Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/b_esdvwuL7HMMRsaUDaWOqTlMVY.roa
File: b_esdvwuL7HMMRsaUDaWOqTlMVY.roa (raw, json)
Hash identifier: pwo77eC9fZ605tPPzC8qd5eRG6DFX9632hHdiz08KNM=
Subject key identifier: 6F:F7:AC:76:FC:2E:2F:B1:CC:31:1B:1A:50:36:96:3A:A4:E5:31:56
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019423D7F8EA1DE4C0E11C7027A134AB096C
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/b_esdvwuL7HMMRsaUDaWOqTlMVY.roa
Signing time: Wed 01 Jan 2025 21:49:04 +0000
ROA not before: Wed 01 Jan 2025 21:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 150.241.104.0/24 maxlen: 24
150.241.109.0/24 maxlen: 24
150.241.110.0/24 maxlen: 24
150.241.111.0/24 maxlen: 24
150.241.112.0/24 maxlen: 24
150.241.117.0/24 maxlen: 24
150.241.118.0/24 maxlen: 24
150.241.119.0/24 maxlen: 24
150.241.120.0/24 maxlen: 24
150.241.125.0/24 maxlen: 24
150.241.126.0/24 maxlen: 24
150.241.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f8:ea:1d:e4:c0:e1:1c:70:27:a1:34:ab:09:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 1 21:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ff7ac76fc2e2fb1cc311b1a5036963aa4e53156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:54:d8:bc:4b:b2:53:57:0a:a0:83:5c:9a:
19:3d:d2:6a:41:30:f4:c1:4b:94:8c:50:25:41:a6:
5d:bc:7e:94:3a:c2:72:09:fe:d5:1c:42:f0:99:a8:
cf:2f:28:43:be:1f:6a:78:dc:f2:8f:15:01:6e:ea:
9d:61:fd:54:4a:43:54:34:4e:e6:bd:72:c3:a1:f5:
00:0d:c3:34:0a:64:f8:33:28:c8:65:8b:67:ca:29:
b0:35:2b:e7:97:01:e4:fb:47:7b:c1:5b:bb:8d:63:
b1:9b:4e:d4:cc:e3:f3:b6:e0:87:c8:8d:21:77:4e:
a4:f8:ca:2e:75:1d:d7:19:bd:a2:ae:ea:59:a3:9f:
cf:f7:1b:96:90:b9:dc:01:26:f0:72:9d:03:fd:0f:
8a:fd:7b:f0:bf:99:cf:73:2e:37:12:2f:55:22:7b:
29:4e:6e:17:69:de:24:40:ab:02:3c:61:09:ef:c7:
da:01:5d:13:0b:84:6f:25:9e:5c:b9:5d:b3:21:57:
37:b8:4e:a4:76:ac:d0:d9:7e:fa:ac:b7:86:14:d7:
9e:df:49:ab:ee:f7:d0:e0:30:d0:4e:e3:b3:ba:3e:
8b:fa:08:c1:cf:52:32:b2:1b:48:7b:97:57:34:bf:
fa:3e:94:a1:1e:1f:0e:c4:b6:6d:7e:bd:66:c5:e5:
20:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F7:AC:76:FC:2E:2F:B1:CC:31:1B:1A:50:36:96:3A:A4:E5:31:56
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/b_esdvwuL7HMMRsaUDaWOqTlMVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.104.0/24
150.241.109.0-150.241.112.255
150.241.117.0-150.241.120.255
150.241.125.0-150.241.127.255
Signature Algorithm: sha256WithRSAEncryption
8c:db:1c:f4:86:85:65:d3:4f:80:3b:77:7e:1d:6c:7b:5c:a2:
7c:40:4b:7d:05:ec:16:ec:4b:80:13:b1:29:d3:c2:08:fa:0d:
6d:4d:81:fc:7a:20:f7:ed:93:6d:b9:1a:12:e5:a4:e9:aa:d6:
b4:ee:f5:79:df:c9:54:10:f6:25:dc:d0:4d:d4:f5:99:37:a7:
22:da:dc:eb:f2:69:81:af:33:8c:27:70:26:a5:a7:81:6f:03:
1c:eb:3c:3b:c2:ce:76:ff:83:77:ea:ca:e4:5f:72:36:52:a9:
bb:33:9c:67:a6:da:c1:75:e6:be:23:0a:a2:bb:fe:89:83:db:
4a:ff:e9:38:fc:7d:ce:b4:c4:9a:72:c9:fe:f3:6e:b0:f7:77:
70:1e:e6:5d:88:81:74:2a:d6:f7:be:b2:df:f9:95:ce:1d:3a:
f6:b1:e8:0c:c9:de:de:e7:23:03:30:4b:41:7b:61:55:a7:5c:
1d:55:5d:87:e8:0c:18:e8:d5:f1:0e:ce:79:de:a5:83:28:4c:
dd:77:1f:1a:14:07:0b:c1:dd:9f:4c:56:4b:32:c9:95:45:eb:
be:78:10:57:e9:6a:f9:fe:b1:b4:73:e8:f6:d7:10:71:ed:50:
b0:4c:f4:36:93:b2:13:1a:c9:8e:5d:15:c4:15:e4:26:9b:89:
f9:71:ef:2f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQj1/jqHeTA4RxwJ6E0qwlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTAxMjE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmY3YWM3NmZjMmUyZmIxY2MzMTFiMWE1MDM2OTYzYWE0ZTUzMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQFU2LxLslNXCqCDXJoZPdJqQTD0
wUuUjFAlQaZdvH6UOsJyCf7VHELwmajPLyhDvh9qeNzyjxUBbuqdYf1USkNUNE7m
vXLDofUADcM0CmT4MyjIZYtnyimwNSvnlwHk+0d7wVu7jWOxm07UzOPztuCHyI0h
d06k+MoudR3XGb2irupZo5/P9xuWkLncASbwcp0D/Q+K/Xvwv5nPcy43Ei9VInsp
Tm4Xad4kQKsCPGEJ78faAV0TC4RvJZ5cuV2zIVc3uE6kdqzQ2X76rLeGFNee30mr
7vfQ4DDQTuOzuj6L+gjBz1IyshtIe5dXNL/6PpShHh8OxLZtfr1mxeUgwwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG/3rHb8Li+xzDEbGlA2ljqk5TFWMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvYl9lc2R2d3VMN0hNTVJzYVVEYVdPcVRsTVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAlvFoMAwD
BACW8W0DBACW8XAwDAMEAJbxdQMEAJbxeDAMAwQAlvF9AwQHlvEAMA0GCSqGSIb3
DQEBCwUAA4IBAQCM2xz0hoVl00+AO3d+HWx7XKJ8QEt9BewW7EuAE7Ep08II+g1t
TYH8eiD37ZNtuRoS5aTpqta07vV538lUEPYl3NBN1PWZN6ci2tzr8mmBrzOMJ3Am
paeBbwMc6zw7ws52/4N36srkX3I2Uqm7M5xnptrBdea+Iwqiu/6Jg9tK/+k4/H3O
tMSacsn+826w93dwHuZdiIF0Ktb3vrLf+ZXOHTr2segMyd7e5yMDMEtBe2FVp1wd
VV2H6AwY6NXxDs553qWDKEzddx8aFAcLwd2fTFZLMsmVReu+eBBX6Wr5/rG0c+j2
1xBx7VCwTPQ2k7ITGsmOXRXEFeQmm4n5ce8v
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:07 2025 by rpki-client