Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/Mq1kVRdCgqeSxKzKnCDdHQU1FW0.roa
File: Mq1kVRdCgqeSxKzKnCDdHQU1FW0.roa (raw, json)
Hash identifier: APYl5k3NS/+96Z60M9SmSU4weSXVpb1ZJIHzgfVxEeU=
Subject key identifier: 32:AD:64:55:17:42:82:A7:92:C4:AC:CA:9C:20:DD:1D:05:35:15:6D
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 018CC64ADDFF95BFA5F5E5931FDF02519795
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/Mq1kVRdCgqeSxKzKnCDdHQU1FW0.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398849
IP address blocks: 157.23.224.0/20 maxlen: 24
2a0e:bbc0:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:dd:ff:95:bf:a5:f5:e5:93:1f:df:02:51:97:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32ad6455174282a792c4acca9c20dd1d0535156d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3a:75:50:c3:da:4d:b3:de:df:5f:dd:39:cd:
90:fa:ef:87:48:9b:00:64:ed:28:59:73:fe:80:c0:
f3:62:be:df:23:c8:eb:2c:47:59:f7:30:e6:2f:ab:
8d:cd:61:23:f1:47:19:94:3b:e1:c4:4f:ca:36:54:
c5:89:ab:d6:1e:70:84:c2:18:e1:57:d5:77:6b:08:
d7:cf:7b:db:54:41:1e:e7:0b:2b:ba:b1:1e:99:56:
70:0a:16:f5:d6:a0:ef:39:7f:43:4d:ee:24:c1:3b:
b2:ee:02:88:37:d0:ca:84:a5:88:1c:7f:01:c7:3c:
cd:4d:cc:82:a5:d6:c8:54:86:30:f5:cb:4b:c0:41:
fe:ee:f0:7c:89:a7:06:ba:4d:16:5e:50:7d:81:4b:
c8:71:a0:85:db:fd:a1:f4:92:cf:c0:f6:92:02:90:
31:7d:e5:9b:12:06:7e:6f:da:07:de:8d:00:57:46:
f1:50:41:64:20:82:c7:b5:bf:e2:8d:97:41:f1:66:
24:df:b5:23:67:2b:a2:35:a0:27:f6:d7:f7:31:66:
07:3a:36:07:d3:18:41:73:3e:48:4a:7d:3d:c9:7d:
e3:dc:ff:1b:89:b4:d7:99:ad:44:88:0e:2d:ff:a4:
75:3d:bd:e7:08:94:e9:99:18:f0:24:bd:0f:a5:4e:
a2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AD:64:55:17:42:82:A7:92:C4:AC:CA:9C:20:DD:1D:05:35:15:6D
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/Mq1kVRdCgqeSxKzKnCDdHQU1FW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.224.0/20
IPv6:
2a0e:bbc0:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:f0:94:2d:40:a6:f9:a8:7c:7e:27:89:47:65:d4:e5:e6:2a:
c7:2b:92:1a:fd:54:1a:e8:0f:e1:07:cc:ce:eb:50:9d:0c:28:
00:0b:67:0f:0f:07:08:f9:33:29:66:dd:88:58:ec:cd:b3:0c:
62:34:7d:73:a1:4a:7c:60:d7:08:be:15:9c:da:4a:f2:42:d3:
19:05:3d:08:59:86:a5:1e:06:68:23:b7:6b:c2:3e:0d:1b:20:
2a:05:5f:d2:26:4a:51:8a:10:ce:25:87:21:bf:af:d4:34:04:
46:23:ce:f3:d8:7a:38:2d:9c:ec:ec:76:ce:38:04:dc:29:2b:
56:b1:55:72:cf:d1:90:47:73:5a:7a:22:ae:93:e6:bd:35:7e:
2a:d3:92:cb:de:b2:19:5c:53:d5:99:c9:dc:10:52:d5:cb:d6:
b8:cd:09:8a:5e:a0:5b:8c:f5:a6:cc:de:55:85:f4:20:4a:82:
6a:01:f8:86:03:65:91:bd:7b:e1:41:80:f5:e6:e2:84:45:b6:
df:65:0b:e4:39:38:97:8d:17:12:71:6c:8d:3a:3c:cf:8c:6e:
c3:94:c2:16:c9:f2:1c:4f:23:8e:72:c2:d5:52:af:4e:5b:8d:
e6:d3:dd:5a:58:ac:4c:c6:9f:34:6a:f7:3e:98:e0:b6:73:b7:
57:4b:5b:03
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzGSt3/lb+l9eWTH98CUZeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFkNjQ1NTE3NDI4MmE3OTJjNGFjY2E5YzIwZGQxZDA1MzUxNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTp1UMPaTbPe31/dOc2Q+u+HSJsA
ZO0oWXP+gMDzYr7fI8jrLEdZ9zDmL6uNzWEj8UcZlDvhxE/KNlTFiavWHnCEwhjh
V9V3awjXz3vbVEEe5wsrurEemVZwChb11qDvOX9DTe4kwTuy7gKIN9DKhKWIHH8B
xzzNTcyCpdbIVIYw9ctLwEH+7vB8iacGuk0WXlB9gUvIcaCF2/2h9JLPwPaSApAx
feWbEgZ+b9oH3o0AV0bxUEFkIILHtb/ijZdB8WYk37UjZyuiNaAn9tf3MWYHOjYH
0xhBcz5ISn09yX3j3P8bibTXma1EiA4t/6R1Pb3nCJTpmRjwJL0PpU6ikwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDKtZFUXQoKnksSsypwg3R0FNRVtMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvTXExa1ZSZENncWVTeEt6S25DRGRIUVUxRlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEnRfgMA4E
AgACMAgDBgAqDrvAgDANBgkqhkiG9w0BAQsFAAOCAQEAXfCULUCm+ah8fieJR2XU
5eYqxyuSGv1UGugP4QfMzutQnQwoAAtnDw8HCPkzKWbdiFjszbMMYjR9c6FKfGDX
CL4VnNpK8kLTGQU9CFmGpR4GaCO3a8I+DRsgKgVf0iZKUYoQziWHIb+v1DQERiPO
89h6OC2c7Ox2zjgE3CkrVrFVcs/RkEdzWnoirpPmvTV+KtOSy96yGVxT1ZnJ3BBS
1cvWuM0Jil6gW4z1pszeVYX0IEqCagH4hgNlkb174UGA9ebihEW232UL5Dk4l40X
EnFsjTo8z4xuw5TCFsnyHE8jjnLC1VKvTluN5tPdWlisTMafNGr3PpjgtnO3V0tb
Aw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:27 2024 by rpki-client on console-ams.rpki-client.org