Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/7oU8RiP7VXMRKfyoy5aBBxA_tbA.roa
File: 7oU8RiP7VXMRKfyoy5aBBxA_tbA.roa (raw, json)
Hash identifier: UQoiD6QoixOp7OH3fLrBG3Hl4rdymiOEU6J0NvtWS/0=
Subject key identifier: EE:85:3C:46:23:FB:55:73:11:29:FC:A8:CB:96:81:07:10:3F:B5:B0
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 018CC801FA8CE4610778DA07EBE2A06BE254
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/7oU8RiP7VXMRKfyoy5aBBxA_tbA.roa
Signing time: Tue 02 Jan 2024 02:30:22 +0000
ROA not before: Tue 02 Jan 2024 02:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 158.162.96.0/20 maxlen: 20
158.162.0.0/18 maxlen: 19
158.162.112.0/21 maxlen: 21
158.162.128.0/18 maxlen: 18
158.162.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:fa:8c:e4:61:07:78:da:07:eb:e2:a0:6b:e2:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 02:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee853c4623fb55731129fca8cb968107103fb5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:97:26:9a:00:fc:49:9d:73:2f:95:55:df:75:
35:4c:5d:93:09:9f:98:e9:cb:00:a7:40:20:fc:97:
da:94:3b:eb:f5:e6:05:71:05:89:64:f8:82:b0:d3:
97:83:06:15:d0:16:81:6d:ce:37:76:f0:8a:3b:8a:
b3:d1:18:31:6f:25:20:5b:01:9a:66:b1:f8:7e:05:
04:bd:47:09:40:53:e4:31:b9:68:a2:fb:9a:2a:6f:
4e:76:09:09:bc:75:92:ad:2b:e2:e7:bd:48:0e:93:
27:ee:75:bb:34:b6:e0:fc:7c:2e:5f:f9:36:8f:1f:
2e:c7:3b:6d:cb:e4:41:89:da:b2:1e:93:0a:a2:9b:
14:37:a2:c8:a6:57:31:d2:03:d6:c8:d1:60:89:a4:
af:37:3d:15:fc:5a:ee:84:a9:49:9f:4f:ef:a9:aa:
06:bc:c2:07:53:6e:7f:cf:9d:b7:9f:2c:cd:4e:a2:
8f:48:aa:31:00:e2:09:1d:0e:41:48:75:c2:7b:59:
79:15:84:c5:b6:5b:a0:95:47:93:41:c5:82:a0:f2:
20:c1:0b:bc:3d:9b:44:c1:f3:83:59:59:6d:0c:e4:
75:02:b1:65:f2:2f:fd:ca:73:4a:90:97:fb:6c:6d:
74:16:c2:f8:84:36:41:1b:48:19:5c:41:82:23:89:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:85:3C:46:23:FB:55:73:11:29:FC:A8:CB:96:81:07:10:3F:B5:B0
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/7oU8RiP7VXMRKfyoy5aBBxA_tbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.0.0-158.162.119.255
158.162.128.0/18
Signature Algorithm: sha256WithRSAEncryption
99:1b:7a:44:4c:10:e3:d4:60:d0:18:b3:38:0c:ee:8a:41:da:
dc:34:98:45:a1:b3:08:bf:79:94:9e:e0:8f:8a:c1:3a:e2:db:
40:90:c4:a2:f0:d4:36:ac:dc:07:26:9b:ba:b6:5b:7d:39:92:
62:fe:5f:74:c1:1e:fa:41:5b:49:1b:49:f6:a6:3d:ac:71:a8:
fc:c5:cd:c3:00:23:60:49:c4:8e:0e:d3:b5:5d:b8:ab:0a:da:
d7:ae:bf:aa:ed:b4:17:fb:0f:b8:9d:34:66:97:5b:55:ca:ca:
74:a9:20:02:a7:db:91:3a:78:63:3d:4e:10:0d:3b:ae:c5:f5:
d2:bc:f6:8f:67:54:3a:67:06:7b:0b:09:2a:fc:8b:f8:fe:ac:
09:cb:da:87:3a:d4:d6:2f:4c:90:47:97:0b:9d:0e:8c:be:6f:
13:e2:40:0d:c5:b2:be:27:b1:16:ab:f2:91:20:d6:4d:b9:6e:
be:e8:41:a3:3f:e3:87:77:aa:e7:9c:00:1f:8b:9c:bd:48:cb:
a4:d7:dd:79:e3:75:e1:0d:25:84:53:b4:9f:89:71:ea:88:ba:
9c:15:9c:43:b4:0e:41:cf:fd:17:77:d5:89:d4:47:8e:95:ea:
ab:70:36:a3:b6:c4:92:97:34:dc:17:70:ce:b1:d9:3c:82:f8:
1b:5d:e4:a4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzIAfqM5GEHeNoH6+Kga+JUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjQwMTAyMDIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg1M2M0NjIzZmI1NTczMTEyOWZjYThjYjk2ODEwNzEwM2ZiNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipcmmgD8SZ1zL5VV33U1TF2TCZ+Y
6csAp0Ag/JfalDvr9eYFcQWJZPiCsNOXgwYV0BaBbc43dvCKO4qz0RgxbyUgWwGa
ZrH4fgUEvUcJQFPkMbloovuaKm9OdgkJvHWSrSvi571IDpMn7nW7NLbg/HwuX/k2
jx8uxztty+RBidqyHpMKopsUN6LIplcx0gPWyNFgiaSvNz0V/FruhKlJn0/vqaoG
vMIHU25/z523nyzNTqKPSKoxAOIJHQ5BSHXCe1l5FYTFtluglUeTQcWCoPIgwQu8
PZtEwfODWVltDOR1ArFl8i/9ynNKkJf7bG10FsL4hDZBG0gZXEGCI4mSvQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFO6FPEYj+1VzESn8qMuWgQcQP7WwMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvN29VOFJpUDdWWE1SS2Z5b3k1YUJCeEFfdGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwGeogME
A56icAMEBp6igDANBgkqhkiG9w0BAQsFAAOCAQEAmRt6REwQ49Rg0BizOAzuikHa
3DSYRaGzCL95lJ7gj4rBOuLbQJDEovDUNqzcByaburZbfTmSYv5fdMEe+kFbSRtJ
9qY9rHGo/MXNwwAjYEnEjg7TtV24qwra166/qu20F/sPuJ00ZpdbVcrKdKkgAqfb
kTp4Yz1OEA07rsX10rz2j2dUOmcGewsJKvyL+P6sCcvahzrU1i9MkEeXC50OjL5v
E+JADcWyviexFqvykSDWTbluvuhBoz/jh3eq55wAH4ucvUjLpNfdeeN14Q0lhFO0
n4lx6oi6nBWcQ7QOQc/9F3fVidRHjpXqq3A2o7bEkpc03BdwzrHZPIL4G13kpA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:15:00 2024 by rpki-client on console-ams.rpki-client.org