Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/sOHHypDhWlphEQthUjaVMfnt8i8.roa
File: sOHHypDhWlphEQthUjaVMfnt8i8.roa (raw, json)
Hash identifier: X+T2+E3WgylnAEw5lQAdrW6fdKUYNivaGKGyOLHlVm0=
Subject key identifier: B0:E1:C7:CA:90:E1:5A:5A:61:11:0B:61:52:36:95:31:F9:ED:F2:2F
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 018ECAC51F75EFD96A3DB330EEAFEAECE623
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/sOHHypDhWlphEQthUjaVMfnt8i8.roa
Signing time: Thu 11 Apr 2024 01:28:20 +0000
ROA not before: Thu 11 Apr 2024 01:28:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13379
IP address blocks: 157.23.251.0/24 maxlen: 24
157.23.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ca:c5:1f:75:ef:d9:6a:3d:b3:30:ee:af:ea:ec:e6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Apr 11 01:28:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0e1c7ca90e15a5a61110b6152369531f9edf22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:96:90:33:c8:8c:46:6e:7e:86:dc:97:6d:28:
e9:eb:47:23:92:fd:70:dd:b8:1e:7f:45:99:b5:6a:
ce:0c:06:c9:cf:d2:93:d4:51:ca:af:4b:d5:d9:45:
59:4d:9f:d0:bb:09:21:12:b1:d4:8f:4e:a6:05:74:
46:0d:c7:71:c3:29:cc:dd:26:d4:c5:91:60:b4:56:
8f:ba:63:a7:8f:3f:b1:73:34:9a:59:84:6c:0b:8a:
c4:c1:99:f9:ad:c8:17:d0:1d:ab:d9:ae:fb:56:56:
3c:43:23:7a:73:55:3f:43:7b:72:59:1f:63:ea:db:
a3:0b:b6:75:0d:7c:66:af:1a:bf:ae:5b:52:6a:d1:
9e:90:c2:db:1a:5e:4d:cb:e9:21:e9:2e:83:6c:1c:
b7:9e:78:e1:3a:fd:d6:fd:2d:62:62:39:24:63:9a:
5f:0f:4b:0b:38:df:42:72:be:6c:e0:dd:97:f0:ac:
e0:b9:ed:96:cc:71:b6:90:bf:2b:bd:39:c6:13:cd:
57:2a:fd:70:45:4a:ea:3f:4b:92:9e:fa:f5:2c:74:
e1:19:96:9d:5f:d8:d4:71:e3:ab:9f:16:87:c6:2a:
7d:41:cb:9a:37:ec:04:4f:d0:5a:e8:ce:e5:e8:13:
6a:35:30:d2:f6:21:79:d7:dd:9c:a2:31:0c:f5:2c:
96:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E1:C7:CA:90:E1:5A:5A:61:11:0B:61:52:36:95:31:F9:ED:F2:2F
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/sOHHypDhWlphEQthUjaVMfnt8i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.251.0/24
157.23.253.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d0:6a:46:a3:05:7d:fb:79:51:f4:c1:b4:d2:84:dd:bc:8c:
2a:49:48:a7:27:b7:c2:5f:35:51:d2:21:39:32:7c:93:62:70:
af:05:0d:7c:87:20:22:f1:b8:6c:86:0b:e6:44:07:6e:ea:db:
6b:af:3e:12:89:03:2b:19:4f:e9:a5:d0:b1:38:6f:ba:b0:be:
b1:13:60:07:0b:6a:78:c1:f5:d1:a4:51:a5:0f:a7:e2:74:51:
cf:f7:f4:71:42:02:51:83:74:48:60:78:5d:f7:05:8c:60:0f:
b6:e9:04:9c:cb:5b:5e:e9:e4:4e:c6:4c:0d:50:4d:8d:14:a6:
5f:ca:20:40:c4:75:39:2d:a0:b8:1f:5c:40:84:63:16:ef:18:
50:f8:3d:00:d7:4a:54:de:7a:49:36:6a:da:e9:2f:8d:3c:59:
7a:82:1d:29:77:f8:dc:a3:70:39:7b:a4:7d:64:c4:2b:a4:ee:
2a:ab:17:8d:83:81:12:bb:f3:af:d0:36:3b:c4:d9:e4:3c:5a:
6c:aa:1a:28:2c:bb:82:4f:8c:f9:c7:8b:65:51:e9:a9:ed:16:
e5:11:09:8c:ba:ff:00:9e:ef:f9:fa:0c:37:b7:2e:80:66:00:
20:2a:be:c4:d9:21:c4:37:85:7b:49:37:28:f5:ee:9c:28:96:
2e:2d:4d:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7KxR9179lqPbMw7q/q7OYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjQwNDExMDEyODIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUxYzdjYTkwZTE1YTVhNjExMTBiNjE1MjM2OTUzMWY5ZWRmMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJaQM8iMRm5+htyXbSjp60cjkv1w
3bgef0WZtWrODAbJz9KT1FHKr0vV2UVZTZ/QuwkhErHUj06mBXRGDcdxwynM3SbU
xZFgtFaPumOnjz+xczSaWYRsC4rEwZn5rcgX0B2r2a77VlY8QyN6c1U/Q3tyWR9j
6tujC7Z1DXxmrxq/rltSatGekMLbGl5Ny+kh6S6DbBy3nnjhOv3W/S1iYjkkY5pf
D0sLON9Ccr5s4N2X8Kzgue2WzHG2kL8rvTnGE81XKv1wRUrqP0uSnvr1LHThGZad
X9jUceOrnxaHxip9QcuaN+wET9Ba6M7l6BNqNTDS9iF5192cojEM9SyWxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLDhx8qQ4VpaYRELYVI2lTH57fIvMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvc09ISHlwRGhXbHBoRVF0aFVqYVZNZm50OGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnRf7AwQA
nRf9MA0GCSqGSIb3DQEBCwUAA4IBAQAy0GpGowV9+3lR9MG00oTdvIwqSUinJ7fC
XzVR0iE5MnyTYnCvBQ18hyAi8bhshgvmRAdu6ttrrz4SiQMrGU/ppdCxOG+6sL6x
E2AHC2p4wfXRpFGlD6fidFHP9/RxQgJRg3RIYHhd9wWMYA+26QScy1te6eROxkwN
UE2NFKZfyiBAxHU5LaC4H1xAhGMW7xhQ+D0A10pU3npJNmra6S+NPFl6gh0pd/jc
o3A5e6R9ZMQrpO4qqxeNg4ESu/Ov0DY7xNnkPFpsqhooLLuCT4z5x4tlUemp7Rbl
EQmMuv8Anu/5+gw3ty6AZgAgKr7E2SHEN4V7STco9e6cKJYuLU2s
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:27 2024 by rpki-client on console-ams.rpki-client.org