Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/N8T5o1wlvhU1IdEPoWWV-W1wSog.roa
File: N8T5o1wlvhU1IdEPoWWV-W1wSog.roa (raw, json)
Hash identifier: Jti3ZWWraejpC0MVnexV/o0kgnzNmE3tngg5IYsoGKU=
Subject key identifier: 37:C4:F9:A3:5C:25:BE:15:35:21:D1:0F:A1:65:95:F9:6D:70:4A:88
Certificate issuer: /CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Certificate serial: 018CC725C6ED2C25A1948060C9BA5477A930
Authority key identifier: 1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/N8T5o1wlvhU1IdEPoWWV-W1wSog.roa
Signing time: Mon 01 Jan 2024 22:29:50 +0000
ROA not before: Mon 01 Jan 2024 22:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 141.98.172.0/24 maxlen: 24
2a09:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:c6:ed:2c:25:a1:94:80:60:c9:ba:54:77:a9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Validity
Not Before: Jan 1 22:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37c4f9a35c25be153521d10fa16595f96d704a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:db:56:8c:a8:13:ea:31:e8:3a:cb:b1:03:9d:
9f:53:1a:67:c3:ec:04:9f:fe:52:54:82:a2:45:e1:
dc:17:58:d9:eb:58:22:5b:50:71:ac:c1:43:2e:88:
85:3e:9e:8a:fa:bb:23:ca:e5:d1:14:2b:9d:ad:38:
9a:99:ee:66:b9:bb:b1:10:fc:f9:7b:96:8a:36:cd:
40:cd:a7:d2:55:64:0c:ce:97:8d:2b:f8:0b:31:24:
12:f3:19:76:96:93:3d:82:47:54:c8:62:38:09:fb:
c9:e6:ba:d3:d3:1e:be:5b:69:0b:f3:b8:7d:54:9a:
6a:96:26:85:14:d9:af:bc:bc:5b:14:3c:da:4d:09:
ad:e2:1d:4b:9e:09:74:68:b1:5e:74:b8:08:1f:7e:
03:31:29:14:8c:c8:a0:d4:f4:a4:90:28:30:bc:c2:
0d:60:05:72:15:0f:89:a5:59:14:bc:f4:e6:81:bb:
61:cf:a2:a0:38:d0:27:f3:a8:04:16:4a:ba:f9:02:
57:f7:97:58:7d:90:18:31:7f:a2:f4:7d:51:9d:cd:
52:ab:d0:a9:66:eb:ca:ef:b5:74:1b:c6:1c:53:75:
6c:0b:37:03:08:08:64:96:67:68:0b:3b:0d:07:01:
5d:38:f8:59:58:1f:dc:92:29:52:5d:03:49:a3:2e:
b5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C4:F9:A3:5C:25:BE:15:35:21:D1:0F:A1:65:95:F9:6D:70:4A:88
X509v3 Authority Key Identifier:
keyid:1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/N8T5o1wlvhU1IdEPoWWV-W1wSog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.172.0/24
IPv6:
2a09:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:db:68:59:78:e2:b7:a3:14:76:b9:23:c7:4b:79:6e:db:80:
0b:26:14:03:5f:d8:1e:7c:a1:e9:75:df:7f:e9:1c:f2:e7:ba:
48:03:d9:bc:c4:7f:2a:10:83:71:e1:3a:9c:52:63:c3:9c:2f:
5d:69:ab:69:01:bb:18:eb:70:2b:3b:0b:46:87:bd:93:9f:4f:
a3:38:4d:ed:c6:01:f6:9a:6c:53:92:33:c8:9b:49:46:90:ae:
ae:d4:77:51:70:c1:e6:70:1e:80:c1:c3:c8:3e:89:3e:d4:36:
6b:c4:63:41:a2:05:ab:8a:0c:5b:5e:d8:f4:bc:ed:38:42:f2:
07:6a:9f:9f:be:7c:77:52:d5:d5:29:aa:37:3d:cf:24:71:7c:
ed:2a:2a:1a:7f:75:75:d8:f4:73:cd:26:a4:61:f2:ee:c6:8d:
1c:9a:78:a3:5a:93:cf:b1:f0:2d:a7:09:2a:ca:6d:c6:a5:75:
fc:9b:90:95:83:1b:ac:b2:d7:bb:ff:19:ac:0e:86:3f:73:6f:
6a:df:fc:62:84:0f:f0:1a:9f:c5:59:37:48:a9:18:fd:7f:10:
6b:5c:02:1a:7c:ed:a2:32:63:1f:c6:c4:2e:44:74:ec:ea:27:
23:17:5e:2d:24:56:8a:a6:18:6f:f7:bd:b5:0b:03:21:f9:1a:
47:58:42:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJcbtLCWhlIBgybpUd6kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDYxYTUyZjEwODJlY2Y0Yzk3YjUxMjJiNDYxMTIyNTA3
MzQ1MWIwHhcNMjQwMTAxMjIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2M0ZjlhMzVjMjViZTE1MzUyMWQxMGZhMTY1OTVmOTZkNzA0YTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdtWjKgT6jHoOsuxA52fUxpnw+wE
n/5SVIKiReHcF1jZ61giW1BxrMFDLoiFPp6K+rsjyuXRFCudrTiame5mubuxEPz5
e5aKNs1AzafSVWQMzpeNK/gLMSQS8xl2lpM9gkdUyGI4CfvJ5rrT0x6+W2kL87h9
VJpqliaFFNmvvLxbFDzaTQmt4h1Lngl0aLFedLgIH34DMSkUjMig1PSkkCgwvMIN
YAVyFQ+JpVkUvPTmgbthz6KgONAn86gEFkq6+QJX95dYfZAYMX+i9H1Rnc1Sq9Cp
ZuvK77V0G8YcU3VsCzcDCAhklmdoCzsNBwFdOPhZWB/ckilSXQNJoy61WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDfE+aNcJb4VNSHRD6FllfltcEqIMB8GA1UdIwQY
MBaAFBrWGlLxCC7PTJe1EitGESJQc0UbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQ1NTUtMjBiZC00YzQyLTg0YmEt
NzJjZTk1YmE5YWZhLzEvTjhUNW8xd2x2aFUxSWRFUG9XV1YtVzF3U29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQ1NTUtMjBiZC00YzQyLTg0YmEtNzJjZTk1YmE5YWZh
LzEvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAjWKsMA8E
AgACMAkDBwAqCSjAAAAwDQYJKoZIhvcNAQELBQADggEBABrbaFl44rejFHa5I8dL
eW7bgAsmFANf2B58oel133/pHPLnukgD2bzEfyoQg3HhOpxSY8OcL11pq2kBuxjr
cCs7C0aHvZOfT6M4Te3GAfaabFOSM8ibSUaQrq7Ud1FwweZwHoDBw8g+iT7UNmvE
Y0GiBauKDFte2PS87ThC8gdqn5++fHdS1dUpqjc9zyRxfO0qKhp/dXXY9HPNJqRh
8u7GjRyaeKNak8+x8C2nCSrKbcaldfybkJWDG6yy17v/GawOhj9zb2rf/GKED/Aa
n8VZN0ipGP1/EGtcAhp87aIyYx/GxC5EdOzqJyMXXi0kVoqmGG/3vbULAyH5GkdY
QoE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:36 2024 by rpki-client on console-ams.rpki-client.org