Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/uK1OjqhBL8SWIjv72uQYXPZHYRU.roa
File: uK1OjqhBL8SWIjv72uQYXPZHYRU.roa (raw, json)
Hash identifier: MGgxkZiBcFC12cihPls/oWLHcSoQDvjlpFNTGWc6ZyA=
Subject key identifier: B8:AD:4E:8E:A8:41:2F:C4:96:22:3B:FB:DA:E4:18:5C:F6:47:61:15
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 01910317EA3DA7551A185CE8650AA82F5269
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/uK1OjqhBL8SWIjv72uQYXPZHYRU.roa
Signing time: Tue 30 Jul 2024 10:03:04 +0000
ROA not before: Tue 30 Jul 2024 10:03:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132399
IP address blocks: 57.191.64.0/22 maxlen: 24
57.191.95.0/24 maxlen: 24
57.191.96.0/19 maxlen: 24
57.191.160.0/19 maxlen: 24
57.250.49.0/24 maxlen: 24
57.250.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:17:ea:3d:a7:55:1a:18:5c:e8:65:0a:a8:2f:52:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jul 30 10:03:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8ad4e8ea8412fc496223bfbdae4185cf6476115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:72:c9:0f:59:0e:54:ad:99:dd:13:5b:0b:b8:
fc:0d:ed:94:f8:8d:83:54:22:0d:e4:7b:84:9a:17:
93:31:4d:83:1a:ef:c8:cd:71:de:78:0d:e7:fc:c0:
ac:bd:28:83:47:46:f7:0c:d4:bb:e2:6b:53:1d:41:
44:07:74:3c:c7:62:4f:65:34:1f:9f:33:f3:01:0f:
a6:e3:17:af:ec:95:b6:af:8f:21:dc:46:42:1e:4b:
5c:65:bf:63:48:0b:17:f5:a1:bb:e0:09:cc:f3:98:
f5:c4:b3:16:85:e8:e7:77:99:f7:a1:57:5b:b6:14:
b6:6b:54:01:21:43:3d:7d:10:ee:ad:f0:df:dc:eb:
0f:de:c3:69:bc:2d:23:84:22:3a:7d:1c:a1:40:4b:
36:a3:b5:52:66:a0:a5:b1:c9:69:7f:87:25:ef:15:
27:8c:00:73:96:46:0b:84:25:20:44:78:f7:b8:db:
10:03:89:2e:fc:4a:e8:1d:0a:0a:dd:31:21:fb:2c:
1a:58:96:6e:d1:50:a9:62:45:6a:73:a7:da:4d:7c:
3a:54:d7:be:25:fc:a6:1e:c1:95:a9:61:ca:42:fc:
86:6e:13:ff:42:5d:39:4c:73:f6:3f:f2:14:e7:ae:
25:23:e4:78:9b:b2:1c:5c:d0:57:26:ab:cf:cc:34:
01:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AD:4E:8E:A8:41:2F:C4:96:22:3B:FB:DA:E4:18:5C:F6:47:61:15
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/uK1OjqhBL8SWIjv72uQYXPZHYRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.64.0/22
57.191.95.0-57.191.127.255
57.191.160.0/19
57.250.49.0/24
57.250.51.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:99:82:7d:49:14:d6:d2:d4:a7:e0:7f:7f:b8:af:1c:b1:e5:
11:5c:87:62:e8:ee:25:c7:20:8d:30:17:3c:96:4d:a5:60:af:
4a:b5:a5:15:44:2a:c8:16:d1:17:e0:b7:cb:a2:51:75:78:8c:
a3:9e:bd:d3:65:83:f0:19:9b:71:cf:72:23:65:c2:e4:d3:5b:
97:2e:be:53:90:e1:7e:33:5d:c0:52:5e:83:32:a7:98:f0:a9:
99:bf:18:74:dc:b2:13:d1:5d:35:89:12:00:b3:b2:58:71:da:
f8:08:01:81:bd:cb:e5:5c:05:1f:9a:3e:5b:26:1a:eb:28:77:
17:df:79:73:e7:e8:44:17:0a:8d:d8:40:cb:e3:90:37:03:07:
c4:fa:d3:ef:23:ea:88:62:a7:e0:02:a3:93:f3:78:69:06:f4:
52:8a:58:db:e6:8a:cd:8b:26:4d:7a:2b:50:94:1c:4e:84:16:
0f:fa:7c:a8:1d:ec:4f:1f:c7:f1:d2:80:f8:31:2d:27:fd:1e:
8e:fc:97:4b:3e:0d:f8:d9:d8:05:0a:70:f2:b1:e3:f5:fb:17:
b7:2e:ce:e3:73:a7:d7:df:99:43:60:46:51:70:09:aa:ed:5d:
1e:08:b9:05:50:1e:a1:f5:81:19:dc:d9:b8:6b:e1:97:8d:3a:
6f:9b:ae:37
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEDF+o9p1UaGFzoZQqoL1JpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwNzMwMTAwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFkNGU4ZWE4NDEyZmM0OTYyMjNiZmJkYWU0MTg1Y2Y2NDc2MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nLJD1kOVK2Z3RNbC7j8De2U+I2D
VCIN5HuEmheTMU2DGu/IzXHeeA3n/MCsvSiDR0b3DNS74mtTHUFEB3Q8x2JPZTQf
nzPzAQ+m4xev7JW2r48h3EZCHktcZb9jSAsX9aG74AnM85j1xLMWhejnd5n3oVdb
thS2a1QBIUM9fRDurfDf3OsP3sNpvC0jhCI6fRyhQEs2o7VSZqClsclpf4cl7xUn
jABzlkYLhCUgRHj3uNsQA4ku/EroHQoK3TEh+ywaWJZu0VCpYkVqc6faTXw6VNe+
JfymHsGVqWHKQvyGbhP/Ql05THP2P/IU564lI+R4m7IcXNBXJqvPzDQB0QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLitTo6oQS/EliI7+9rkGFz2R2EVMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvdUsxT2pxaEJMOFNXSWp2NzJ1UVlYUFpIWVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCOb9AMAwD
BAA5v18DBAc5vwADBAU5v6ADBAA5+jEDBAA5+jMwDQYJKoZIhvcNAQELBQADggEB
ALaZgn1JFNbS1Kfgf3+4rxyx5RFch2Lo7iXHII0wFzyWTaVgr0q1pRVEKsgW0Rfg
t8uiUXV4jKOevdNlg/AZm3HPciNlwuTTW5cuvlOQ4X4zXcBSXoMyp5jwqZm/GHTc
shPRXTWJEgCzslhx2vgIAYG9y+VcBR+aPlsmGusodxffeXPn6EQXCo3YQMvjkDcD
B8T60+8j6ohip+ACo5PzeGkG9FKKWNvmis2LJk16K1CUHE6EFg/6fKgd7E8fx/HS
gPgxLSf9Ho78l0s+DfjZ2AUKcPKx4/X7F7cuzuNzp9ffmUNgRlFwCartXR4IuQVQ
HqH1gRnc2bhr4ZeNOm+brjc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:20 2024 by rpki-client on console-fra.rpki-client.org