Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/uSU0I16PyIOyPUlQfw2w_e8AlTA.roa
File: uSU0I16PyIOyPUlQfw2w_e8AlTA.roa (raw, json)
Hash identifier: +tZxCaP36dgS6+Kwpr1uU6GHnr5uXoNDYy2CTNCqnLk=
Subject key identifier: B9:25:34:23:5E:8F:C8:83:B2:3D:49:50:7F:0D:B0:FD:EF:00:95:30
Certificate issuer: /CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Certificate serial: 01918E956C52047EDA336FC147E987D86203
Authority key identifier: DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/uSU0I16PyIOyPUlQfw2w_e8AlTA.roa
Signing time: Mon 26 Aug 2024 12:07:22 +0000
ROA not before: Mon 26 Aug 2024 12:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 138.124.185.0/24 maxlen: 24
138.124.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:95:6c:52:04:7e:da:33:6f:c1:47:e9:87:d8:62:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Validity
Not Before: Aug 26 12:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b92534235e8fc883b23d49507f0db0fdef009530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ab:ab:51:69:4d:fd:f0:e2:35:aa:6a:ea:f4:
60:40:15:3e:45:7d:7c:a6:6a:de:a4:96:5b:3d:a0:
24:0e:c7:ee:27:b6:30:f7:93:b3:32:fe:b3:16:1c:
c7:c8:10:bb:87:6a:57:c2:a1:5c:2e:6f:4d:79:2f:
09:45:32:cc:84:4f:31:6e:e5:7a:af:81:4d:e8:0a:
88:00:c8:cd:fe:49:ee:36:af:ba:03:a2:06:e5:ee:
8c:85:01:56:cf:e3:9a:ed:d6:b3:e3:b6:94:94:73:
ee:7a:2f:57:7e:5d:92:91:0a:1a:81:17:d2:cc:94:
1d:29:de:91:bd:1a:4c:fd:b4:f2:d3:24:b9:20:52:
25:00:0f:9f:c8:ab:45:69:5a:70:a2:f7:c8:5a:ad:
a2:4a:ad:ca:6f:35:86:29:87:e5:c0:6f:04:7f:57:
45:ab:aa:18:80:d6:7c:4f:74:66:ef:3b:05:65:3e:
25:2a:0d:8e:39:89:c4:b8:e3:98:4e:1a:cb:cc:81:
98:de:5a:d3:86:1e:cb:db:80:6d:2a:e6:dd:77:51:
32:5a:cb:c0:d9:fe:68:3d:01:8d:a1:fb:f3:bc:c3:
c8:81:2b:88:55:ea:32:51:32:5c:44:cf:9c:62:b3:
3f:fc:de:7e:e2:d8:ca:a9:5c:bf:43:b5:c0:67:7f:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:25:34:23:5E:8F:C8:83:B2:3D:49:50:7F:0D:B0:FD:EF:00:95:30
X509v3 Authority Key Identifier:
keyid:DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/uSU0I16PyIOyPUlQfw2w_e8AlTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.185.0-138.124.186.255
Signature Algorithm: sha256WithRSAEncryption
2d:ee:d3:01:de:25:5e:92:7a:8b:fc:d0:c5:3d:51:b6:ff:ef:
36:57:a6:e7:b2:da:0d:0c:38:d6:26:82:a1:ce:e2:b9:02:8e:
68:b8:03:d0:00:6d:5e:e8:81:fb:38:99:26:6a:7d:13:b7:2e:
90:55:f0:0e:ef:61:a7:ed:18:af:c2:07:25:80:84:12:b4:6a:
74:95:35:dc:e1:68:7a:fe:4b:d9:2f:34:00:c2:bb:65:5d:98:
54:ad:44:20:fb:05:39:f1:2b:d2:51:70:0a:ec:12:6f:a8:c3:
52:dc:7e:1f:14:5a:c9:a9:ac:35:bc:d7:ed:06:ef:fc:1e:81:
2c:c2:db:9e:01:e4:7c:a4:1d:b9:41:8b:49:cc:f5:8b:16:0b:
1b:6d:d4:d2:2d:79:9a:64:27:1b:f2:15:e0:12:85:43:2b:8a:
f9:59:04:7c:8e:a3:06:89:cb:88:ba:9c:3a:47:f5:d3:76:dd:
7f:ae:72:28:9b:33:25:70:f0:99:2b:64:91:18:8a:4b:4d:49:
e2:46:34:2d:df:3f:0d:62:d1:2e:4a:ac:3d:02:6a:72:18:23:
2a:bd:08:af:a0:92:ac:2f:79:7a:18:82:7b:32:24:35:c6:ba:
52:c2:31:da:22:99:6e:f0:59:56:04:f7:cb:c8:9b:c5:b1:b3:
19:8c:73:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGOlWxSBH7aM2/BR+mH2GIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTJhMWFjODkxMGNmNWM4NjVkZTViMDIzMWIwOWQwNGUx
MTMyZjMwHhcNMjQwODI2MTIwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTI1MzQyMzVlOGZjODgzYjIzZDQ5NTA3ZjBkYjBmZGVmMDA5NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqurUWlN/fDiNapq6vRgQBU+RX18
pmrepJZbPaAkDsfuJ7Yw95OzMv6zFhzHyBC7h2pXwqFcLm9NeS8JRTLMhE8xbuV6
r4FN6AqIAMjN/knuNq+6A6IG5e6MhQFWz+Oa7daz47aUlHPuei9Xfl2SkQoagRfS
zJQdKd6RvRpM/bTy0yS5IFIlAA+fyKtFaVpwovfIWq2iSq3KbzWGKYflwG8Ef1dF
q6oYgNZ8T3Rm7zsFZT4lKg2OOYnEuOOYThrLzIGY3lrThh7L24BtKubdd1EyWsvA
2f5oPQGNofvzvMPIgSuIVeoyUTJcRM+cYrM//N5+4tjKqVy/Q7XAZ386xwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLklNCNej8iDsj1JUH8NsP3vAJUwMB8GA1UdIwQY
MBaAFN6SoayJEM9chl3lsCMbCdBOETLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQt
NjllMzM3ODg0Y2M5LzEvdVNVMEkxNlB5SU95UFVsUWZ3MndfZThBbFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5
LzEvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACKfLkD
BACKfLowDQYJKoZIhvcNAQELBQADggEBAC3u0wHeJV6Seov80MU9Ubb/7zZXpuey
2g0MONYmgqHO4rkCjmi4A9AAbV7ogfs4mSZqfRO3LpBV8A7vYaftGK/CByWAhBK0
anSVNdzhaHr+S9kvNADCu2VdmFStRCD7BTnxK9JRcArsEm+ow1Lcfh8UWsmprDW8
1+0G7/wegSzC254B5HykHblBi0nM9YsWCxtt1NIteZpkJxvyFeAShUMrivlZBHyO
owaJy4i6nDpH9dN23X+uciibMyVw8JkrZJEYiktNSeJGNC3fPw1i0S5KrD0CanIY
Iyq9CK+gkqwveXoYgnsyJDXGulLCMdoimW7wWVYE98vIm8WxsxmMcw4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:30:38 2024 by rpki-client on console-ams.rpki-client.org