Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/yas1F5Yx5LaaJzElc07i58c50TA.roa
File: yas1F5Yx5LaaJzElc07i58c50TA.roa (raw, json)
Hash identifier: 4BpM2P5FHRG/yeYLjCN11FzbXtbaeE+CQICmNnTG+Ds=
Subject key identifier: C9:AB:35:17:96:31:E4:B6:9A:27:31:25:73:4E:E2:E7:C7:39:D1:30
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018CC3B6B1BDC83FEEF3C22B5EF5F4B3B158
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/yas1F5Yx5LaaJzElc07i58c50TA.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48037
IP address blocks: 147.181.64.0/18 maxlen: 24
147.181.98.0/24 maxlen: 24
147.181.96.0/24 maxlen: 24
147.181.97.0/24 maxlen: 24
147.181.103.0/24 maxlen: 24
147.181.99.0/24 maxlen: 24
147.181.112.0/24 maxlen: 24
147.181.109.0/24 maxlen: 24
147.181.108.0/24 maxlen: 24
147.181.117.0/24 maxlen: 24
147.181.113.0/24 maxlen: 24
147.181.114.0/24 maxlen: 24
147.181.40.0/22 maxlen: 24
2a04:9a03:1010::/44 maxlen: 44
2a04:9a00:1124::/48 maxlen: 48
2a04:9a00:1004::/48 maxlen: 48
2a04:9a00:1121::/48 maxlen: 48
2a04:9a00:111c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b1:bd:c8:3f:ee:f3:c2:2b:5e:f5:f4:b3:b1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9ab35179631e4b69a273125734ee2e7c739d130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9d:2f:3d:90:90:95:dd:6b:dc:47:19:51:15:
04:96:ae:f7:a7:d4:ae:aa:db:61:68:9c:06:a7:8f:
c0:7c:63:1d:55:4e:c7:24:97:a9:fc:02:8f:e7:4c:
ea:e0:00:7d:96:3e:24:c2:ba:b6:cf:d8:c0:94:d5:
d2:eb:05:a5:88:d6:05:cc:36:56:46:6a:5c:92:fe:
5b:06:a9:b4:26:89:37:dc:4f:bb:11:69:74:9e:30:
0e:ae:15:10:f2:2d:49:50:95:cc:67:79:a2:6f:f0:
61:e8:55:48:fb:f1:75:41:4b:42:30:67:9a:97:78:
0e:61:76:5a:14:d7:65:9f:99:e8:f1:3d:b0:ae:2b:
9d:f9:a6:d5:12:43:94:92:52:7d:d1:b5:c2:d8:7a:
c7:89:6c:a5:25:b3:83:c0:2a:81:5b:e2:c1:10:62:
0b:a7:90:25:16:c3:c6:dc:8f:04:bb:77:55:db:b2:
a9:dc:c7:0e:30:50:5a:ef:36:bd:97:41:e2:35:11:
92:63:78:c8:fd:9e:23:76:52:18:0f:77:86:44:f3:
a1:93:29:fe:ef:01:7a:0e:4f:5d:8e:c0:2c:e1:74:
90:bb:51:57:9d:18:ab:bc:79:7c:d7:88:03:dd:0a:
3f:5d:44:37:13:dc:7b:78:42:30:37:38:89:34:4b:
2e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AB:35:17:96:31:E4:B6:9A:27:31:25:73:4E:E2:E7:C7:39:D1:30
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/yas1F5Yx5LaaJzElc07i58c50TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.40.0/22
147.181.64.0/18
IPv6:
2a04:9a00:1004::/48
2a04:9a00:111c::/48
2a04:9a00:1121::/48
2a04:9a00:1124::/48
2a04:9a03:1010::/44
Signature Algorithm: sha256WithRSAEncryption
6f:b6:92:58:cb:02:a3:d5:86:75:e2:26:02:50:72:c1:d2:b5:
09:7e:ec:af:c4:df:83:2c:be:07:e6:bd:11:f0:d3:b5:11:af:
0f:fb:d1:a9:c7:25:94:92:73:c6:64:ae:1b:4e:dd:de:93:0b:
44:2f:bb:e7:11:ce:1f:ec:7c:e6:38:72:1f:3b:74:e3:94:96:
d0:df:99:36:05:e2:e5:c8:a5:32:42:3c:15:c1:76:4e:c1:d4:
22:3b:bd:a3:ab:b9:89:54:99:13:ac:ff:0c:09:00:66:b1:a6:
63:6d:3e:e5:4c:8e:11:09:30:9d:a4:2e:a7:6d:6a:c5:ee:7a:
32:f3:96:9f:75:ed:7b:c9:85:49:a7:f9:da:47:90:3d:42:79:
0e:48:db:c5:76:63:0f:85:52:e9:6f:eb:f8:04:aa:13:a2:0e:
c7:ed:96:1b:6c:ec:7e:f3:7f:3a:73:2c:97:b4:dd:ca:eb:b7:
9e:d0:2c:5f:46:2a:83:ae:0f:e3:97:f6:d6:f3:0c:25:51:d0:
d8:c4:b0:43:6d:dc:d6:01:15:5c:44:a4:6c:36:48:8a:cc:14:
86:f1:f2:87:19:7e:d3:94:f6:d2:5f:a5:92:e0:9d:fb:71:5f:
87:61:78:f2:8e:85:b3:d9:32:e6:5e:cd:22:0c:69:7c:5c:97:
fb:52:b5:e5
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzDtrG9yD/u88IrXvX0s7FYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFiMzUxNzk2MzFlNGI2OWEyNzMxMjU3MzRlZTJlN2M3MzlkMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp0vPZCQld1r3EcZURUElq73p9Su
qtthaJwGp4/AfGMdVU7HJJep/AKP50zq4AB9lj4kwrq2z9jAlNXS6wWliNYFzDZW
Rmpckv5bBqm0Jok33E+7EWl0njAOrhUQ8i1JUJXMZ3mib/Bh6FVI+/F1QUtCMGea
l3gOYXZaFNdln5no8T2wriud+abVEkOUklJ90bXC2HrHiWylJbODwCqBW+LBEGIL
p5AlFsPG3I8Eu3dV27Kp3McOMFBa7za9l0HiNRGSY3jI/Z4jdlIYD3eGRPOhkyn+
7wF6Dk9djsAs4XSQu1FXnRirvHl814gD3Qo/XUQ3E9x7eEIwNziJNEsu4wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMmrNReWMeS2micxJXNO4ufHOdEwMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEveWFzMUY1WXg1TGFhSnpFbGMwN2k1OGM1MFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQCk7UoAwQG
k7VAMDMEAgACMC0DBwAqBJoAEAQDBwAqBJoAERwDBwAqBJoAESEDBwAqBJoAESQD
BwQqBJoDEBAwDQYJKoZIhvcNAQELBQADggEBAG+2kljLAqPVhnXiJgJQcsHStQl+
7K/E34MsvgfmvRHw07URrw/70anHJZSSc8ZkrhtO3d6TC0Qvu+cRzh/sfOY4ch87
dOOUltDfmTYF4uXIpTJCPBXBdk7B1CI7vaOruYlUmROs/wwJAGaxpmNtPuVMjhEJ
MJ2kLqdtasXuejLzlp917XvJhUmn+dpHkD1CeQ5I28V2Yw+FUulv6/gEqhOiDsft
lhts7H7zfzpzLJe03crrt57QLF9GKoOuD+OX9tbzDCVR0NjEsENt3NYBFVxEpGw2
SIrMFIbx8ocZftOU9tJfpZLgnftxX4dhePKOhbPZMuZezSIMaXxcl/tSteU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:15:40 2024 by rpki-client on console-ams.rpki-client.org