Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2a9acf-2f1e-4c9c-b810-a047816d6283/1/pDT_QZ8p6V6z8c06gkPJbuyNSC0.roa
File: pDT_QZ8p6V6z8c06gkPJbuyNSC0.roa (raw, json)
Hash identifier: gosMmtxNfbQer/vgBeyoyQmOF49DKzkCqdnMrrQGn+c=
Subject key identifier: A4:34:FF:41:9F:29:E9:5E:B3:F1:CD:3A:82:43:C9:6E:EC:8D:48:2D
Certificate issuer: /CN=448331851b3559d3cc8299f6b020ef378e2e4b04
Certificate serial: 018CC94E656757244DF160F56FFDCD759105
Authority key identifier: 44:83:31:85:1B:35:59:D3:CC:82:99:F6:B0:20:EF:37:8E:2E:4B:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIMxhRs1WdPMgpn2sCDvN44uSwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2a9acf-2f1e-4c9c-b810-a047816d6283/1/pDT_QZ8p6V6z8c06gkPJbuyNSC0.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199042
IP address blocks: 176.115.171.0/24 maxlen: 24
176.115.168.0/24 maxlen: 24
176.115.172.0/24 maxlen: 24
176.115.169.0/24 maxlen: 24
176.115.168.0/21 maxlen: 21
176.115.170.0/24 maxlen: 24
176.115.174.0/24 maxlen: 24
176.115.175.0/24 maxlen: 24
176.115.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/2a9acf-2f1e-4c9c-b810-a047816d6283/1/RIMxhRs1WdPMgpn2sCDvN44uSwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/2a9acf-2f1e-4c9c-b810-a047816d6283/1/RIMxhRs1WdPMgpn2sCDvN44uSwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/RIMxhRs1WdPMgpn2sCDvN44uSwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 02:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:65:67:57:24:4d:f1:60:f5:6f:fd:cd:75:91:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=448331851b3559d3cc8299f6b020ef378e2e4b04
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a434ff419f29e95eb3f1cd3a8243c96eec8d482d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:14:a0:5a:c3:8b:99:05:fd:d1:1d:49:44:dc:
1c:77:e7:31:dc:79:4d:f0:66:28:7a:6c:21:c8:88:
fb:dd:97:5d:b7:f5:59:11:50:22:80:bf:c9:1f:15:
82:e0:bb:74:c5:7d:32:a1:1e:17:14:04:78:aa:0f:
c2:a8:2f:80:3b:a6:39:cc:5d:b2:28:8f:88:b8:fa:
6d:ad:76:cd:11:12:8b:6f:6a:77:3c:b6:01:0d:cc:
2b:cc:93:a5:06:8f:25:44:da:c8:29:f9:26:0c:b7:
60:a0:d7:21:f8:ef:d1:30:14:25:6a:a1:59:ee:2f:
f3:e4:f5:52:30:60:63:c9:ca:d7:33:2b:88:74:4f:
07:dd:60:89:ec:fb:73:a9:87:e2:b6:aa:22:b8:49:
42:f3:af:56:97:cd:2b:ce:e9:cc:01:57:a9:5a:6a:
d0:a9:8d:09:3f:bd:25:4d:ea:09:0e:3d:28:e9:91:
99:e9:90:48:af:47:e0:4e:3b:68:2f:15:e3:fb:da:
1f:56:07:9b:98:80:51:49:26:5b:09:a3:5d:bc:57:
20:b0:a7:8f:86:6a:66:9b:59:13:ac:9e:56:1d:57:
f0:73:33:ee:58:fa:3d:36:1a:ae:be:c7:b8:98:30:
c7:a7:a3:5a:aa:12:c7:04:18:c4:a5:2b:be:2c:1f:
14:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:34:FF:41:9F:29:E9:5E:B3:F1:CD:3A:82:43:C9:6E:EC:8D:48:2D
X509v3 Authority Key Identifier:
keyid:44:83:31:85:1B:35:59:D3:CC:82:99:F6:B0:20:EF:37:8E:2E:4B:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIMxhRs1WdPMgpn2sCDvN44uSwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2a9acf-2f1e-4c9c-b810-a047816d6283/1/pDT_QZ8p6V6z8c06gkPJbuyNSC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2a9acf-2f1e-4c9c-b810-a047816d6283/1/RIMxhRs1WdPMgpn2sCDvN44uSwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.115.168.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:e4:af:41:44:2b:f7:a9:f7:09:52:1e:b3:0f:09:08:66:a1:
b2:f1:e9:df:97:77:17:0b:b7:b9:31:33:93:4a:8b:13:08:30:
2e:c1:43:7e:78:ce:7f:50:3d:d1:87:73:23:52:9d:bb:38:29:
67:e4:6d:25:bc:4a:90:79:05:47:d5:82:d0:ea:ca:10:69:b2:
79:7d:3c:b1:e6:0d:8f:18:7d:e2:96:99:96:dc:d3:24:88:26:
db:25:25:d2:4b:47:21:83:42:f2:52:6d:94:fc:bc:d1:fb:8b:
9c:1b:b3:20:0f:3c:c2:e1:c2:13:1d:03:b9:1b:5a:d8:a8:df:
6d:8f:7a:3d:5a:b4:1b:57:81:84:e1:33:ae:fc:0f:b4:da:64:
20:e1:fa:5e:32:d5:00:ad:3e:8b:29:c0:ec:ac:61:fc:35:70:
75:59:a9:fa:56:df:00:8f:6f:e5:bb:6f:21:2c:80:14:ca:9f:
f5:ad:2d:a6:c7:a4:dc:59:1b:2a:ed:5f:6a:2a:fa:b1:79:8f:
91:f3:c3:79:67:97:94:a7:6e:36:21:42:7e:6e:24:b6:6a:65:
91:f7:13:a6:99:08:ef:97:07:62:35:08:40:3e:3d:17:19:42:
08:3e:ec:46:ba:57:51:0f:49:1a:6c:da:03:f1:ef:6c:cf:76:
d4:d5:b6:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmVnVyRN8WD1b/3NdZEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ODMzMTg1MWIzNTU5ZDNjYzgyOTlmNmIwMjBlZjM3OGUy
ZTRiMDQwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDM0ZmY0MTlmMjllOTVlYjNmMWNkM2E4MjQzYzk2ZWVjOGQ0ODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhSgWsOLmQX90R1JRNwcd+cx3HlN
8GYoemwhyIj73Zddt/VZEVAigL/JHxWC4Lt0xX0yoR4XFAR4qg/CqC+AO6Y5zF2y
KI+IuPptrXbNERKLb2p3PLYBDcwrzJOlBo8lRNrIKfkmDLdgoNch+O/RMBQlaqFZ
7i/z5PVSMGBjycrXMyuIdE8H3WCJ7PtzqYfitqoiuElC869Wl80rzunMAVepWmrQ
qY0JP70lTeoJDj0o6ZGZ6ZBIr0fgTjtoLxXj+9ofVgebmIBRSSZbCaNdvFcgsKeP
hmpmm1kTrJ5WHVfwczPuWPo9Nhquvse4mDDHp6NaqhLHBBjEpSu+LB8UVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQ0/0GfKeles/HNOoJDyW7sjUgtMB8GA1UdIwQY
MBaAFESDMYUbNVnTzIKZ9rAg7zeOLksEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUklNeGhSczFXZFBNZ3BuMnNDRHZONDR1U3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYTlhY2YtMmYxZS00YzljLWI4MTAt
YTA0NzgxNmQ2MjgzLzEvcERUX1FaOHA2VjZ6OGMwNmdrUEpidXlOU0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8yYTlhY2YtMmYxZS00YzljLWI4MTAtYTA0NzgxNmQ2Mjgz
LzEvUklNeGhSczFXZFBNZ3BuMnNDRHZONDR1U3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCa5K9BRCv3qfcJUh6zDwkIZqGy8enfl3cXC7e5MTOT
SosTCDAuwUN+eM5/UD3Rh3MjUp27OCln5G0lvEqQeQVH1YLQ6soQabJ5fTyx5g2P
GH3ilpmW3NMkiCbbJSXSS0chg0LyUm2U/LzR+4ucG7MgDzzC4cITHQO5G1rYqN9t
j3o9WrQbV4GE4TOu/A+02mQg4fpeMtUArT6LKcDsrGH8NXB1Wan6Vt8Aj2/lu28h
LIAUyp/1rS2mx6TcWRsq7V9qKvqxeY+R88N5Z5eUp242IUJ+biS2amWR9xOmmQjv
lwdiNQhAPj0XGUIIPuxGuldRD0kabNoD8e9sz3bU1bY+
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:53:17 2024 by rpki-client on console-ams.rpki-client.org