Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/ku9ZZmOrkwWoOcsnmmUNDY8RlZQ.roa
File: ku9ZZmOrkwWoOcsnmmUNDY8RlZQ.roa (raw, json)
Hash identifier: QPTgQtplxi6SCeez9icbnzTMeALf4M1ECkGqLCOzDQ8=
Subject key identifier: 92:EF:59:66:63:AB:93:05:A8:39:CB:27:9A:65:0D:0D:8F:11:95:94
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018CC87140A233666C74768583BC060A6A59
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/ku9ZZmOrkwWoOcsnmmUNDY8RlZQ.roa
Signing time: Tue 02 Jan 2024 04:31:54 +0000
ROA not before: Tue 02 Jan 2024 04:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 147.123.80.0/22 maxlen: 24
147.123.84.0/22 maxlen: 24
147.123.88.0/22 maxlen: 24
147.123.92.0/22 maxlen: 24
147.123.96.0/22 maxlen: 24
147.123.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:40:a2:33:66:6c:74:76:85:83:bc:06:0a:6a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Jan 2 04:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92ef596663ab9305a839cb279a650d0d8f119594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d3:35:67:c0:4e:b4:fd:73:9e:31:aa:12:cb:
41:5e:f0:93:15:75:3f:68:0f:1a:e1:90:72:fa:de:
6d:62:45:cb:88:fe:5e:54:9a:99:f1:87:db:b0:60:
99:87:82:a7:f3:17:07:6a:7c:7f:2f:e4:a2:d6:b5:
98:e9:27:5e:d7:93:9a:1b:ee:6b:8e:93:2f:b4:14:
4a:94:c6:ca:18:a3:24:a6:9b:dc:da:f4:42:f3:8f:
1a:d9:e1:87:1f:bc:36:64:23:8b:67:8c:c5:46:4b:
68:4d:02:39:21:f7:e5:99:8a:81:e6:6a:e4:19:19:
dc:03:12:4b:b0:2d:2c:d1:19:af:79:11:6a:64:af:
16:d3:22:4a:d5:4a:01:49:06:de:42:37:49:bb:0b:
71:4d:cc:63:0b:23:61:af:ee:5f:cb:40:9a:a7:ae:
3f:73:33:64:50:d3:80:17:35:e2:bc:e8:57:ec:6c:
ef:e8:45:ab:02:2e:9e:d3:d7:65:ae:33:18:8c:82:
ca:92:57:31:cf:02:37:2a:dc:19:7c:85:10:7e:50:
f8:90:5a:8e:50:f6:c9:67:da:31:86:71:e2:22:ab:
29:58:0b:91:d2:ef:f1:32:40:a0:e1:3b:03:0a:ba:
fb:cf:30:91:13:cd:89:9e:51:b0:0e:65:93:88:8d:
4c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EF:59:66:63:AB:93:05:A8:39:CB:27:9A:65:0D:0D:8F:11:95:94
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/ku9ZZmOrkwWoOcsnmmUNDY8RlZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.123.80.0-147.123.103.255
Signature Algorithm: sha256WithRSAEncryption
2b:d9:00:4f:34:8c:06:25:d8:ea:3b:cb:eb:12:32:99:f4:c6:
24:1a:d4:87:fd:27:6e:07:85:ca:9e:7a:42:2e:af:15:1b:e4:
33:ec:12:4b:60:f9:36:e7:a8:0a:38:93:ff:8e:54:30:ed:bf:
49:16:4a:43:90:ab:65:c1:30:fe:11:e3:af:76:b2:ef:a8:6b:
91:9f:1b:78:1d:6d:9c:d9:cf:72:9c:c4:ea:49:8d:55:3d:84:
26:a8:6d:06:10:48:98:d1:f3:20:17:71:c6:39:68:f7:8f:5f:
7b:85:5c:57:09:8f:87:c7:dc:09:1a:b9:1e:7a:97:9d:4e:df:
f8:a3:c0:81:d1:c0:6d:4d:ac:28:88:e4:cf:17:38:1c:55:5a:
5d:96:c9:82:43:f8:5a:1b:33:0d:65:e7:ad:1a:13:c1:53:14:
68:10:38:a4:25:3c:ff:51:ab:7e:d3:20:c0:b8:f9:40:d9:d1:
18:2e:48:1e:1d:78:de:ac:57:15:57:7a:7d:11:aa:a1:0f:bb:
d3:00:eb:b6:e0:00:19:2b:25:dd:77:80:33:68:16:d2:ae:5e:
64:a6:97:4c:f2:8e:49:bb:ba:c5:e7:fb:4c:03:74:e3:dd:d0:
7c:d8:77:6a:f4:79:80:be:7b:62:80:c4:53:75:a5:76:18:c0:
ff:70:8c:59
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIcUCiM2ZsdHaFg7wGCmpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjQwMTAyMDQzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVmNTk2NjYzYWI5MzA1YTgzOWNiMjc5YTY1MGQwZDhmMTE5NTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNM1Z8BOtP1znjGqEstBXvCTFXU/
aA8a4ZBy+t5tYkXLiP5eVJqZ8YfbsGCZh4Kn8xcHanx/L+Si1rWY6Sde15OaG+5r
jpMvtBRKlMbKGKMkppvc2vRC848a2eGHH7w2ZCOLZ4zFRktoTQI5IfflmYqB5mrk
GRncAxJLsC0s0RmveRFqZK8W0yJK1UoBSQbeQjdJuwtxTcxjCyNhr+5fy0Cap64/
czNkUNOAFzXivOhX7Gzv6EWrAi6e09dlrjMYjILKklcxzwI3KtwZfIUQflD4kFqO
UPbJZ9oxhnHiIqspWAuR0u/xMkCg4TsDCrr7zzCRE82JnlGwDmWTiI1McwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJLvWWZjq5MFqDnLJ5plDQ2PEZWUMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEva3U5WlptT3Jrd1dvT2Nzbm1tVU5EWThSbFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASTe1AD
BAOTe2AwDQYJKoZIhvcNAQELBQADggEBACvZAE80jAYl2Oo7y+sSMpn0xiQa1If9
J24HhcqeekIurxUb5DPsEktg+TbnqAo4k/+OVDDtv0kWSkOQq2XBMP4R4692su+o
a5GfG3gdbZzZz3KcxOpJjVU9hCaobQYQSJjR8yAXccY5aPePX3uFXFcJj4fH3Aka
uR56l51O3/ijwIHRwG1NrCiI5M8XOBxVWl2WyYJD+FobMw1l560aE8FTFGgQOKQl
PP9Rq37TIMC4+UDZ0RguSB4deN6sVxVXen0RqqEPu9MA67bgABkrJd13gDNoFtKu
XmSml0zyjkm7usXn+0wDdOPd0HzYd2r0eYC+e2KAxFN1pXYYwP9wjFk=
-----END CERTIFICATE-----
Generated at Mon May 20 00:05:06 2024 by rpki-client on console-ams.rpki-client.org