Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/rhKH25KvOiagVH3dS3CjidhSqqI.roa
File: rhKH25KvOiagVH3dS3CjidhSqqI.roa (raw, json)
Hash identifier: QHUzThHtq38etnjZHSjVtfEZO1oVp+gm5hirL5UmP9A=
Subject key identifier: AE:12:87:DB:92:AF:3A:26:A0:54:7D:DD:4B:70:A3:89:D8:52:AA:A2
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CC4255C1754F278200B784C6970DA1442
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/rhKH25KvOiagVH3dS3CjidhSqqI.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149440
IP address blocks: 198.105.127.0/24 maxlen: 24
198.105.126.0/24 maxlen: 24
155.254.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5c:17:54:f2:78:20:0b:78:4c:69:70:da:14:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae1287db92af3a26a0547ddd4b70a389d852aaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1c:a5:bf:c4:fd:84:ea:c1:38:a6:d0:4d:49:
34:13:3b:b5:2d:5d:d5:d7:d5:e2:c0:b2:b2:cb:88:
7a:3c:f5:de:f8:dd:79:4d:0f:a4:6a:e1:a6:26:f8:
a0:36:62:9f:18:bf:2d:43:40:a2:62:b5:23:a0:9f:
b9:12:8a:40:b8:88:35:e4:74:7e:f1:c0:0d:12:19:
c8:b0:da:98:ac:ee:91:dc:cb:33:39:14:fe:c3:23:
66:f3:fe:76:69:3d:58:63:3a:ac:2c:eb:d2:19:36:
90:f8:f5:48:b6:39:c7:b4:b2:48:18:10:3c:35:00:
bb:54:df:f1:4b:ca:ff:c4:0c:f8:df:59:7a:2a:d3:
f1:88:f0:53:9d:23:00:8d:92:e2:7a:1a:3f:8b:0e:
3d:43:6b:23:50:81:53:37:6f:49:b5:33:bd:3e:c9:
be:c6:ea:a6:95:df:be:7e:27:55:cd:e3:84:59:3d:
c5:07:81:27:ed:de:36:4f:e5:6d:7c:ea:a2:24:4e:
ab:5d:10:cb:70:9b:3b:1c:9e:01:2e:90:6f:5a:a0:
ac:f3:03:84:85:4e:34:00:1f:fc:86:06:1b:10:3a:
3c:56:69:b8:eb:f4:bc:f9:17:ed:91:13:88:d8:2e:
1e:44:82:84:63:cd:90:34:fd:b0:d8:72:7b:e7:07:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:12:87:DB:92:AF:3A:26:A0:54:7D:DD:4B:70:A3:89:D8:52:AA:A2
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/rhKH25KvOiagVH3dS3CjidhSqqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.254.60.0/24
198.105.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:06:fe:87:ea:67:90:6e:37:31:2b:08:5f:48:fa:f2:2c:e1:
d6:76:41:5a:c6:41:16:15:9a:7b:fc:58:38:26:42:32:c7:dc:
ba:56:7f:ba:ca:98:42:e4:7c:1b:ab:4a:63:1d:8c:ea:6d:f7:
4c:7d:b3:00:34:f4:2a:5f:54:df:df:53:d2:4a:16:91:6d:10:
5e:db:8a:d3:7f:3a:1c:c6:7c:56:d3:d0:c1:aa:d8:03:0c:54:
53:6c:3f:94:3c:74:9e:eb:2d:d3:e3:43:dc:c8:3b:73:43:97:
a6:b3:19:53:74:46:5f:c4:22:ce:ef:b2:41:5c:cc:8f:97:5a:
45:13:dc:1f:ec:e7:da:f2:59:a8:d7:18:5a:eb:d1:d0:7e:7e:
ca:0e:f9:bf:8b:3a:35:ec:42:90:e2:e6:95:5f:e3:32:74:80:
a6:3a:60:19:94:0c:9f:7d:dc:5d:c5:c8:ce:c2:a7:c9:ab:e2:
b8:82:8b:69:99:fe:ac:a8:1b:8f:0b:53:5a:39:a1:ef:2f:73:
23:c9:c4:bd:0d:2d:ad:cb:88:0f:83:48:e1:de:c6:d1:33:0d:
f8:bf:39:d7:76:56:42:65:45:09:c8:5a:99:43:71:53:7d:a2:
ad:74:57:7c:d8:98:a1:c8:6d:de:ee:ba:58:1b:6a:61:7b:d6:
4f:3a:0b:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVwXVPJ4IAt4TGlw2hRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTEyODdkYjkyYWYzYTI2YTA1NDdkZGQ0YjcwYTM4OWQ4NTJhYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRylv8T9hOrBOKbQTUk0Ezu1LV3V
19XiwLKyy4h6PPXe+N15TQ+kauGmJvigNmKfGL8tQ0CiYrUjoJ+5EopAuIg15HR+
8cANEhnIsNqYrO6R3MszORT+wyNm8/52aT1YYzqsLOvSGTaQ+PVItjnHtLJIGBA8
NQC7VN/xS8r/xAz431l6KtPxiPBTnSMAjZLieho/iw49Q2sjUIFTN29JtTO9Psm+
xuqmld++fidVzeOEWT3FB4En7d42T+VtfOqiJE6rXRDLcJs7HJ4BLpBvWqCs8wOE
hU40AB/8hgYbEDo8Vmm46/S8+RftkROI2C4eRIKEY82QNP2w2HJ75weMswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4Sh9uSrzomoFR93Utwo4nYUqqiMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvcmhLSDI1S3ZPaWFnVkgzZFMzQ2ppZGhTcXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAm/48AwQB
xml+MA0GCSqGSIb3DQEBCwUAA4IBAQCgBv6H6meQbjcxKwhfSPryLOHWdkFaxkEW
FZp7/Fg4JkIyx9y6Vn+6yphC5Hwbq0pjHYzqbfdMfbMANPQqX1Tf31PSShaRbRBe
24rTfzocxnxW09DBqtgDDFRTbD+UPHSe6y3T40PcyDtzQ5emsxlTdEZfxCLO77JB
XMyPl1pFE9wf7Ofa8lmo1xha69HQfn7KDvm/izo17EKQ4uaVX+MydICmOmAZlAyf
fdxdxcjOwqfJq+K4gotpmf6sqBuPC1NaOaHvL3MjycS9DS2ty4gPg0jh3sbRMw34
vznXdlZCZUUJyFqZQ3FTfaKtdFd82JihyG3e7rpYG2phe9ZPOgvj
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:46 2024 by rpki-client on console-fra.rpki-client.org