Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa
File: yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa (raw, json)
Hash identifier: O2ieMMZevfPhkfWCSTykHJMCow8pbjHUGymKsm0tLgk=
Subject key identifier: C8:64:26:2B:51:8D:C4:F6:7C:49:18:25:F3:3B:7A:0F:EA:36:57:7D
Certificate issuer: /CN=6f98d1f99e3833ef401d46348eec8b752088c55d
Certificate serial: 018CC79526F3782F477EBF357F0DCBA3CDEB
Authority key identifier: 6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa
Signing time: Tue 02 Jan 2024 00:31:29 +0000
ROA not before: Tue 02 Jan 2024 00:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56600
IP address blocks: 192.162.152.0/22 maxlen: 22
192.162.152.0/24 maxlen: 24
192.162.153.0/24 maxlen: 24
192.162.155.0/24 maxlen: 24
192.162.154.0/24 maxlen: 24
176.126.134.0/24 maxlen: 24
176.126.133.0/24 maxlen: 24
176.126.136.0/24 maxlen: 24
176.126.135.0/24 maxlen: 24
176.126.137.0/24 maxlen: 24
176.126.136.0/21 maxlen: 24
176.126.139.0/24 maxlen: 24
176.126.138.0/24 maxlen: 24
176.126.143.0/24 maxlen: 24
176.126.142.0/24 maxlen: 24
176.126.144.0/21 maxlen: 24
176.126.145.0/24 maxlen: 24
176.126.141.0/24 maxlen: 24
176.126.146.0/24 maxlen: 24
176.126.148.0/24 maxlen: 24
176.126.147.0/24 maxlen: 24
176.126.149.0/24 maxlen: 24
176.126.152.0/22 maxlen: 22
176.126.157.0/24 maxlen: 24
176.126.156.0/24 maxlen: 24
176.126.156.0/23 maxlen: 23
176.126.129.0/24 maxlen: 24
176.126.128.0/24 maxlen: 24
176.126.128.0/21 maxlen: 21
176.126.130.0/24 maxlen: 24
176.126.132.0/24 maxlen: 24
176.126.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:26:f3:78:2f:47:7e:bf:35:7f:0d:cb:a3:cd:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f98d1f99e3833ef401d46348eec8b752088c55d
Validity
Not Before: Jan 2 00:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c864262b518dc4f67c491825f33b7a0fea36577d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:56:dc:de:57:3a:65:73:d3:ac:90:1d:7f:a9:
ad:71:01:d7:18:b8:ec:3a:4d:11:94:87:38:52:b7:
f5:f8:4e:a7:b2:9f:bd:03:13:28:24:de:9b:9f:b2:
35:44:5e:b8:c2:26:aa:75:85:8d:92:9a:6c:c7:dd:
d6:30:00:b6:87:9f:7a:29:82:3a:bd:26:94:60:0e:
85:59:ca:78:f5:0a:22:2e:ef:d0:55:91:80:af:6d:
e0:32:c6:ec:a7:d6:26:20:b5:aa:76:d3:df:4f:e6:
c1:24:27:1c:4c:9a:ef:e4:b1:ea:ee:e3:00:46:7f:
6f:02:e3:6b:65:48:46:45:f1:2b:42:6a:d6:2d:b2:
c8:02:86:7f:a1:73:a6:46:bc:82:4a:62:ba:74:df:
27:4d:e9:99:05:79:f3:94:13:46:6b:86:15:d2:8e:
fa:ab:6e:91:16:0e:d1:f3:bb:8e:52:e4:9b:9a:6e:
b9:d3:48:2b:13:4b:07:bf:0d:f0:9f:06:21:ea:9d:
d8:88:48:aa:fa:6c:fa:0d:ad:70:7d:e6:f4:db:44:
dc:e4:df:cf:8c:49:da:63:12:7f:48:7d:b8:34:bf:
d9:c7:40:e1:69:3f:df:1c:75:48:be:8c:3b:cf:4b:
33:38:ef:8e:27:f5:d4:7c:7f:d2:48:7a:2d:bf:fe:
0a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:64:26:2B:51:8D:C4:F6:7C:49:18:25:F3:3B:7A:0F:EA:36:57:7D
X509v3 Authority Key Identifier:
keyid:6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.128.0-176.126.157.255
192.162.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:3a:9e:4d:e0:16:38:4a:ac:86:d9:c0:07:4b:00:97:f7:2e:
7b:61:ba:2a:bd:6d:ab:2d:30:00:08:13:d0:cd:90:a1:b2:57:
f1:9b:d5:cf:e7:33:cf:e7:b5:c1:75:63:37:d3:27:1b:5e:28:
d5:a6:96:e9:6d:5f:a9:1c:08:ac:92:4f:e3:c9:0d:e9:ed:d8:
1d:36:e8:88:03:3c:d6:b1:ec:38:ea:98:84:d7:36:98:36:37:
67:eb:25:a7:05:74:30:8a:5a:32:e7:ee:b7:85:f7:fa:29:8b:
1f:e9:66:17:8c:a6:52:f0:42:96:79:1f:a4:ad:df:81:08:4d:
08:85:87:e7:96:f4:82:01:6e:68:4e:49:a6:99:a3:28:6e:1f:
1f:91:1b:d1:45:f8:f9:0a:b4:40:54:af:3e:36:81:42:72:f7:
ec:51:fc:f1:e7:2b:52:f0:71:fb:3a:6a:15:70:5f:5c:d0:1a:
92:57:ab:b3:b3:1a:54:00:43:8d:bf:ca:0f:17:84:6a:e4:4c:
eb:69:10:4a:73:ca:e8:d2:4f:93:b4:4f:72:a9:d5:d4:e3:99:
cb:45:34:0a:61:d5:86:c2:09:87:2b:57:15:ea:99:6b:86:de:
5a:f4:10:39:b9:9c:8d:9d:9c:d3:b9:7e:ee:51:df:7a:09:7f:
b6:a3:80:74
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHlSbzeC9Hfr81fw3Lo83rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOThkMWY5OWUzODMzZWY0MDFkNDYzNDhlZWM4Yjc1MjA4
OGM1NWQwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY0MjYyYjUxOGRjNGY2N2M0OTE4MjVmMzNiN2EwZmVhMzY1NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVbc3lc6ZXPTrJAdf6mtcQHXGLjs
Ok0RlIc4Urf1+E6nsp+9AxMoJN6bn7I1RF64wiaqdYWNkppsx93WMAC2h596KYI6
vSaUYA6FWcp49QoiLu/QVZGAr23gMsbsp9YmILWqdtPfT+bBJCccTJrv5LHq7uMA
Rn9vAuNrZUhGRfErQmrWLbLIAoZ/oXOmRryCSmK6dN8nTemZBXnzlBNGa4YV0o76
q26RFg7R87uOUuSbmm6500grE0sHvw3wnwYh6p3YiEiq+mz6Da1wfeb020Tc5N/P
jEnaYxJ/SH24NL/Zx0DhaT/fHHVIvow7z0szOO+OJ/XUfH/SSHotv/4KuwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMhkJitRjcT2fEkYJfM7eg/qNld9MB8GA1UdIwQY
MBaAFG+Y0fmeODPvQB1GNI7si3UgiMVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYt
MDdkNGIxMTVjYzgyLzEveUdRbUsxR054UFo4U1JnbDh6dDZELW8yVjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYtMDdkNGIxMTVjYzgy
LzEvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAewfoAD
BAGwfpwDBALAopgwDQYJKoZIhvcNAQELBQADggEBAD46nk3gFjhKrIbZwAdLAJf3
Lnthuiq9bastMAAIE9DNkKGyV/Gb1c/nM8/ntcF1YzfTJxteKNWmlultX6kcCKyS
T+PJDent2B026IgDPNax7DjqmITXNpg2N2frJacFdDCKWjLn7reF9/opix/pZheM
plLwQpZ5H6St34EITQiFh+eW9IIBbmhOSaaZoyhuHx+RG9FF+PkKtEBUrz42gUJy
9+xR/PHnK1Lwcfs6ahVwX1zQGpJXq7OzGlQAQ42/yg8XhGrkTOtpEEpzyujST5O0
T3Kp1dTjmctFNAph1YbCCYcrVxXqmWuG3lr0EDm5nI2dnNO5fu5R33oJf7ajgHQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:31 2024 by rpki-client on console-ams.rpki-client.org