Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ABZQJf7mDAkYLxryaCtg0RWZaCI.roa
File: ABZQJf7mDAkYLxryaCtg0RWZaCI.roa (raw, json)
Hash identifier: /KuYonm5DZaQOzvHrbggq8k83H2JZU+Iu4gn++HBdI4=
Subject key identifier: 00:16:50:25:FE:E6:0C:09:18:2F:1A:F2:68:2B:60:D1:15:99:68:22
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018CC72765DC5EAFD2F9BF97972E4E9C8413
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ABZQJf7mDAkYLxryaCtg0RWZaCI.roa
Signing time: Mon 01 Jan 2024 22:31:37 +0000
ROA not before: Mon 01 Jan 2024 22:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51277
IP address blocks: 94.42.132.0/24 maxlen: 24
78.133.153.0/24 maxlen: 24
78.133.170.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:65:dc:5e:af:d2:f9:bf:97:97:2e:4e:9c:84:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 22:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00165025fee60c09182f1af2682b60d115996822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:14:a2:5a:ba:c9:ff:0e:d9:56:08:87:5e:
8d:bb:c1:19:22:6b:79:b5:65:eb:65:3c:f6:1e:45:
63:a6:9c:5d:6b:1b:a3:a9:8a:0b:3d:b9:c4:68:e7:
83:43:4e:c9:ca:e2:e3:2a:c8:bb:7c:54:08:e5:9d:
50:fb:e3:e3:ea:a5:e4:74:33:b9:b0:72:6d:d2:f4:
af:79:20:21:ea:90:4e:46:0a:52:4e:2d:a5:5e:4c:
52:44:5f:5d:e4:d8:24:88:a8:eb:ea:13:72:9d:00:
68:32:7f:e6:4e:de:3b:ae:c2:98:fc:96:02:b5:cb:
a9:64:b4:5b:97:02:6c:a6:67:98:af:dd:45:89:73:
ee:1a:09:44:88:43:aa:6c:2d:4d:d3:15:88:f8:2d:
2a:a7:32:42:5d:65:44:58:a2:a4:90:36:25:53:59:
b0:6f:8d:65:1a:26:e1:97:16:68:cc:01:01:22:ec:
86:a1:d8:42:b2:de:28:b1:88:a3:23:7f:e9:64:06:
61:64:bb:de:2d:9a:dd:50:65:a2:7e:d8:17:e6:ab:
f3:fb:3e:e8:e7:57:75:3f:e3:c9:21:0e:98:7f:7d:
97:7b:1d:6e:bf:e1:bb:b3:93:9b:b6:44:e0:3b:c7:
86:7d:29:64:61:7e:df:9d:c9:c8:cb:4f:60:ae:e3:
4a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:16:50:25:FE:E6:0C:09:18:2F:1A:F2:68:2B:60:D1:15:99:68:22
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ABZQJf7mDAkYLxryaCtg0RWZaCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.153.0/24
78.133.170.0/23
94.42.132.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:31:18:64:5a:99:f4:16:ea:41:49:a4:11:da:e2:d6:8b:8c:
4f:a4:54:af:67:18:16:e6:dc:b4:fe:d3:82:20:c1:fe:71:8c:
39:05:64:03:4e:f9:77:29:e5:c5:01:45:fe:8b:d9:6f:8d:8d:
42:6c:c5:8c:67:fa:2c:fc:51:d1:c4:c3:fb:b3:54:e6:3d:3c:
e7:48:46:8f:8a:82:95:0a:2d:ab:ba:9f:08:dc:76:85:ab:13:
d2:f5:87:5a:67:c2:09:c8:35:66:d1:e2:a7:eb:1d:30:cb:0e:
83:70:67:15:df:cb:08:7f:a0:c7:e6:d4:76:e9:72:9c:e4:f5:
47:bc:bf:7c:72:24:18:3f:94:6d:50:fc:02:3d:83:f2:58:0c:
73:9b:05:87:9b:d9:bf:37:4f:1c:4a:67:74:2b:da:3f:e8:d1:
04:a7:d7:2a:52:77:e3:01:61:b9:c0:ef:15:db:a2:af:83:f7:
4b:3e:4f:f2:91:2a:23:03:94:41:24:30:73:bc:53:48:cd:8f:
4c:09:47:7f:06:87:a6:ec:28:3d:7a:cb:f7:90:d3:a9:55:84:
59:00:a7:b3:50:28:bb:8c:7e:31:ed:e0:ea:81:c3:de:1a:d6:
ef:c8:e6:18:54:03:d3:9a:01:51:08:95:cd:3a:d8:73:49:a0:
76:75:f6:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJ2XcXq/S+b+Xly5OnIQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE2NTAyNWZlZTYwYzA5MTgyZjFhZjI2ODJiNjBkMTE1OTk2ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr4Uolq6yf8O2VYIh16Nu8EZImt5
tWXrZTz2HkVjppxdaxujqYoLPbnEaOeDQ07JyuLjKsi7fFQI5Z1Q++Pj6qXkdDO5
sHJt0vSveSAh6pBORgpSTi2lXkxSRF9d5NgkiKjr6hNynQBoMn/mTt47rsKY/JYC
tcupZLRblwJspmeYr91FiXPuGglEiEOqbC1N0xWI+C0qpzJCXWVEWKKkkDYlU1mw
b41lGibhlxZozAEBIuyGodhCst4osYijI3/pZAZhZLveLZrdUGWiftgX5qvz+z7o
51d1P+PJIQ6Yf32Xex1uv+G7s5ObtkTgO8eGfSlkYX7fncnIy09gruNKSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAAWUCX+5gwJGC8a8mgrYNEVmWgiMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvQUJaUUpmN21EQWtZTHhyeWFDdGcwUldaYUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAToWZAwQB
ToWqAwQAXiqEMA0GCSqGSIb3DQEBCwUAA4IBAQB8MRhkWpn0FupBSaQR2uLWi4xP
pFSvZxgW5ty0/tOCIMH+cYw5BWQDTvl3KeXFAUX+i9lvjY1CbMWMZ/os/FHRxMP7
s1TmPTznSEaPioKVCi2rup8I3HaFqxPS9YdaZ8IJyDVm0eKn6x0wyw6DcGcV38sI
f6DH5tR26XKc5PVHvL98ciQYP5RtUPwCPYPyWAxzmwWHm9m/N08cSmd0K9o/6NEE
p9cqUnfjAWG5wO8V26Kvg/dLPk/ykSojA5RBJDBzvFNIzY9MCUd/Boem7Cg9esv3
kNOpVYRZAKezUCi7jH4x7eDqgcPeGtbvyOYYVAPTmgFRCJXNOthzSaB2dfZP
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:44 2024 by rpki-client on console-fra.rpki-client.org