Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/nO87UM6XQyW8FbdAMS6qdYCedjc.roa
File: nO87UM6XQyW8FbdAMS6qdYCedjc.roa (raw, json)
Hash identifier: Z5c2Nn/AP59h4CubpozQndrkIb7d+GCr0FqteK/fggs=
Subject key identifier: 9C:EF:3B:50:CE:97:43:25:BC:15:B7:40:31:2E:AA:75:80:9E:76:37
Certificate issuer: /CN=7a91b34153da0d5d121cff43259fcd9e3dbfc7d4
Certificate serial: 018CC6B8726E27D1A368F2FD042F0160A5FD
Authority key identifier: 7A:91:B3:41:53:DA:0D:5D:12:1C:FF:43:25:9F:CD:9E:3D:BF:C7:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/nO87UM6XQyW8FbdAMS6qdYCedjc.roa
Signing time: Mon 01 Jan 2024 20:30:25 +0000
ROA not before: Mon 01 Jan 2024 20:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.154.150.0/23 maxlen: 23
2a14:3b00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:72:6e:27:d1:a3:68:f2:fd:04:2f:01:60:a5:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a91b34153da0d5d121cff43259fcd9e3dbfc7d4
Validity
Not Before: Jan 1 20:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cef3b50ce974325bc15b740312eaa75809e7637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:89:56:1f:3a:89:6d:7e:b1:ca:26:a0:f1:69:
80:82:d0:fe:46:8b:9e:fb:02:cc:8d:c3:73:b2:2e:
6e:fd:b3:d3:46:bf:f7:c7:d7:4c:06:fd:25:6d:09:
db:0b:e8:96:cb:64:44:fb:fe:0d:6d:88:33:77:d3:
78:82:08:37:f0:fe:5e:2b:71:06:43:24:8c:b9:24:
5c:49:e8:b6:45:60:d4:66:66:2f:97:cd:66:0e:b5:
bd:59:ce:a0:b3:f0:3d:24:73:53:14:5f:55:a5:45:
92:f1:ef:06:de:b6:b3:95:8e:45:01:b7:ba:a5:db:
25:e7:15:0e:37:48:dc:c0:50:96:d8:95:10:a5:bd:
7d:e0:a5:ef:bc:bd:bd:57:8a:e3:f0:eb:e3:73:04:
c2:47:ea:ef:24:3f:c5:28:f7:68:02:0f:ab:cc:c9:
0d:09:f1:b9:ee:fa:6d:5b:73:e9:5f:9b:d1:21:b4:
58:49:ca:13:a2:7e:15:02:bb:60:6b:7f:24:7b:80:
de:c4:36:bc:30:03:cf:62:59:cc:95:15:16:4f:f6:
91:d5:cb:fb:b2:ff:b0:25:ca:f7:23:09:02:aa:cf:
82:1a:13:dc:37:9e:29:ae:ee:83:7a:5f:cd:e4:2b:
ff:a6:cc:81:c9:92:57:d5:1e:58:68:18:b0:9b:58:
7a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:EF:3B:50:CE:97:43:25:BC:15:B7:40:31:2E:AA:75:80:9E:76:37
X509v3 Authority Key Identifier:
keyid:7A:91:B3:41:53:DA:0D:5D:12:1C:FF:43:25:9F:CD:9E:3D:BF:C7:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/nO87UM6XQyW8FbdAMS6qdYCedjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.150.0/23
IPv6:
2a14:3b00:1::/48
Signature Algorithm: sha256WithRSAEncryption
5e:09:d2:50:f7:56:71:ae:40:d5:7f:d5:0e:ed:34:c4:0f:ef:
3f:13:5f:55:1f:48:0d:95:70:52:b8:19:81:84:d1:0e:b0:57:
53:c8:74:cf:1e:99:0b:51:f7:9d:f3:28:f6:f9:cd:e7:4a:74:
63:81:d8:80:76:44:42:ce:49:87:78:c9:32:d9:4f:29:94:73:
8a:f7:b9:7a:b2:45:bd:4f:0d:55:82:84:ec:cc:fa:69:56:46:
f6:08:6d:9a:9b:66:f7:b2:c2:d7:ab:35:2b:88:f1:90:44:f6:
f3:b4:ca:e5:12:3e:5f:f6:19:73:ea:a4:93:82:2b:9e:fe:ce:
ca:ae:31:48:89:cb:ad:bb:45:50:87:77:e6:d0:56:2b:cd:a8:
98:c6:72:15:bf:2b:ff:cc:00:e7:04:60:59:a8:fa:fa:a5:92:
9f:eb:3a:f6:90:92:2e:94:54:b3:7f:bb:77:3f:2f:51:71:40:
6a:a9:bd:cf:b3:16:07:0b:5e:87:ad:ae:a9:e3:f4:9d:17:25:
5c:19:9c:89:18:61:48:8e:94:0f:a2:04:c8:b7:3a:72:a6:e4:
0b:b0:ad:fd:31:54:c8:a6:b1:1a:5f:ea:9e:a3:f5:c8:fa:58:
6e:45:43:09:9f:1b:25:e5:4b:1a:2a:d6:82:fb:ff:9f:a6:64:
32:5d:eb:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuHJuJ9GjaPL9BC8BYKX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFiMzQxNTNkYTBkNWQxMjFjZmY0MzI1OWZjZDllM2Ri
ZmM3ZDQwHhcNMjQwMTAxMjAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2VmM2I1MGNlOTc0MzI1YmMxNWI3NDAzMTJlYWE3NTgwOWU3NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmolWHzqJbX6xyiag8WmAgtD+Roue
+wLMjcNzsi5u/bPTRr/3x9dMBv0lbQnbC+iWy2RE+/4NbYgzd9N4ggg38P5eK3EG
QySMuSRcSei2RWDUZmYvl81mDrW9Wc6gs/A9JHNTFF9VpUWS8e8G3razlY5FAbe6
pdsl5xUON0jcwFCW2JUQpb194KXvvL29V4rj8OvjcwTCR+rvJD/FKPdoAg+rzMkN
CfG57vptW3PpX5vRIbRYScoTon4VArtga38ke4DexDa8MAPPYlnMlRUWT/aR1cv7
sv+wJcr3IwkCqs+CGhPcN54pru6Del/N5Cv/psyByZJX1R5YaBiwm1h61wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJzvO1DOl0MlvBW3QDEuqnWAnnY3MB8GA1UdIwQY
MBaAFHqRs0FT2g1dEhz/QyWfzZ49v8fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBHelFWUGFEVjBTSFA5REpaX05uajJfeDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81M2Y2NTItMDFiMS00MmYyLTg1ZTkt
NGRjYjIzZmRiMDZhLzEvbk84N1VNNlhReVc4RmJkQU1TNnFkWUNlZGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81M2Y2NTItMDFiMS00MmYyLTg1ZTktNGRjYjIzZmRiMDZh
LzEvZXBHelFWUGFEVjBTSFA5REpaX05uajJfeDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZqWMA8E
AgACMAkDBwAqFDsAAAEwDQYJKoZIhvcNAQELBQADggEBAF4J0lD3VnGuQNV/1Q7t
NMQP7z8TX1UfSA2VcFK4GYGE0Q6wV1PIdM8emQtR953zKPb5zedKdGOB2IB2RELO
SYd4yTLZTymUc4r3uXqyRb1PDVWChOzM+mlWRvYIbZqbZveywterNSuI8ZBE9vO0
yuUSPl/2GXPqpJOCK57+zsquMUiJy627RVCHd+bQVivNqJjGchW/K//MAOcEYFmo
+vqlkp/rOvaQki6UVLN/u3c/L1FxQGqpvc+zFgcLXoetrqnj9J0XJVwZnIkYYUiO
lA+iBMi3OnKm5Auwrf0xVMimsRpf6p6j9cj6WG5FQwmfGyXlSxoq1oL7/5+mZDJd
6zE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:07 2024 by rpki-client on console-ams.rpki-client.org