:0e:
a4:fb:a5:5e:bb:38:4a:0c:a1:06:bc:9b:90:3d:9a:
1e:d7:5a:b8:71:4c:39:c4:fc:57:46:e6:03:0c:0c:
9e:ec:b2:cc:25:b1:11:e2:38:09:c7:ec:13:71:cf:
4f:25:78:65:1b:ad:3e:78:0c:e5:e4:4e:10:fd:88:
fa:55:01:2a:9c:07:f1:70:3b:58:17:4d:1f:1f:06:
d6:23:34:cc:47:25:d4:9c:ee:28:73:a9:4b:9b:e0:
e4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A5:0E:A9:F2:57:A8:57:18:4D:F7:21:44:51:9D:0D:B6:86:63:9B
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/M6UOqfJXqFcYTfchRFGdDbaGY5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.137.0/24
Signature Algorithm: sha256WithRSAEncryption
59:9f:a4:18:a0:78:35:c1:d9:cb:01:ff:ea:90:c0:0e:9b:dc:
b7:64:8a:db:08:63:dc:82:04:e2:73:af:17:db:97:ae:f0:e7:
bb:8a:dc:15:dd:83:73:b6:dd:64:e3:44:60:2b:ca:a1:ba:50:
f0:f9:ae:33:f2:82:51:53:e1:ec:b0:fd:e6:5d:a9:33:a7:a8:
39:aa:fc:be:47:0e:7a:8b:2b:c5:65:d9:9e:ef:99:f8:d2:b7:
dd:ce:ff:98:6e:b8:d9:ba:42:00:82:4c:be:ca:2e:64:ad:d0:
07:e7:ca:07:6e:6c:4e:42:b9:92:dd:48:88:6d:9e:f3:d5:e8:
a3:9b:b3:ef:a0:26:69:4c:76:5c:f6:5b:9b:2e:8f:67:4a:59:
e3:c6:de:bf:cc:08:a3:81:c8:53:b7:f9:f5:07:b2:4d:86:f6:
a5:46:c3:7d:61:41:e6:29:9a:74:ae:ec:3a:ce:92:8f:19:8e:
57:66:3e:08:5b:c2:f0:9b:eb:e1:e9:16:aa:4e:db:90:97:48:
15:85:46:2d:12:0a:5c:49:0d:63:90:f4:c8:72:8a:d9:e4:ea:
47:4f:2b:8d:97:38:e8:f3:d5:ff:41:c0:f3:b3:29:c1:e7:03:
22:1a:47:00:53:bc:11:33:2c:ad:ba:0b:a0:ec:bd:7a:f1:7b:
31:71:b4:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3Ik+4GA6vZcVWhsmjzirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2E1MGVhOWYyNTdhODU3MTg0ZGY3MjE0NDUxOWQwZGI2ODY2MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ELmDSLqSNsnwCBsOVXxArgHGJGh
iurvK++RMaYO6lVlct4tRbWnaXbTZNA03rKy34Fzwqri6S4jzA65D/0uoCcYCQWd
YxaYTDTsWwcckoEW1vcuAB9e+iKM4LsB92FBJG4IJCCGKWU7ia9Hb4UfDC+wq6g+
oJrDk6k39R5seSVruYGsd5DELs9gc3D2G/Hx4KhtVATaxeX9ku+To4jjTfZXVA6k
+6VeuzhKDKEGvJuQPZoe11q4cUw5xPxXRuYDDAye7LLMJbER4jgJx+wTcc9PJXhl
G60+eAzl5E4Q/Yj6VQEqnAfxcDtYF00fHwbWIzTMRyXUnO4oc6lLm+DksQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDOlDqnyV6hXGE33IURRnQ22hmObMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL002VU9xZkpYcUZjWVRmY2hSRkdkRGJhR1k1cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTvYkw
DQYJKoZIhvcNAQELBQADggEBAFmfpBigeDXB2csB/+qQwA6b3LdkitsIY9yCBOJz
rxfbl67w57uK3BXdg3O23WTjRGAryqG6UPD5rjPyglFT4eyw/eZdqTOnqDmq/L5H
DnqLK8Vl2Z7vmfjSt93O/5huuNm6QgCCTL7KLmSt0AfnygdubE5CuZLdSIhtnvPV
6KObs++gJmlMdlz2W5suj2dKWePG3r/MCKOByFO3+fUHsk2G9qVGw31hQeYpmnSu
7DrOko8ZjldmPghbwvCb6+HpFqpO25CXSBWFRi0SClxJDWOQ9Mhyitnk6kdPK42X
OOjz1f9BwPOzKcHnAyIaRwBTvBEzLK26C6DsvXrxezFxtH0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:55:45 2024 by rpki-client on console-ams.rpki-client.org