Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/f4O-GTlZC3WAmbYNbM3NjxebP_M.roa
File: f4O-GTlZC3WAmbYNbM3NjxebP_M.roa (raw, json)
Hash identifier: z+xkO59m7bbT0ktsgoOGZhstR7KpE9bKWBBRzUxz2Kk=
Subject key identifier: 7F:83:BE:19:39:59:0B:75:80:99:B6:0D:6C:CD:CD:8F:17:9B:3F:F3
Certificate issuer: /CN=175501d93e9b2b1a4fed308e2ae431cc277e69e0
Certificate serial: 0193913CEF5D006A9324AE75DFA225E0BF25
Authority key identifier: 17:55:01:D9:3E:9B:2B:1A:4F:ED:30:8E:2A:E4:31:CC:27:7E:69:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/f4O-GTlZC3WAmbYNbM3NjxebP_M.roa
Signing time: Wed 04 Dec 2024 10:35:09 +0000
ROA not before: Wed 04 Dec 2024 10:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 166.49.128.0/17 maxlen: 17
166.49.171.0/24 maxlen: 24
166.49.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 16:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:3c:ef:5d:00:6a:93:24:ae:75:df:a2:25:e0:bf:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175501d93e9b2b1a4fed308e2ae431cc277e69e0
Validity
Not Before: Dec 4 10:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f83be1939590b758099b60d6ccdcd8f179b3ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4f:6a:0f:f4:c2:ee:6b:54:06:da:be:fc:4d:
ce:5c:7a:4a:bf:82:c8:b1:06:55:07:49:9f:86:69:
3a:e8:02:fa:df:b1:c1:55:c2:24:6a:5d:40:8e:5f:
c0:2f:8e:39:98:14:d2:1a:35:90:8c:40:71:a2:6b:
7b:08:65:98:ed:cd:3d:18:35:5a:31:cf:0a:10:e0:
c0:eb:7c:3e:f8:3c:f8:0d:aa:a8:7c:62:6b:5b:af:
f5:c1:1b:b4:86:7f:17:81:9a:a9:86:18:ec:62:e7:
80:fe:95:07:9c:5f:7c:10:90:84:2d:c5:9c:3f:5c:
06:57:8b:8e:99:27:77:a4:f7:37:67:38:fd:aa:6e:
a0:4e:41:f5:6a:6f:49:2b:46:fb:24:6f:0d:95:2c:
94:7b:e6:28:b3:c3:48:a8:df:1f:31:c5:9c:89:aa:
fa:e4:0a:e0:c5:82:ee:0e:87:6a:42:e8:66:3f:12:
76:bc:30:57:6f:40:21:bd:44:7d:52:c1:63:3f:23:
6d:ba:14:ab:2a:db:3b:8b:86:77:56:b1:44:a4:33:
4c:31:12:fd:e8:0b:e7:b2:eb:ec:a9:1f:ed:83:c4:
ed:b8:bf:4b:21:d6:b6:6e:a0:13:62:68:6a:bb:54:
9e:50:cd:c5:79:65:60:6b:1b:e6:41:66:d0:0f:20:
1b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:83:BE:19:39:59:0B:75:80:99:B6:0D:6C:CD:CD:8F:17:9B:3F:F3
X509v3 Authority Key Identifier:
keyid:17:55:01:D9:3E:9B:2B:1A:4F:ED:30:8E:2A:E4:31:CC:27:7E:69:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/f4O-GTlZC3WAmbYNbM3NjxebP_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.49.128.0/17
Signature Algorithm: sha256WithRSAEncryption
66:52:5b:fa:99:9e:c9:38:b0:d9:61:19:6d:1d:37:45:24:02:
5e:be:32:39:77:b6:34:33:75:0a:6b:16:f3:52:86:73:a3:9b:
f2:03:7c:f0:cd:62:7a:94:18:87:d6:b8:6e:de:d4:2a:76:8a:
c1:46:42:73:93:a5:70:75:2c:4d:b7:5e:2b:89:15:cc:76:c5:
20:5c:6f:0e:02:85:44:ff:ac:1b:4c:dd:bd:8b:45:c9:9e:6e:
c2:bb:5f:94:56:28:4c:c3:ec:0d:52:3a:7f:38:10:8f:05:97:
49:76:a9:89:3b:44:95:08:5d:7f:b3:b6:ee:42:c5:e7:e0:7a:
35:c4:ca:01:71:99:10:13:b6:be:c7:68:d5:5c:14:67:50:0b:
00:34:08:5d:3d:83:ab:a3:b7:d2:38:0d:6a:4d:d5:21:b0:8b:
c2:38:25:24:36:a4:9f:c1:13:2f:ad:c1:14:32:bc:82:c9:72:
1d:7d:05:f1:ea:5f:bc:cf:a1:70:51:3f:24:d3:1a:1c:66:8b:
8f:62:47:09:21:ed:6a:99:2d:b7:50:08:ff:7f:cd:75:b9:33:
22:41:f5:86:36:a5:5e:05:88:31:db:aa:5d:87:01:8d:9e:65:
16:45:7c:1a:48:41:e8:dd:70:71:0e:49:87:d5:ac:f4:b7:cb:
21:ab:34:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZORPO9dAGqTJK5136Il4L8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTUwMWQ5M2U5YjJiMWE0ZmVkMzA4ZTJhZTQzMWNjMjc3
ZTY5ZTAwHhcNMjQxMjA0MTAzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjgzYmUxOTM5NTkwYjc1ODA5OWI2MGQ2Y2NkY2Q4ZjE3OWIzZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8E9qD/TC7mtUBtq+/E3OXHpKv4LI
sQZVB0mfhmk66AL637HBVcIkal1Ajl/AL445mBTSGjWQjEBxomt7CGWY7c09GDVa
Mc8KEODA63w++Dz4DaqofGJrW6/1wRu0hn8XgZqphhjsYueA/pUHnF98EJCELcWc
P1wGV4uOmSd3pPc3Zzj9qm6gTkH1am9JK0b7JG8NlSyUe+Yos8NIqN8fMcWciar6
5ArgxYLuDodqQuhmPxJ2vDBXb0AhvUR9UsFjPyNtuhSrKts7i4Z3VrFEpDNMMRL9
6AvnsuvsqR/tg8TtuL9LIda2bqATYmhqu1SeUM3FeWVgaxvmQWbQDyAb9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH+Dvhk5WQt1gJm2DWzNzY8Xmz/zMB8GA1UdIwQY
MBaAFBdVAdk+mysaT+0wjirkMcwnfmngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFVQjJUNmJLeHBQN1RDT0t1UXh6Q2QtYWVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNjgxOTEtODc4ZC00MjVjLTg5OTMt
MDliOTkwNWQ0MWRiLzEvZjRPLUdUbFpDM1dBbWJZTmJNM05qeGViUF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wNjgxOTEtODc4ZC00MjVjLTg5OTMtMDliOTkwNWQ0MWRi
LzEvRjFVQjJUNmJLeHBQN1RDT0t1UXh6Q2QtYWVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHpjGAMA0G
CSqGSIb3DQEBCwUAA4IBAQBmUlv6mZ7JOLDZYRltHTdFJAJevjI5d7Y0M3UKaxbz
UoZzo5vyA3zwzWJ6lBiH1rhu3tQqdorBRkJzk6VwdSxNt14riRXMdsUgXG8OAoVE
/6wbTN29i0XJnm7Cu1+UVihMw+wNUjp/OBCPBZdJdqmJO0SVCF1/s7buQsXn4Ho1
xMoBcZkQE7a+x2jVXBRnUAsANAhdPYOro7fSOA1qTdUhsIvCOCUkNqSfwRMvrcEU
MryCyXIdfQXx6l+8z6FwUT8k0xocZouPYkcJIe1qmS23UAj/f811uTMiQfWGNqVe
BYgx26pdhwGNnmUWRXwaSEHo3XBxDkmH1az0t8shqzTF
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:30:24 2024 by rpki-client on console-ams.rpki-client.org