Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/F9SKllDv50VIlUGPCb7KEQSYeoQ.roa
File: F9SKllDv50VIlUGPCb7KEQSYeoQ.roa (raw, json)
Hash identifier: zqewPwrovajMq/eaLfr5dl96c6Kc5zLTezRv4M81sF0=
Subject key identifier: 17:D4:8A:96:50:EF:E7:45:48:95:41:8F:09:BE:CA:11:04:98:7A:84
Certificate issuer: /CN=1ea559d8bf6ac2d868d0665ad57d2c6ac1472193
Certificate serial: 018CC94D30DB9B54A9B41AF77CF3D97EF07A
Authority key identifier: 1E:A5:59:D8:BF:6A:C2:D8:68:D0:66:5A:D5:7D:2C:6A:C1:47:21:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/F9SKllDv50VIlUGPCb7KEQSYeoQ.roa
Signing time: Tue 02 Jan 2024 08:32:08 +0000
ROA not before: Tue 02 Jan 2024 08:32:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 148.196.0.0/16 maxlen: 16
157.26.0.0/16 maxlen: 16
192.135.150.0/23 maxlen: 24
192.135.152.0/21 maxlen: 21
192.135.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:30:db:9b:54:a9:b4:1a:f7:7c:f3:d9:7e:f0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea559d8bf6ac2d868d0665ad57d2c6ac1472193
Validity
Not Before: Jan 2 08:32:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17d48a9650efe7454895418f09beca1104987a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0e:01:b9:12:28:5a:51:2c:1a:c4:00:be:a7:
ff:c4:ce:0e:5c:e7:7a:51:1f:1d:34:b8:71:96:eb:
0f:cb:2a:26:78:9b:6e:fa:e6:36:be:ba:9e:3e:7c:
c9:04:21:8a:7c:3e:12:c0:2b:de:78:f3:61:e2:c5:
3d:b4:bd:6b:13:75:76:8b:e3:31:e2:33:e0:35:44:
54:cb:59:b3:30:57:9d:0f:9e:9e:67:c9:d7:14:b5:
44:2e:d2:cf:de:fa:e5:40:60:2b:58:91:1b:16:ab:
a0:b1:20:8f:ef:f4:a3:93:62:69:e9:5a:aa:36:3d:
c3:7e:88:e2:1d:96:45:5c:71:0f:10:46:65:eb:1e:
22:45:87:0f:77:6e:99:94:0d:44:8c:3b:61:2c:a2:
52:c8:e7:ff:13:1f:99:1f:fb:79:e1:1c:cd:22:52:
39:cd:d2:26:56:e0:3a:33:c5:f6:92:76:53:f7:45:
b4:c6:92:7a:05:c2:2a:be:90:a9:77:02:8b:6e:62:
c6:8b:4a:bf:db:a9:8c:11:6d:61:8f:7f:a9:61:37:
58:68:7f:7a:46:83:9d:eb:17:1f:d8:47:e9:fb:8f:
b5:6d:d8:60:d2:18:d8:27:e9:33:9c:fd:3a:0d:7f:
c3:e9:17:0d:a7:67:08:b1:d9:d8:05:ff:42:2e:ad:
63:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D4:8A:96:50:EF:E7:45:48:95:41:8F:09:BE:CA:11:04:98:7A:84
X509v3 Authority Key Identifier:
keyid:1E:A5:59:D8:BF:6A:C2:D8:68:D0:66:5A:D5:7D:2C:6A:C1:47:21:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/F9SKllDv50VIlUGPCb7KEQSYeoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.196.0.0/16
157.26.0.0/16
192.135.150.0-192.135.159.255
Signature Algorithm: sha256WithRSAEncryption
5a:36:fc:b2:8d:26:05:49:ef:9b:86:00:81:b8:e8:65:c6:93:
8b:64:53:26:77:86:30:90:ba:3b:66:7a:42:2c:34:2f:13:ce:
ed:07:ad:22:3d:86:cb:a3:0f:68:16:78:67:75:ae:66:fb:64:
e5:d3:b9:7d:22:ad:b9:73:7d:03:d3:05:61:9a:a7:76:40:a0:
32:28:dc:60:71:9a:13:9d:87:f6:92:6f:25:9c:8b:d2:b5:44:
93:76:46:39:b1:f4:53:c3:14:9b:b9:8e:0f:c7:81:cf:e2:15:
33:41:0f:75:d1:67:22:1f:f0:08:45:ce:f9:c4:97:27:be:aa:
31:10:71:4b:da:55:fd:dc:99:e2:1d:f3:a7:60:7f:6a:7c:ff:
71:52:12:f0:c1:f9:cf:64:57:50:31:7f:01:f9:d3:9d:57:f0:
76:07:2e:d6:bc:80:78:93:7c:f6:80:83:5f:6f:a8:1b:40:88:
5d:d3:0e:e7:f8:8c:2d:2b:4e:87:d3:fc:70:d6:b2:c7:08:85:
35:91:55:3f:f2:23:a4:92:e2:f4:75:17:72:a8:7a:08:c4:62:
e4:29:97:86:cc:47:18:b1:80:89:af:67:59:36:62:a2:17:dd:
67:fe:87:84:31:1c:a9:f0:4e:35:e6:36:35:8c:f2:57:5e:65:
73:7d:c4:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTTDbm1SptBr3fPPZfvB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTU1OWQ4YmY2YWMyZDg2OGQwNjY1YWQ1N2QyYzZhYzE0
NzIxOTMwHhcNMjQwMTAyMDgzMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Q0OGE5NjUwZWZlNzQ1NDg5NTQxOGYwOWJlY2ExMTA0OTg3YTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw4BuRIoWlEsGsQAvqf/xM4OXOd6
UR8dNLhxlusPyyomeJtu+uY2vrqePnzJBCGKfD4SwCveePNh4sU9tL1rE3V2i+Mx
4jPgNURUy1mzMFedD56eZ8nXFLVELtLP3vrlQGArWJEbFqugsSCP7/Sjk2Jp6Vqq
Nj3DfojiHZZFXHEPEEZl6x4iRYcPd26ZlA1EjDthLKJSyOf/Ex+ZH/t54RzNIlI5
zdImVuA6M8X2knZT90W0xpJ6BcIqvpCpdwKLbmLGi0q/26mMEW1hj3+pYTdYaH96
RoOd6xcf2Efp+4+1bdhg0hjYJ+kznP06DX/D6RcNp2cIsdnYBf9CLq1jzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBfUipZQ7+dFSJVBjwm+yhEEmHqEMB8GA1UdIwQY
MBaAFB6lWdi/asLYaNBmWtV9LGrBRyGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFWWjJMOXF3dGhvMEdaYTFYMHNhc0ZISVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80ZmI3ODUtZmZmMS00M2EzLWFmZDEt
NWZmY2M0NmFlN2I1LzEvRjlTS2xsRHY1MFZJbFVHUENiN0tFUVNZZW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80ZmI3ODUtZmZmMS00M2EzLWFmZDEtNWZmY2M0NmFlN2I1
LzEvSHFWWjJMOXF3dGhvMEdaYTFYMHNhc0ZISVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwMAlMQDAwCd
GjAMAwQBwIeWAwQFwIeAMA0GCSqGSIb3DQEBCwUAA4IBAQBaNvyyjSYFSe+bhgCB
uOhlxpOLZFMmd4YwkLo7ZnpCLDQvE87tB60iPYbLow9oFnhnda5m+2Tl07l9Iq25
c30D0wVhmqd2QKAyKNxgcZoTnYf2km8lnIvStUSTdkY5sfRTwxSbuY4Px4HP4hUz
QQ910WciH/AIRc75xJcnvqoxEHFL2lX93JniHfOnYH9qfP9xUhLwwfnPZFdQMX8B
+dOdV/B2By7WvIB4k3z2gINfb6gbQIhd0w7n+IwtK06H0/xw1rLHCIU1kVU/8iOk
kuL0dRdyqHoIxGLkKZeGzEcYsYCJr2dZNmKiF91n/oeEMRyp8E415jY1jPJXXmVz
fcRM
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:06:25 2024 by rpki-client on console-ams.rpki-client.org