Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/AJvWKjlfflZ9cQofDD0ppbseZLQ.roa
File: AJvWKjlfflZ9cQofDD0ppbseZLQ.roa (raw, json)
Hash identifier: VGiicvrQITfBrX3SAtjyhR6B6SA41PSS6lItKnKTNYo=
Subject key identifier: 00:9B:D6:2A:39:5F:7E:56:7D:71:0A:1F:0C:3D:29:A5:BB:1E:64:B4
Certificate issuer: /CN=1ea559d8bf6ac2d868d0665ad57d2c6ac1472193
Certificate serial: 019425FBF99C0D7DCB5176D95213AB059444
Authority key identifier: 1E:A5:59:D8:BF:6A:C2:D8:68:D0:66:5A:D5:7D:2C:6A:C1:47:21:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/AJvWKjlfflZ9cQofDD0ppbseZLQ.roa
Signing time: Thu 02 Jan 2025 07:47:37 +0000
ROA not before: Thu 02 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 148.196.0.0/16 maxlen: 16
157.26.0.0/16 maxlen: 16
192.135.150.0/23 maxlen: 24
192.135.151.0/24 maxlen: 24
192.135.152.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f9:9c:0d:7d:cb:51:76:d9:52:13:ab:05:94:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea559d8bf6ac2d868d0665ad57d2c6ac1472193
Validity
Not Before: Jan 2 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=009bd62a395f7e567d710a1f0c3d29a5bb1e64b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:16:5f:36:d2:87:47:b8:b7:9f:b3:5f:18:65:
f9:9d:a2:08:3e:90:9c:42:57:78:51:c7:d6:42:0a:
66:16:b6:50:9f:d7:39:88:d8:09:bc:4b:d6:e3:af:
13:23:4d:a0:e8:6a:bf:8f:f5:9d:07:46:2f:0d:bd:
e4:25:36:b8:79:06:4e:82:91:31:67:6a:3c:8a:88:
11:f6:d5:14:f9:c7:7e:e1:fd:98:af:2a:ef:34:a0:
49:8e:3c:d9:d1:58:a1:c1:10:13:65:a9:33:7a:c2:
32:72:ea:b7:70:f1:6c:e5:dc:ad:65:e0:90:13:27:
60:7b:f5:47:eb:23:90:d6:33:90:37:ba:64:df:2b:
e2:0d:53:4d:c0:7c:b2:45:31:ba:1e:2b:8d:84:c0:
c2:df:8f:64:41:c3:d6:fa:6b:70:9b:f6:aa:75:69:
70:46:48:d8:e6:27:bf:7c:63:1b:27:ed:d0:03:eb:
a9:44:a2:ea:bc:42:f5:ab:c1:c8:a8:66:ba:dc:a1:
97:aa:8b:0e:18:5e:6d:0d:7d:5f:5b:c6:f8:d3:a9:
76:8f:9f:58:1c:14:7d:ca:7f:9f:44:d8:ee:f4:8e:
f7:85:4a:19:03:87:cd:3a:8b:43:72:ce:58:18:bd:
45:9c:08:b8:22:1b:0a:32:e7:8b:73:d2:e1:cc:f7:
46:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9B:D6:2A:39:5F:7E:56:7D:71:0A:1F:0C:3D:29:A5:BB:1E:64:B4
X509v3 Authority Key Identifier:
keyid:1E:A5:59:D8:BF:6A:C2:D8:68:D0:66:5A:D5:7D:2C:6A:C1:47:21:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/AJvWKjlfflZ9cQofDD0ppbseZLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.196.0.0/16
157.26.0.0/16
192.135.150.0-192.135.159.255
Signature Algorithm: sha256WithRSAEncryption
74:1b:4e:10:dc:19:49:e8:b5:0c:81:f3:4a:8e:03:49:fc:fe:
ef:82:df:e1:ea:88:3d:d5:64:fa:0e:63:1a:5c:4b:b3:0b:da:
51:eb:1e:0c:cc:68:ec:b7:3f:d9:03:19:c3:3c:28:2c:eb:03:
64:e5:e5:ed:7a:4f:27:bb:ff:06:53:4c:b0:f5:92:1f:ec:a2:
47:db:d2:8e:0d:f0:69:11:18:ec:92:1f:3f:fa:79:78:a1:36:
6f:a0:26:1c:aa:c5:7d:c8:85:ed:3e:4b:11:23:6b:6a:f3:d4:
c7:d9:30:b4:86:c0:20:ba:5b:48:23:3e:0e:ce:e6:7d:53:5f:
58:6b:6d:cf:4a:c6:c4:9d:7f:fc:9f:d3:99:16:08:85:1c:4b:
d7:b6:79:2b:2e:2f:27:75:3c:b5:7b:20:36:ae:30:dd:7e:7b:
06:a0:38:5b:c6:11:ce:f9:9d:4c:4d:ce:3b:5f:b0:66:a0:70:
3c:d5:71:5a:a8:a3:12:ad:18:62:3e:2d:8f:5b:43:61:d9:54:
d9:11:0e:0b:dc:83:ed:74:d2:4b:47:8b:bd:a3:36:fb:3a:04:
72:ae:27:3b:6e:9a:e3:b4:84:0f:55:f3:7f:7f:e6:b4:ae:dc:
d3:66:a0:cd:17:3a:2a:4d:fb:93:43:fe:d6:07:1b:30:f2:0d:
02:8e:7e:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl+/mcDX3LUXbZUhOrBZREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTU1OWQ4YmY2YWMyZDg2OGQwNjY1YWQ1N2QyYzZhYzE0
NzIxOTMwHhcNMjUwMTAyMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDliZDYyYTM5NWY3ZTU2N2Q3MTBhMWYwYzNkMjlhNWJiMWU2NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxZfNtKHR7i3n7NfGGX5naIIPpCc
Qld4UcfWQgpmFrZQn9c5iNgJvEvW468TI02g6Gq/j/WdB0YvDb3kJTa4eQZOgpEx
Z2o8iogR9tUU+cd+4f2YryrvNKBJjjzZ0VihwRATZakzesIycuq3cPFs5dytZeCQ
Eydge/VH6yOQ1jOQN7pk3yviDVNNwHyyRTG6HiuNhMDC349kQcPW+mtwm/aqdWlw
RkjY5ie/fGMbJ+3QA+upRKLqvEL1q8HIqGa63KGXqosOGF5tDX1fW8b406l2j59Y
HBR9yn+fRNju9I73hUoZA4fNOotDcs5YGL1FnAi4IhsKMueLc9LhzPdGoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFACb1io5X35WfXEKHww9KaW7HmS0MB8GA1UdIwQY
MBaAFB6lWdi/asLYaNBmWtV9LGrBRyGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFWWjJMOXF3dGhvMEdaYTFYMHNhc0ZISVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80ZmI3ODUtZmZmMS00M2EzLWFmZDEt
NWZmY2M0NmFlN2I1LzEvQUp2V0tqbGZmbFo5Y1FvZkREMHBwYnNlWkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80ZmI3ODUtZmZmMS00M2EzLWFmZDEtNWZmY2M0NmFlN2I1
LzEvSHFWWjJMOXF3dGhvMEdaYTFYMHNhc0ZISVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwMAlMQDAwCd
GjAMAwQBwIeWAwQFwIeAMA0GCSqGSIb3DQEBCwUAA4IBAQB0G04Q3BlJ6LUMgfNK
jgNJ/P7vgt/h6og91WT6DmMaXEuzC9pR6x4MzGjstz/ZAxnDPCgs6wNk5eXtek8n
u/8GU0yw9ZIf7KJH29KODfBpERjskh8/+nl4oTZvoCYcqsV9yIXtPksRI2tq89TH
2TC0hsAgultIIz4OzuZ9U19Ya23PSsbEnX/8n9OZFgiFHEvXtnkrLi8ndTy1eyA2
rjDdfnsGoDhbxhHO+Z1MTc47X7BmoHA81XFaqKMSrRhiPi2PW0Nh2VTZEQ4L3IPt
dNJLR4u9ozb7OgRyric7bprjtIQPVfN/f+a0rtzTZqDNFzoqTfuTQ/7WBxsw8g0C
jn7n
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:29 2025 by rpki-client