Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/rMVLawcdXt-oCNx7M2nuMvZnIBk.roa
File: rMVLawcdXt-oCNx7M2nuMvZnIBk.roa (raw, json)
Hash identifier: oL5DexeWz7tqPtC2bFXfUvQ1daXxUAzsBZT++R2ng5Y=
Subject key identifier: AC:C5:4B:6B:07:1D:5E:DF:A8:08:DC:7B:33:69:EE:32:F6:67:20:19
Certificate issuer: /CN=7153b0294d3c8db15306ab109d506da74ae70979
Certificate serial: 018CC9BCF94E1ED156727E1A73653152029F
Authority key identifier: 71:53:B0:29:4D:3C:8D:B1:53:06:AB:10:9D:50:6D:A7:4A:E7:09:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cVOwKU08jbFTBqsQnVBtp0rnCXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/rMVLawcdXt-oCNx7M2nuMvZnIBk.roa
Signing time: Tue 02 Jan 2024 10:34:14 +0000
ROA not before: Tue 02 Jan 2024 10:34:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5470
IP address blocks: 155.207.0.0/16 maxlen: 16
192.104.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/cVOwKU08jbFTBqsQnVBtp0rnCXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/cVOwKU08jbFTBqsQnVBtp0rnCXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/cVOwKU08jbFTBqsQnVBtp0rnCXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f9:4e:1e:d1:56:72:7e:1a:73:65:31:52:02:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7153b0294d3c8db15306ab109d506da74ae70979
Validity
Not Before: Jan 2 10:34:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acc54b6b071d5edfa808dc7b3369ee32f6672019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e9:7b:6a:dd:93:bd:29:dd:5f:4e:85:40:b9:
51:54:03:b3:80:ff:36:33:0d:32:d9:45:65:cd:43:
71:64:52:57:48:71:49:3c:74:a5:69:57:bc:c6:bf:
6c:50:a0:ff:fd:3f:98:5d:13:85:82:da:d3:df:52:
9f:f0:d4:5c:1e:9d:10:d1:1e:1d:61:34:52:2c:4d:
5d:9b:7d:49:8f:c6:4d:ab:1b:34:3e:1d:c6:04:2a:
e9:74:72:02:3b:c4:29:ee:7f:31:5e:ce:49:2b:09:
cc:74:7e:cd:52:a3:c4:07:de:aa:a9:63:83:8b:7e:
64:18:7e:80:b8:cf:05:a9:3b:83:dd:8d:de:45:25:
1c:66:51:2e:c8:80:0d:a1:3e:c6:8b:68:6a:52:a5:
4d:6c:82:e4:6a:70:ae:f6:11:45:b6:85:4e:e1:ad:
90:b5:4c:c9:22:9d:7a:4b:44:72:70:7c:f3:fd:c9:
2c:47:8d:ab:00:09:71:55:16:9f:90:14:61:c7:a9:
d6:d3:6e:63:6a:5a:80:d3:76:eb:70:54:a2:ab:df:
80:4a:e1:dd:99:19:67:a5:52:ea:69:cd:72:2f:4d:
70:85:6c:88:b8:de:41:7d:c7:2a:f6:14:d4:c4:cd:
02:4e:ed:0b:5c:20:77:04:ca:dc:37:b0:39:be:c4:
a4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C5:4B:6B:07:1D:5E:DF:A8:08:DC:7B:33:69:EE:32:F6:67:20:19
X509v3 Authority Key Identifier:
keyid:71:53:B0:29:4D:3C:8D:B1:53:06:AB:10:9D:50:6D:A7:4A:E7:09:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVOwKU08jbFTBqsQnVBtp0rnCXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/rMVLawcdXt-oCNx7M2nuMvZnIBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/766e12-9a09-4553-8f62-2294cdda6a40/1/cVOwKU08jbFTBqsQnVBtp0rnCXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.207.0.0/16
192.104.147.0/24
Signature Algorithm: sha256WithRSAEncryption
42:39:df:9a:fa:01:3d:8c:83:ff:dd:23:d8:44:18:41:5e:84:
87:14:a8:e4:45:1e:4c:70:76:57:5b:c3:4b:df:66:1f:3e:13:
1f:d7:6e:07:16:28:81:e1:90:5f:1c:94:0f:80:08:d2:06:7d:
eb:bc:f2:02:a2:15:54:dd:00:32:36:67:4e:6e:5b:84:e6:99:
78:d4:75:22:76:da:48:76:d4:c6:31:a1:b2:c8:28:03:62:5b:
60:f7:ea:5b:ee:d3:00:91:fd:bf:bb:49:4c:f8:5f:af:2a:58:
d8:34:23:e5:fe:a8:e1:86:4c:db:31:41:0c:c1:02:a2:49:f2:
b8:06:d2:e1:91:3c:7f:8e:58:17:61:88:69:95:b4:4c:b4:bf:
c9:f8:f8:e0:ed:45:0c:3e:3a:51:ec:32:97:3e:cd:86:c5:ee:
af:63:88:d6:6e:c1:eb:bb:97:f8:42:d6:1c:da:41:6f:26:58:
7e:dc:ce:40:83:66:97:f1:49:27:0a:65:68:08:d5:22:18:64:
4f:0f:3f:5d:48:80:06:03:46:a7:c0:80:f0:01:80:39:51:57:
98:d2:a1:72:54:42:77:cd:6e:cb:5b:db:8c:db:14:58:f9:d0:
fe:85:60:c9:68:32:3b:c2:1d:be:62:91:96:d9:49:7f:72:af:
34:cb:b0:cd
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzJvPlOHtFWcn4ac2UxUgKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNTNiMDI5NGQzYzhkYjE1MzA2YWIxMDlkNTA2ZGE3NGFl
NzA5NzkwHhcNMjQwMTAyMTAzNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M1NGI2YjA3MWQ1ZWRmYTgwOGRjN2IzMzY5ZWUzMmY2NjcyMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOl7at2TvSndX06FQLlRVAOzgP82
Mw0y2UVlzUNxZFJXSHFJPHSlaVe8xr9sUKD//T+YXROFgtrT31Kf8NRcHp0Q0R4d
YTRSLE1dm31Jj8ZNqxs0Ph3GBCrpdHICO8Qp7n8xXs5JKwnMdH7NUqPEB96qqWOD
i35kGH6AuM8FqTuD3Y3eRSUcZlEuyIANoT7Gi2hqUqVNbILkanCu9hFFtoVO4a2Q
tUzJIp16S0RycHzz/cksR42rAAlxVRafkBRhx6nW025jalqA03brcFSiq9+ASuHd
mRlnpVLqac1yL01whWyIuN5Bfccq9hTUxM0CTu0LXCB3BMrcN7A5vsSkXwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKzFS2sHHV7fqAjcezNp7jL2ZyAZMB8GA1UdIwQY
MBaAFHFTsClNPI2xUwarEJ1QbadK5wl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1ZPd0tVMDhqYkZUQnFzUW5WQnRwMHJuQ1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83NjZlMTItOWEwOS00NTUzLThmNjIt
MjI5NGNkZGE2YTQwLzEvck1WTGF3Y2RYdC1vQ054N00ybnVNdlpuSUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83NjZlMTItOWEwOS00NTUzLThmNjItMjI5NGNkZGE2YTQw
LzEvY1ZPd0tVMDhqYkZUQnFzUW5WQnRwMHJuQ1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAm88DBADA
aJMwDQYJKoZIhvcNAQELBQADggEBAEI535r6AT2Mg//dI9hEGEFehIcUqORFHkxw
dldbw0vfZh8+Ex/XbgcWKIHhkF8clA+ACNIGfeu88gKiFVTdADI2Z05uW4TmmXjU
dSJ22kh21MYxobLIKANiW2D36lvu0wCR/b+7SUz4X68qWNg0I+X+qOGGTNsxQQzB
AqJJ8rgG0uGRPH+OWBdhiGmVtEy0v8n4+ODtRQw+OlHsMpc+zYbF7q9jiNZuweu7
l/hC1hzaQW8mWH7czkCDZpfxSScKZWgI1SIYZE8PP11IgAYDRqfAgPABgDlRV5jS
oXJUQnfNbstb24zbFFj50P6FYMloMjvCHb5ikZbZSX9yrzTLsM0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:04 2024 by rpki-client on console-ams.rpki-client.org