Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/D2Uq83wKts-XekegUv_UOul35WY.roa
File: D2Uq83wKts-XekegUv_UOul35WY.roa (raw, json)
Hash identifier: eUBLf5xddO/u+0pxESNZxCQdCXxRqZ6lJOJL0PB+eYM=
Subject key identifier: 0F:65:2A:F3:7C:0A:B6:CF:97:7A:47:A0:52:FF:D4:3A:E9:77:E5:66
Certificate issuer: /CN=9256db3487b4c5bacb300177057cf3174cf77477
Certificate serial: 018CC8DED2A188D87DC24E3322C0D45D289A
Authority key identifier: 92:56:DB:34:87:B4:C5:BA:CB:30:01:77:05:7C:F3:17:4C:F7:74:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/D2Uq83wKts-XekegUv_UOul35WY.roa
Signing time: Tue 02 Jan 2024 06:31:35 +0000
ROA not before: Tue 02 Jan 2024 06:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41847
IP address blocks: 178.251.179.0/24 maxlen: 24
178.251.180.0/24 maxlen: 24
178.251.182.0/24 maxlen: 24
178.251.181.0/24 maxlen: 24
178.251.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d2:a1:88:d8:7d:c2:4e:33:22:c0:d4:5d:28:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256db3487b4c5bacb300177057cf3174cf77477
Validity
Not Before: Jan 2 06:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f652af37c0ab6cf977a47a052ffd43ae977e566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ea:6a:00:8b:df:c2:03:ff:8a:70:e7:1f:9c:
f4:bf:72:fa:37:b1:c6:9a:fe:4f:b1:63:ff:eb:d9:
60:02:65:98:05:d3:2e:8b:81:de:64:4a:a5:4a:5b:
39:54:12:0f:22:3c:5b:06:3e:67:6a:d2:1c:6c:36:
8e:65:78:f9:8c:b8:89:cc:1b:16:f1:c2:a8:d8:3a:
a9:56:7d:0a:95:f3:63:2a:09:09:a5:f6:de:d4:bd:
4c:5c:a4:b2:96:06:bb:19:af:95:73:7d:ed:b0:5c:
60:3e:b2:ea:33:ca:63:c0:30:18:5e:12:10:dd:27:
17:80:75:ba:dc:dd:50:8c:4c:56:c5:ba:52:1c:c5:
bb:95:a8:6b:31:d6:d1:6a:f2:24:57:2f:66:ba:48:
ed:40:0d:11:71:d9:52:db:51:25:74:b0:80:f5:bf:
49:80:56:77:49:b8:76:68:ba:bf:62:58:9b:f7:ae:
29:eb:88:51:f3:15:70:b8:96:02:3d:72:62:80:86:
0c:f9:d6:47:58:76:ee:02:a5:24:73:41:ba:cf:67:
41:e4:b1:ff:4f:3e:e0:47:9a:26:02:7b:5a:ed:f7:
21:f8:b4:56:66:69:6c:ef:6b:32:f9:b0:bc:ec:ec:
fb:42:7f:16:0a:e9:b7:90:70:9f:f9:84:48:22:e4:
79:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:65:2A:F3:7C:0A:B6:CF:97:7A:47:A0:52:FF:D4:3A:E9:77:E5:66
X509v3 Authority Key Identifier:
keyid:92:56:DB:34:87:B4:C5:BA:CB:30:01:77:05:7C:F3:17:4C:F7:74:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbbNIe0xbrLMAF3BXzzF0z3dHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/D2Uq83wKts-XekegUv_UOul35WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7b45b9-990b-4614-a64e-0f52ea5229fc/1/klbbNIe0xbrLMAF3BXzzF0z3dHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.179.0-178.251.183.255
Signature Algorithm: sha256WithRSAEncryption
0c:9d:82:da:2c:e5:e7:fd:09:df:bc:39:21:c8:f3:d0:b2:e5:
0c:63:bd:5e:4c:bf:fa:4a:25:a1:cc:7b:a0:61:ce:5f:20:ec:
3d:80:1e:89:1a:b5:e2:2f:a8:5c:70:ed:97:8f:e1:0b:b0:e2:
65:21:ed:f0:ee:e2:f0:a4:22:34:14:64:1c:b6:fd:fb:8e:ef:
83:9d:cd:fe:3f:6b:c6:57:51:be:8d:53:08:55:c7:80:a3:ea:
ac:bb:90:3c:8d:13:89:1a:93:45:72:31:38:de:ee:09:15:4c:
52:a7:02:15:a6:cc:8e:a4:03:bd:39:8e:1a:e8:e8:77:09:42:
55:30:7f:58:1d:7c:6d:d4:25:81:2b:f0:65:72:14:18:2b:94:
c1:f3:33:e2:94:8d:19:80:ee:94:77:a1:b1:19:c5:bf:e0:2e:
da:4e:6f:22:3c:51:0a:68:00:25:4e:d3:ab:27:76:42:09:e2:
93:87:8c:04:33:1e:a5:dd:44:6e:8c:24:2b:fe:10:90:c5:db:
dc:29:b3:8c:70:4c:e6:68:86:b9:93:b9:bd:bc:7e:94:7c:f1:
f3:8b:64:0a:24:b1:40:8c:24:71:0b:88:31:e5:89:e6:8a:5f:
7b:90:32:b7:36:09:a0:8e:9f:fd:69:44:6a:ee:03:b7:3d:c5:
4b:0d:d0:71
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI3tKhiNh9wk4zIsDUXSiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTZkYjM0ODdiNGM1YmFjYjMwMDE3NzA1N2NmMzE3NGNm
Nzc0NzcwHhcNMjQwMTAyMDYzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY1MmFmMzdjMGFiNmNmOTc3YTQ3YTA1MmZmZDQzYWU5NzdlNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+pqAIvfwgP/inDnH5z0v3L6N7HG
mv5PsWP/69lgAmWYBdMui4HeZEqlSls5VBIPIjxbBj5natIcbDaOZXj5jLiJzBsW
8cKo2DqpVn0KlfNjKgkJpfbe1L1MXKSylga7Ga+Vc33tsFxgPrLqM8pjwDAYXhIQ
3ScXgHW63N1QjExWxbpSHMW7lahrMdbRavIkVy9mukjtQA0RcdlS21EldLCA9b9J
gFZ3Sbh2aLq/Ylib964p64hR8xVwuJYCPXJigIYM+dZHWHbuAqUkc0G6z2dB5LH/
Tz7gR5omAnta7fch+LRWZmls72sy+bC87Oz7Qn8WCum3kHCf+YRIIuR5KQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA9lKvN8CrbPl3pHoFL/1Drpd+VmMB8GA1UdIwQY
MBaAFJJW2zSHtMW6yzABdwV88xdM93R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xiYk5JZTB4YnJMTUFGM0JYenpGMHozZEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83YjQ1YjktOTkwYi00NjE0LWE2NGUt
MGY1MmVhNTIyOWZjLzEvRDJVcTgzd0t0cy1YZWtlZ1V2X1VPdWwzNVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83YjQ1YjktOTkwYi00NjE0LWE2NGUtMGY1MmVhNTIyOWZj
LzEva2xiYk5JZTB4YnJMTUFGM0JYenpGMHozZEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACy+7MD
BAOy+7AwDQYJKoZIhvcNAQELBQADggEBAAydgtos5ef9Cd+8OSHI89Cy5QxjvV5M
v/pKJaHMe6Bhzl8g7D2AHokateIvqFxw7ZeP4Quw4mUh7fDu4vCkIjQUZBy2/fuO
74Odzf4/a8ZXUb6NUwhVx4Cj6qy7kDyNE4kak0VyMTje7gkVTFKnAhWmzI6kA705
jhro6HcJQlUwf1gdfG3UJYEr8GVyFBgrlMHzM+KUjRmA7pR3obEZxb/gLtpObyI8
UQpoACVO06sndkIJ4pOHjAQzHqXdRG6MJCv+EJDF29wps4xwTOZohrmTub28fpR8
8fOLZAoksUCMJHELiDHlieaKX3uQMrc2CaCOn/1pRGruA7c9xUsN0HE=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:21 2024 by rpki-client on console-ams.rpki-client.org