Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/v3EjINEDvjCAhvhNMCFGP1viSuk.roa
File: v3EjINEDvjCAhvhNMCFGP1viSuk.roa (raw, json)
Hash identifier: XsvQoytKBJGsM74w2W+VUGCC3GAa450Hgmi2091D/g8=
Subject key identifier: BF:71:23:20:D1:03:BE:30:80:86:F8:4D:30:21:46:3F:5B:E2:4A:E9
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 018CC64ADAF31658295276F50A56B18C028D
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/v3EjINEDvjCAhvhNMCFGP1viSuk.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11251
IP address blocks: 157.23.224.0/20 maxlen: 24
2a0e:bbc0:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:da:f3:16:58:29:52:76:f5:0a:56:b1:8c:02:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf712320d103be308086f84d3021463f5be24ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:82:96:5a:83:18:eb:a1:c6:88:ba:78:44:eb:
05:48:3b:da:55:87:14:7b:72:9e:99:ea:e5:fe:29:
07:8f:06:d2:25:ee:ba:f8:60:02:1d:00:ec:7e:f4:
4f:bb:37:47:a8:f1:c7:f0:69:4c:b1:37:16:3c:bf:
b4:76:86:8b:e4:35:b2:d7:7a:ec:bd:2f:c1:18:16:
89:e4:9c:e1:24:45:bd:7f:90:3c:0b:26:b9:40:6c:
29:c8:69:7a:fc:99:a1:17:70:ac:16:41:d8:5b:86:
fe:d6:55:6c:7c:84:07:bb:89:2e:4c:95:e8:8b:e8:
14:2e:a7:6a:84:a5:61:fe:95:55:1c:36:ba:5f:be:
ed:21:16:d3:e7:a6:3b:39:7b:76:63:e5:e6:25:c7:
ee:e0:b4:94:fc:6a:6e:a2:a8:e9:d7:fe:16:a8:aa:
81:74:17:83:57:0e:64:b0:89:3b:56:3a:98:61:5d:
ca:b1:b0:de:48:8f:c2:6a:53:90:57:ed:26:21:d9:
a7:b6:59:f0:e0:15:13:b1:db:58:05:62:d0:dc:52:
3b:64:53:3b:1c:35:68:47:d0:e1:16:e3:f4:7e:db:
e7:ac:e6:c3:c0:71:70:05:d3:73:11:c6:09:71:6d:
b4:de:26:a3:48:11:e6:07:54:fc:14:ce:08:f3:1f:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:71:23:20:D1:03:BE:30:80:86:F8:4D:30:21:46:3F:5B:E2:4A:E9
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/v3EjINEDvjCAhvhNMCFGP1viSuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.224.0/20
IPv6:
2a0e:bbc0:8000::/40
Signature Algorithm: sha256WithRSAEncryption
15:41:b0:fe:e0:e8:c5:e7:94:d9:37:a3:56:c4:cf:8c:05:17:
b9:d2:68:98:3e:34:d6:05:f1:34:4a:05:0e:ff:aa:6e:3c:4a:
d0:d9:a2:9d:c3:b8:d8:34:a6:bb:0f:8c:97:9f:06:6d:8d:08:
43:2f:ae:bf:52:8c:99:ab:7d:af:88:85:e7:13:5c:4d:ef:32:
47:77:d2:11:7a:73:01:8d:b2:3e:f8:26:22:8e:fc:13:12:ca:
e6:91:66:97:3a:03:62:64:16:35:9a:5f:34:6a:43:b8:c5:06:
0d:35:fe:f3:5f:27:1f:ea:89:59:db:aa:57:89:17:93:61:72:
fe:b0:2b:61:06:f9:c1:42:71:c1:a3:aa:47:be:04:b9:46:e3:
01:25:fa:ef:6a:43:11:74:77:74:93:b3:35:e2:0e:69:98:0b:
26:77:c0:5d:76:91:58:7f:2e:f7:df:b0:b8:39:9a:70:b5:21:
33:e0:f8:f3:62:93:71:5b:c0:af:5c:b8:0b:dc:64:17:58:a4:
3d:1f:0e:1a:75:e4:6c:9d:f1:ab:92:e2:95:83:db:46:14:92:
05:16:7e:83:a3:fe:d1:23:75:63:9d:fe:37:19:d7:ee:8b:09:
21:a6:3b:24:74:34:17:a5:ca:c0:14:f0:cb:22:6b:b6:18:06:
88:a6:82:6b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzGStrzFlgpUnb1ClaxjAKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjcxMjMyMGQxMDNiZTMwODA4NmY4NGQzMDIxNDYzZjViZTI0YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIKWWoMY66HGiLp4ROsFSDvaVYcU
e3Kemerl/ikHjwbSJe66+GACHQDsfvRPuzdHqPHH8GlMsTcWPL+0doaL5DWy13rs
vS/BGBaJ5JzhJEW9f5A8Cya5QGwpyGl6/JmhF3CsFkHYW4b+1lVsfIQHu4kuTJXo
i+gULqdqhKVh/pVVHDa6X77tIRbT56Y7OXt2Y+XmJcfu4LSU/Gpuoqjp1/4WqKqB
dBeDVw5ksIk7VjqYYV3KsbDeSI/CalOQV+0mIdmntlnw4BUTsdtYBWLQ3FI7ZFM7
HDVoR9DhFuP0ftvnrObDwHFwBdNzEcYJcW203iajSBHmB1T8FM4I8x/PSQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFL9xIyDRA74wgIb4TTAhRj9b4krpMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvdjNFaklORUR2akNBaHZoTk1DRkdQMXZpU3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEnRfgMA4E
AgACMAgDBgAqDrvAgDANBgkqhkiG9w0BAQsFAAOCAQEAFUGw/uDoxeeU2TejVsTP
jAUXudJomD401gXxNEoFDv+qbjxK0NmincO42DSmuw+Ml58GbY0IQy+uv1KMmat9
r4iF5xNcTe8yR3fSEXpzAY2yPvgmIo78ExLK5pFmlzoDYmQWNZpfNGpDuMUGDTX+
818nH+qJWduqV4kXk2Fy/rArYQb5wUJxwaOqR74EuUbjASX672pDEXR3dJOzNeIO
aZgLJnfAXXaRWH8u99+wuDmacLUhM+D482KTcVvAr1y4C9xkF1ikPR8OGnXkbJ3x
q5LilYPbRhSSBRZ+g6P+0SN1Y53+NxnX7osJIaY7JHQ0F6XKwBTwyyJrthgGiKaC
aw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:03:05 2024 by rpki-client on console-ams.rpki-client.org