Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/1zpbdKemaXJx3w1D0-4tCNIAPc4.roa
File: 1zpbdKemaXJx3w1D0-4tCNIAPc4.roa (raw, json)
Hash identifier: OKzwLNQNQwINYdmS0k4onK8RiVtOZJfBQO/3JTaYmug=
Subject key identifier: D7:3A:5B:74:A7:A6:69:72:71:DF:0D:43:D3:EE:2D:08:D2:00:3D:CE
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 018CC50039A8535069C0D012D29570A58998
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/1zpbdKemaXJx3w1D0-4tCNIAPc4.roa
Signing time: Mon 01 Jan 2024 12:29:35 +0000
ROA not before: Mon 01 Jan 2024 12:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23764
IP address blocks: 147.78.135.0/24 maxlen: 24
147.78.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:39:a8:53:50:69:c0:d0:12:d2:95:70:a5:89:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 1 12:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d73a5b74a7a6697271df0d43d3ee2d08d2003dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:25:ab:30:4d:3c:fe:3f:54:4e:01:00:cf:c9:
1e:ce:ee:35:7b:1a:49:27:93:60:43:7f:86:6f:ea:
91:f4:10:0f:0e:84:85:ce:bc:8b:a9:85:41:9d:a7:
8e:9b:0e:b5:81:db:87:c9:a0:f9:db:95:4b:52:7a:
5e:c5:46:84:b6:f4:ed:a3:6c:e4:ba:9b:49:74:51:
25:df:1b:8b:40:b0:73:e3:6c:60:4d:24:fd:72:33:
c6:f8:fc:46:24:85:82:44:b3:09:3a:78:13:27:5e:
a4:90:ed:f5:b4:46:20:ab:6c:42:07:0b:87:52:98:
de:3b:fd:c2:08:d9:3c:cd:03:7e:74:b3:fc:5d:d0:
6f:71:a5:c3:f8:58:78:59:65:41:83:0d:13:18:87:
e6:dd:ba:01:bf:97:ae:3b:38:2d:a3:b7:04:81:52:
3e:68:84:ca:04:1b:49:c9:27:dc:61:9b:f9:83:54:
ab:0a:e8:01:43:30:2f:e5:64:ed:d0:20:81:30:c5:
b0:52:c6:30:dc:04:6b:44:30:90:05:d8:2b:cc:1b:
e7:54:4e:27:bb:19:8a:cf:a9:bf:76:ea:c3:be:99:
79:2a:6b:37:e7:7f:f7:3a:dc:2d:76:0f:bc:a8:15:
3d:ae:0d:45:88:2e:14:9b:0c:be:fa:56:5f:f6:43:
72:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3A:5B:74:A7:A6:69:72:71:DF:0D:43:D3:EE:2D:08:D2:00:3D:CE
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/1zpbdKemaXJx3w1D0-4tCNIAPc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.133.0/24
147.78.135.0/24
Signature Algorithm: sha256WithRSAEncryption
71:f0:70:26:a7:35:8b:23:c7:a1:6c:00:ac:e1:6a:3e:ce:de:
b1:cc:46:4d:76:8b:f5:67:30:bd:cb:46:39:7a:61:bf:10:a0:
0b:82:60:c2:5a:23:d0:e5:55:91:12:08:e9:a4:f5:bc:3e:9a:
5a:cc:2c:db:ce:65:c0:48:30:73:d5:cc:b6:80:48:74:a7:b1:
50:b5:ed:06:51:40:b0:85:ef:b8:ec:29:c2:33:f3:1d:a1:55:
e8:f4:62:6e:2b:12:79:cd:c5:70:06:1e:7c:e2:b0:b8:05:31:
82:8d:40:10:65:1b:91:7d:b0:d9:26:6f:8f:79:43:3a:df:9a:
30:84:3b:d4:ab:fb:a5:06:aa:51:56:96:53:72:42:0c:bd:58:
38:06:19:1e:a4:9d:0b:68:97:f1:94:37:5a:4a:d5:2f:2d:fc:
1b:aa:e6:66:6c:86:54:5f:2a:02:ca:95:f2:1d:2a:29:c4:03:
31:fd:52:e5:c0:b1:a1:d4:d9:aa:29:ba:81:3a:1a:0b:1e:58:
3c:94:c3:a8:00:45:25:3e:4e:39:eb:01:ee:17:79:be:93:07:
57:87:70:47:f3:b7:fa:bd:11:4d:49:3d:9b:63:db:51:bf:fa:
74:49:4d:72:d8:60:98:70:11:78:d5:b8:31:3a:dc:eb:a5:93:
28:5d:88:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFADmoU1BpwNAS0pVwpYmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjdjMjBiNTVhNDcwZGFiODkyZjRjOTFlYTAwMTBiZDFj
MzlmMzQwHhcNMjQwMTAxMTIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNhNWI3NGE3YTY2OTcyNzFkZjBkNDNkM2VlMmQwOGQyMDAzZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiWrME08/j9UTgEAz8kezu41expJ
J5NgQ3+Gb+qR9BAPDoSFzryLqYVBnaeOmw61gduHyaD525VLUnpexUaEtvTto2zk
uptJdFEl3xuLQLBz42xgTST9cjPG+PxGJIWCRLMJOngTJ16kkO31tEYgq2xCBwuH
UpjeO/3CCNk8zQN+dLP8XdBvcaXD+Fh4WWVBgw0TGIfm3boBv5euOzgto7cEgVI+
aITKBBtJySfcYZv5g1SrCugBQzAv5WTt0CCBMMWwUsYw3ARrRDCQBdgrzBvnVE4n
uxmKz6m/durDvpl5Kms353/3Otwtdg+8qBU9rg1FiC4Umwy++lZf9kNy5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNc6W3Snpmlycd8NQ9PuLQjSAD3OMB8GA1UdIwQY
MBaAFMu3wgtVpHDauJL0yR6gAQvRw580MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgt
MjU2MzM5NzM2YzJiLzEvMXpwYmRLZW1hWEp4M3cxRDAtNHRDTklBUGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgtMjU2MzM5NzM2YzJi
LzEveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk06FAwQA
k06HMA0GCSqGSIb3DQEBCwUAA4IBAQBx8HAmpzWLI8ehbACs4Wo+zt6xzEZNdov1
ZzC9y0Y5emG/EKALgmDCWiPQ5VWREgjppPW8PppazCzbzmXASDBz1cy2gEh0p7FQ
te0GUUCwhe+47CnCM/MdoVXo9GJuKxJ5zcVwBh584rC4BTGCjUAQZRuRfbDZJm+P
eUM635owhDvUq/ulBqpRVpZTckIMvVg4BhkepJ0LaJfxlDdaStUvLfwbquZmbIZU
XyoCypXyHSopxAMx/VLlwLGh1NmqKbqBOhoLHlg8lMOoAEUlPk456wHuF3m+kwdX
h3BH87f6vRFNST2bY9tRv/p0SU1y2GCYcBF41bgxOtzrpZMoXYi8
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:27:56 2024 by rpki-client on console-ams.rpki-client.org