Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/F4UAcLu77dxdPsd5CIei_M9iQ7Y.roa
File: F4UAcLu77dxdPsd5CIei_M9iQ7Y.roa (raw, json)
Hash identifier: FkmwwxCY9gUgkeWXORWOwEiTkBjJodOqILbYdy/3G1k=
Subject key identifier: 17:85:00:70:BB:BB:ED:DC:5D:3E:C7:79:08:87:A2:FC:CF:62:43:B6
Certificate issuer: /CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Certificate serial: 01927B267A857BFAA27531F2869E97818CBD
Authority key identifier: 04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/F4UAcLu77dxdPsd5CIei_M9iQ7Y.roa
Signing time: Fri 11 Oct 2024 10:36:12 +0000
ROA not before: Fri 11 Oct 2024 10:36:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 151.88.22.0/24 maxlen: 24
151.88.40.0/24 maxlen: 24
151.88.41.0/24 maxlen: 24
151.88.109.0/24 maxlen: 24
151.88.176.0/24 maxlen: 24
151.92.2.0/24 maxlen: 24
151.92.12.0/24 maxlen: 24
151.92.83.0/24 maxlen: 24
151.92.154.0/24 maxlen: 24
151.92.155.0/24 maxlen: 24
151.92.158.0/24 maxlen: 24
151.92.166.0/24 maxlen: 24
151.92.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:26:7a:85:7b:fa:a2:75:31:f2:86:9e:97:81:8c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Validity
Not Before: Oct 11 10:36:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17850070bbbbeddc5d3ec7790887a2fccf6243b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:85:0f:00:16:31:71:87:b1:21:cc:72:ce:
5b:89:a8:fa:61:2a:a0:5e:18:55:ad:cd:6d:07:4e:
39:aa:eb:93:2b:00:bd:3b:4d:1c:33:42:0e:5b:59:
9f:78:1d:29:72:7c:3e:cb:41:54:e4:7e:7d:72:44:
18:8d:b8:e4:36:e0:e1:94:70:fa:90:b8:b2:da:13:
00:15:e6:bd:5d:89:58:48:d7:13:dd:e2:21:2e:21:
d1:73:b2:f2:df:42:ef:17:b3:34:b1:f1:a5:09:19:
65:06:d5:bc:25:fa:08:32:97:32:70:56:23:55:90:
4b:12:2b:20:2c:7d:6e:1a:cf:58:93:b6:3a:d9:36:
da:4b:04:de:93:5c:1f:4f:e5:7a:95:62:0f:3a:ee:
3a:fd:54:14:c5:93:d3:53:9a:8c:0f:cf:1e:66:3c:
f3:50:f8:91:56:f7:b1:66:f0:10:e9:35:71:b5:f5:
64:ad:09:2d:e6:37:cd:3e:d0:5f:f3:ab:30:14:3d:
93:46:3c:f9:21:6a:8e:4f:e3:dc:9a:d9:94:1f:e2:
40:8b:5a:cf:89:17:02:49:a1:2e:1d:b7:e3:f5:99:
51:b6:3c:e5:06:0c:73:9b:33:44:08:40:ae:97:9b:
63:43:f6:10:67:79:ce:eb:c0:b5:bb:9c:7e:84:7e:
2f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:85:00:70:BB:BB:ED:DC:5D:3E:C7:79:08:87:A2:FC:CF:62:43:B6
X509v3 Authority Key Identifier:
keyid:04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/F4UAcLu77dxdPsd5CIei_M9iQ7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.88.22.0/24
151.88.40.0/23
151.88.109.0/24
151.88.176.0/24
151.92.2.0/24
151.92.12.0/24
151.92.83.0/24
151.92.154.0/23
151.92.158.0/24
151.92.166.0/24
151.92.198.0/24
Signature Algorithm: sha256WithRSAEncryption
86:9e:4d:27:e1:3f:f8:aa:af:29:46:57:d5:f7:28:4d:a7:03:
61:f5:1d:99:8c:52:d9:bd:d6:09:cc:aa:d4:74:c2:fb:5b:be:
b6:d8:0a:19:f6:ca:cc:2e:e0:50:90:9e:42:73:65:17:d5:c5:
ab:08:b0:c7:ba:7c:55:ce:41:ba:10:1a:b4:05:6c:c4:e3:67:
8a:0b:1c:99:4c:c8:87:05:af:e9:6f:dc:86:9e:ce:27:25:a8:
31:21:00:c6:39:9b:92:9e:ec:54:b5:4b:5c:88:76:dc:f6:b5:
3e:a1:5f:5e:ec:5c:e5:35:1e:39:18:17:c8:48:66:58:10:2d:
4f:9f:b4:c3:8d:f4:87:49:52:2a:88:9a:a3:a9:36:a5:ec:8c:
f4:f1:9b:ea:52:6b:f5:20:4b:bb:6a:ab:a0:2b:3a:39:00:6f:
b2:2f:fc:f1:f8:0f:28:40:40:9b:ba:ac:ab:eb:fb:d4:90:d8:
78:90:58:78:8d:b2:d3:ac:5c:41:b3:0a:13:22:d9:63:c3:02:
aa:af:f6:ab:51:11:59:20:ee:62:28:c8:42:5d:6b:53:ab:24:
04:5e:7e:b1:34:73:e3:4a:1f:33:26:13:d5:ed:5b:8e:ca:43:
37:5a:71:8e:c8:c0:1c:1c:17:a4:ed:76:b1:ea:40:59:6c:b9:
fc:c0:b4:c4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZJ7JnqFe/qidTHyhp6XgYy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YWFmZjg3ZjZkYzBkMzY5OWJjMjkzN2EzNGRjNzE3Zjk0
ZjAwN2UwHhcNMjQxMDExMTAzNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzg1MDA3MGJiYmJlZGRjNWQzZWM3NzkwODg3YTJmY2NmNjI0M2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngiFDwAWMXGHsSHMcs5biaj6YSqg
XhhVrc1tB045quuTKwC9O00cM0IOW1mfeB0pcnw+y0FU5H59ckQYjbjkNuDhlHD6
kLiy2hMAFea9XYlYSNcT3eIhLiHRc7Ly30LvF7M0sfGlCRllBtW8JfoIMpcycFYj
VZBLEisgLH1uGs9Yk7Y62TbaSwTek1wfT+V6lWIPOu46/VQUxZPTU5qMD88eZjzz
UPiRVvexZvAQ6TVxtfVkrQkt5jfNPtBf86swFD2TRjz5IWqOT+PcmtmUH+JAi1rP
iRcCSaEuHbfj9ZlRtjzlBgxzmzNECECul5tjQ/YQZ3nO68C1u5x+hH4vlwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBeFAHC7u+3cXT7HeQiHovzPYkO2MB8GA1UdIwQY
MBaAFASq/4f23A02mbwpN6NNxxf5TwB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2Mt
ZTNlMGMyZGJmMDY3LzEvRjRVQWNMdTc3ZHhkUHNkNUNJZWlfTTlpUTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2MtZTNlMGMyZGJmMDY3
LzEvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAl1gWAwQB
l1goAwQAl1htAwQAl1iwAwQAl1wCAwQAl1wMAwQAl1xTAwQBl1yaAwQAl1yeAwQA
l1ymAwQAl1zGMA0GCSqGSIb3DQEBCwUAA4IBAQCGnk0n4T/4qq8pRlfV9yhNpwNh
9R2ZjFLZvdYJzKrUdML7W7622AoZ9srMLuBQkJ5Cc2UX1cWrCLDHunxVzkG6EBq0
BWzE42eKCxyZTMiHBa/pb9yGns4nJagxIQDGOZuSnuxUtUtciHbc9rU+oV9e7Fzl
NR45GBfISGZYEC1Pn7TDjfSHSVIqiJqjqTal7Iz08ZvqUmv1IEu7aqugKzo5AG+y
L/zx+A8oQECbuqyr6/vUkNh4kFh4jbLTrFxBswoTItljwwKqr/arURFZIO5iKMhC
XWtTqyQEXn6xNHPjSh8zJhPV7VuOykM3WnGOyMAcHBek7Xax6kBZbLn8wLTE
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:30 2024 by rpki-client on console-ams.rpki-client.org