Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/SvNwP0_xoK4s-S62kuyzj6zvNVg.roa
File: SvNwP0_xoK4s-S62kuyzj6zvNVg.roa (raw, json)
Hash identifier: Qd4OUEos5fBvVmMe6Cy8jL5H4XdEoi8J5GMpJ8yKD8s=
Subject key identifier: 4A:F3:70:3F:4F:F1:A0:AE:2C:F9:2E:B6:92:EC:B3:8F:AC:EF:35:58
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 01929FD43320B46A9F3B75205E6AC94C99E4
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/SvNwP0_xoK4s-S62kuyzj6zvNVg.roa
Signing time: Fri 18 Oct 2024 13:32:17 +0000
ROA not before: Fri 18 Oct 2024 13:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 143.196.0.0/24 maxlen: 24
143.196.1.0/24 maxlen: 24
143.196.16.0/24 maxlen: 24
143.196.17.0/24 maxlen: 24
143.196.18.0/24 maxlen: 24
143.196.20.0/24 maxlen: 24
143.196.21.0/24 maxlen: 24
143.196.124.0/24 maxlen: 24
143.196.125.0/24 maxlen: 24
143.196.126.0/24 maxlen: 24
143.196.127.0/24 maxlen: 24
143.196.130.0/24 maxlen: 24
143.196.143.0/24 maxlen: 24
143.196.144.0/24 maxlen: 24
143.196.157.0/24 maxlen: 24
143.196.158.0/24 maxlen: 24
143.196.159.0/24 maxlen: 24
143.196.160.0/24 maxlen: 24
143.196.161.0/24 maxlen: 24
143.196.162.0/24 maxlen: 24
143.196.163.0/24 maxlen: 24
143.196.164.0/24 maxlen: 24
143.196.165.0/24 maxlen: 24
143.196.166.0/24 maxlen: 24
143.196.167.0/24 maxlen: 24
143.196.250.0/24 maxlen: 24
143.196.252.0/24 maxlen: 24
143.196.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:d4:33:20:b4:6a:9f:3b:75:20:5e:6a:c9:4c:99:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Oct 18 13:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4af3703f4ff1a0ae2cf92eb692ecb38facef3558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:31:9b:7b:5e:f7:b2:f9:6c:6f:22:f9:00:
46:1c:5e:11:4b:7d:a0:71:1a:0d:0a:fb:7b:8c:43:
3f:65:6c:a7:06:76:d8:b1:c9:f9:2d:bc:be:48:36:
e7:be:74:07:6d:1b:5a:7f:cb:4e:65:b1:7f:81:0e:
ac:ff:29:14:f0:c7:1c:41:09:5e:8d:54:81:3d:ea:
51:da:cd:7c:64:9d:bd:5a:64:e1:0d:7f:68:1d:d8:
18:83:97:fb:56:57:ce:a8:15:e2:90:7a:f1:d9:7f:
0d:89:ec:1d:c6:ea:13:2b:0f:12:63:bb:9d:20:b2:
a1:62:c5:c0:db:b8:5b:6b:90:62:3d:bf:7e:4b:22:
c5:95:8b:99:65:6f:18:c6:e1:48:cb:8c:c9:c6:e4:
ff:36:56:a2:47:2e:21:f4:7d:13:6e:99:cb:a8:b3:
ff:25:dd:8c:c9:db:c9:c4:4d:3a:7e:42:fe:80:85:
ee:de:1b:e2:f7:cd:c1:e5:aa:16:6a:e0:3b:14:2e:
7c:94:8e:05:e4:e7:e3:db:29:7a:f2:7d:ac:68:13:
65:06:71:6a:54:6e:22:c4:ad:56:e2:41:79:bf:4e:
cd:06:4e:99:82:19:9d:ca:96:12:34:bb:e1:ba:8a:
ee:25:62:9e:cb:82:0e:e6:96:ed:70:b0:88:3c:78:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F3:70:3F:4F:F1:A0:AE:2C:F9:2E:B6:92:EC:B3:8F:AC:EF:35:58
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/SvNwP0_xoK4s-S62kuyzj6zvNVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.0.0/23
143.196.16.0-143.196.18.255
143.196.20.0/23
143.196.124.0/22
143.196.130.0/24
143.196.143.0-143.196.144.255
143.196.157.0-143.196.167.255
143.196.250.0/24
143.196.252.0/23
Signature Algorithm: sha256WithRSAEncryption
25:5a:a5:07:f6:15:46:cd:29:f7:32:d9:04:48:5e:f1:05:e0:
75:31:ef:e7:30:56:c2:88:1d:ba:f7:7e:ba:b9:32:f3:c6:da:
a4:a8:07:f7:af:89:be:5e:bf:90:83:24:80:06:ef:c6:5f:e3:
41:4a:69:93:81:48:1a:0f:5d:12:1b:26:9a:23:7c:ca:44:cd:
57:74:78:b4:a9:1f:b9:f6:5a:8e:a9:54:50:ee:3b:69:9b:81:
79:62:6b:b4:d4:1e:a3:c2:81:33:91:42:fd:0d:83:34:5f:1b:
57:dd:67:48:84:d7:f0:ca:28:73:a5:aa:37:c2:84:7c:e4:23:
21:1f:04:42:27:f6:d3:db:5d:bf:04:7a:d6:09:18:1e:a7:4e:
ed:f6:67:06:a8:64:e7:25:a4:8e:00:32:1c:88:dd:4a:1c:45:
ff:db:cb:46:6e:83:32:8c:1c:9c:ba:c7:a3:8e:c2:2d:93:6c:
87:99:85:d0:40:01:13:a4:61:e1:31:77:dd:16:ec:63:69:b2:
f5:a7:b6:4b:06:81:a5:6d:d9:da:8b:fe:d8:d6:4c:85:8c:61:
88:8c:6e:2d:13:78:3e:3c:81:c7:3b:63:66:7a:34:ef:be:07:
4b:2b:97:8f:15:66:5b:cf:a9:a3:86:ec:f5:79:35:17:72:6c:
dd:de:48:c3
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZKf1DMgtGqfO3UgXmrJTJnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjQxMDE4MTMzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWYzNzAzZjRmZjFhMGFlMmNmOTJlYjY5MmVjYjM4ZmFjZWYzNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOMxm3te97L5bG8i+QBGHF4RS32g
cRoNCvt7jEM/ZWynBnbYscn5Lby+SDbnvnQHbRtaf8tOZbF/gQ6s/ykU8MccQQle
jVSBPepR2s18ZJ29WmThDX9oHdgYg5f7VlfOqBXikHrx2X8NiewdxuoTKw8SY7ud
ILKhYsXA27hba5BiPb9+SyLFlYuZZW8YxuFIy4zJxuT/NlaiRy4h9H0TbpnLqLP/
Jd2MydvJxE06fkL+gIXu3hvi983B5aoWauA7FC58lI4F5Ofj2yl68n2saBNlBnFq
VG4ixK1W4kF5v07NBk6ZghmdypYSNLvhuoruJWKey4IO5pbtcLCIPHh+IwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFErzcD9P8aCuLPkutpLss4+s7zVYMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvU3ZOd1AwX3hvSzRzLVM2Mmt1eXpqNnp2TlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBj8QAMAwD
BASPxBADBACPxBIDBAGPxBQDBAKPxHwDBACPxIIwDAMEAI/EjwMEAI/EkDAMAwQA
j8SdAwQDj8SgAwQAj8T6AwQBj8T8MA0GCSqGSIb3DQEBCwUAA4IBAQAlWqUH9hVG
zSn3MtkESF7xBeB1Me/nMFbCiB269366uTLzxtqkqAf3r4m+Xr+QgySABu/GX+NB
SmmTgUgaD10SGyaaI3zKRM1XdHi0qR+59lqOqVRQ7jtpm4F5Ymu01B6jwoEzkUL9
DYM0XxtX3WdIhNfwyihzpao3woR85CMhHwRCJ/bT212/BHrWCRgep07t9mcGqGTn
JaSOADIciN1KHEX/28tGboMyjBycusejjsItk2yHmYXQQAETpGHhMXfdFuxjabL1
p7ZLBoGlbdnai/7Y1kyFjGGIjG4tE3g+PIHHO2NmejTvvgdLK5ePFWZbz6mjhuz1
eTUXcmzd3kjD
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:08 2024 by rpki-client on console-ams.rpki-client.org