Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/2SeacaYCbyOdoaBo7NWXb3rifls.roa
File: 2SeacaYCbyOdoaBo7NWXb3rifls.roa (raw, json)
Hash identifier: CN5+HNCslEvhvehYSDUvqSpzEp3Y7Bl8uLaEhQiHJz8=
Subject key identifier: D9:27:9A:71:A6:02:6F:23:9D:A1:A0:68:EC:D5:97:6F:7A:E2:7E:5B
Certificate issuer: /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial: 018CC7953F0D53B9DADC7B045CEE2B21886E
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/2SeacaYCbyOdoaBo7NWXb3rifls.roa
Signing time: Tue 02 Jan 2024 00:31:36 +0000
ROA not before: Tue 02 Jan 2024 00:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 146.133.124.0/24 maxlen: 24
146.133.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3f:0d:53:b9:da:dc:7b:04:5c:ee:2b:21:88:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Validity
Not Before: Jan 2 00:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9279a71a6026f239da1a068ecd5976f7ae27e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:4f:a9:4b:fe:56:8d:ff:7a:7b:02:38:4e:
f9:ef:2d:aa:e3:6c:47:6b:75:bf:fe:98:9e:e8:31:
b8:db:3a:a4:7f:3b:61:89:fb:93:74:33:77:31:c4:
9f:fe:05:fc:27:22:8d:08:88:22:74:7f:66:2a:c3:
c4:9c:c4:85:95:3d:cd:5d:04:c1:3b:cb:2c:69:04:
a1:23:fc:f3:10:fb:06:ea:24:db:4d:04:81:9e:f7:
27:5d:9d:40:13:af:ad:d1:af:9b:be:1b:c1:52:29:
96:60:f1:d3:ef:ae:ea:f4:51:45:8d:be:48:18:18:
d9:94:c3:3f:9a:af:5f:5c:7a:77:99:79:f5:c5:22:
a3:72:8e:36:1a:1d:fc:91:94:43:5c:61:eb:85:d8:
53:10:5e:30:ce:3d:04:f7:b1:37:ba:ae:b4:70:d7:
c7:b1:6a:82:28:53:35:df:0c:4b:41:76:06:5e:b4:
b5:ce:4f:22:6f:b4:2f:61:03:fe:e0:23:90:5d:79:
de:02:44:55:c7:0f:60:64:4d:de:fb:3f:a8:bb:79:
ae:30:ad:9f:ae:57:e5:9c:fc:f8:63:f3:ff:22:0f:
45:9e:2e:86:fa:1a:3d:c8:40:45:ee:1c:cb:e1:fe:
78:65:17:86:0c:49:5d:82:92:d4:0c:e3:a2:11:24:
37:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:27:9A:71:A6:02:6F:23:9D:A1:A0:68:EC:D5:97:6F:7A:E2:7E:5B
X509v3 Authority Key Identifier:
keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/2SeacaYCbyOdoaBo7NWXb3rifls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.133.124.0/24
146.133.127.0/24
Signature Algorithm: sha256WithRSAEncryption
24:99:c6:1f:95:73:36:83:88:6c:b3:f1:fd:85:ac:13:bd:32:
4e:a4:75:a0:b6:c8:48:20:bc:e4:52:99:2b:33:c2:64:4e:52:
30:37:65:53:c6:4e:3a:1e:7d:f6:95:06:2d:ff:13:f7:61:ee:
22:23:79:55:1f:4a:9e:cb:39:a6:87:c9:ea:80:21:21:f5:43:
7b:79:fc:11:65:4d:42:8b:94:e9:63:e1:ba:4b:ae:39:7e:40:
77:2f:f7:11:b4:a5:ef:42:44:09:59:38:a2:c0:17:aa:41:8a:
0c:ec:ff:94:42:6b:72:04:11:41:a0:7e:a7:66:ae:6a:9d:6f:
12:ef:75:77:b4:72:96:d7:10:98:55:82:6a:f8:6d:d4:fa:9a:
41:ea:6d:e6:87:b1:d6:74:1c:04:69:b3:42:3a:54:48:c6:86:
57:03:a8:9d:02:91:d9:30:ff:54:43:ee:46:a5:08:a3:6b:f5:
0f:10:8b:44:3c:0b:53:c1:aa:4c:cf:88:8d:ab:d8:e8:6e:ee:
ad:63:96:b1:48:c0:d9:c8:bc:eb:d5:b2:bc:88:49:33:82:04:
2c:d1:aa:96:ab:b8:c3:b8:5d:3e:1b:8e:4b:f1:bb:50:a9:4a:
c8:05:d7:08:99:ce:d4:c6:57:05:4a:30:ff:f2:f9:96:6a:2c:
23:7e:bc:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlT8NU7na3HsEXO4rIYhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODIyZDQ1OTdlNTQ5M2QxNTE3OGJmYjEwZTY4NDFkZDE3
ZTU4OTcwHhcNMjQwMTAyMDAzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI3OWE3MWE2MDI2ZjIzOWRhMWEwNjhlY2Q1OTc2ZjdhZTI3ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrVPqUv+Vo3/ensCOE757y2q42xH
a3W//pie6DG42zqkfzthifuTdDN3McSf/gX8JyKNCIgidH9mKsPEnMSFlT3NXQTB
O8ssaQShI/zzEPsG6iTbTQSBnvcnXZ1AE6+t0a+bvhvBUimWYPHT767q9FFFjb5I
GBjZlMM/mq9fXHp3mXn1xSKjco42Gh38kZRDXGHrhdhTEF4wzj0E97E3uq60cNfH
sWqCKFM13wxLQXYGXrS1zk8ib7QvYQP+4COQXXneAkRVxw9gZE3e+z+ou3muMK2f
rlflnPz4Y/P/Ig9Fni6G+ho9yEBF7hzL4f54ZReGDEldgpLUDOOiESQ3cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNknmnGmAm8jnaGgaOzVl2964n5bMB8GA1UdIwQY
MBaAFPeCLUWX5Uk9FReL+xDmhB3RfliXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYt
ODYyZTk5OTczZmMzLzEvMlNlYWNhWUNieU9kb2FCbzdOV1hiM3JpZmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYtODYyZTk5OTczZmMz
LzEvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkoV8AwQA
koV/MA0GCSqGSIb3DQEBCwUAA4IBAQAkmcYflXM2g4hss/H9hawTvTJOpHWgtshI
ILzkUpkrM8JkTlIwN2VTxk46Hn32lQYt/xP3Ye4iI3lVH0qeyzmmh8nqgCEh9UN7
efwRZU1Ci5TpY+G6S645fkB3L/cRtKXvQkQJWTiiwBeqQYoM7P+UQmtyBBFBoH6n
Zq5qnW8S73V3tHKW1xCYVYJq+G3U+ppB6m3mh7HWdBwEabNCOlRIxoZXA6idApHZ
MP9UQ+5GpQija/UPEItEPAtTwapMz4iNq9jobu6tY5axSMDZyLzr1bK8iEkzggQs
0aqWq7jDuF0+G45L8btQqUrIBdcImc7UxlcFSjD/8vmWaiwjfryr
-----END CERTIFICATE-----
Generated at Wed May 1 21:55:53 2024 by rpki-client on console-ams.rpki-client.org