Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/veKEw0q02-4qT5lwjHcuNZs-k3U.roa
File: veKEw0q02-4qT5lwjHcuNZs-k3U.roa (raw, json)
Hash identifier: B5/bhjNjuqw05qnr69fFtLiEJ5aE5g+0WlY99zl1atk=
Subject key identifier: BD:E2:84:C3:4A:B4:DB:EE:2A:4F:99:70:8C:77:2E:35:9B:3E:93:75
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 018CC64ADD97ABA5058DBC0BFBD815C9E68E
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/veKEw0q02-4qT5lwjHcuNZs-k3U.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46557
IP address blocks: 157.23.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:dd:97:ab:a5:05:8d:bc:0b:fb:d8:15:c9:e6:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bde284c34ab4dbee2a4f99708c772e359b3e9375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:55:cb:32:94:e1:08:6d:ba:b2:c6:a9:17:1e:
29:7c:3c:d0:f2:df:88:bc:c8:ad:3b:94:5c:42:f2:
ef:e0:31:98:33:c8:b8:2a:eb:22:ff:0b:7a:55:fb:
79:c2:88:bf:50:ee:3e:f1:af:fc:2e:7e:b3:57:f5:
1f:66:a7:1c:ef:a3:17:1d:89:e6:6e:cb:c9:34:72:
e8:c3:d5:de:aa:a0:3d:d8:b7:85:fc:0e:6e:25:d4:
12:6f:46:8e:39:e9:83:8d:6d:d3:c3:f4:25:aa:24:
28:ac:57:e3:bc:e1:cb:6a:95:92:8a:11:73:1b:82:
a0:94:1b:09:26:37:6b:e4:6b:f9:6c:b7:38:0f:0d:
a8:96:cb:14:06:65:0b:21:b6:a9:b5:9e:5e:d4:4a:
7f:03:a3:33:16:ec:91:48:a2:93:f4:45:8e:10:52:
8f:0e:b5:01:2c:e7:1e:98:54:11:fd:c5:d6:e0:13:
ac:f5:b3:6c:aa:dc:67:13:1e:9b:d7:1a:8e:34:59:
14:ff:c2:29:68:21:df:f3:4d:37:ec:8d:ef:ae:56:
f6:06:52:3b:f3:ea:40:09:6e:a8:1f:95:7a:85:0c:
52:6e:b0:a2:c2:38:45:7c:e2:11:38:81:dd:8e:01:
63:2b:a1:88:27:91:4b:9c:ab:1d:01:a5:2e:57:6a:
75:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E2:84:C3:4A:B4:DB:EE:2A:4F:99:70:8C:77:2E:35:9B:3E:93:75
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/veKEw0q02-4qT5lwjHcuNZs-k3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:5d:40:e8:6f:24:53:19:9e:a5:47:c1:05:1a:ea:df:57:93:
de:71:cf:14:a8:d5:5f:f5:b5:2a:a7:26:2f:41:9b:e9:73:09:
17:ed:1c:30:a7:e2:01:f1:e3:ec:eb:c2:9d:ba:6d:3a:e9:d9:
a4:11:6c:45:2c:3e:22:ab:d0:7e:5a:4c:89:2c:38:72:2c:22:
ff:4a:95:6c:00:3e:3c:0c:e0:d0:d7:cf:a7:53:3a:25:73:b4:
19:e9:b8:80:4f:50:a7:85:ab:8c:33:07:76:81:36:03:42:41:
9f:37:ae:30:e5:62:ea:7c:94:d9:2e:6c:40:33:59:fc:ab:69:
89:86:d7:56:24:aa:c9:91:ed:7f:72:e0:9b:6d:60:5b:c9:41:
41:63:56:68:d3:c8:bb:5a:4a:ed:5d:3f:43:61:1a:51:a5:d7:
9b:42:b1:fb:4a:73:be:0e:6a:91:98:3e:fd:90:5b:1f:17:fa:
e0:0a:a7:e0:b2:a3:d0:36:aa:21:a4:4a:27:37:63:bf:4a:f1:
05:d8:99:d4:85:93:26:bb:e5:44:42:98:f0:8a:14:9a:1f:c7:
61:56:13:b3:05:99:1c:60:f4:ec:eb:d9:6d:38:9a:93:7c:73:
d5:75:57:87:9a:b6:ce:96:db:57:08:88:db:10:c2:7b:8f:63:
81:bc:43:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSt2Xq6UFjbwL+9gVyeaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGUyODRjMzRhYjRkYmVlMmE0Zjk5NzA4Yzc3MmUzNTliM2U5Mzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlXLMpThCG26ssapFx4pfDzQ8t+I
vMitO5RcQvLv4DGYM8i4Kusi/wt6Vft5woi/UO4+8a/8Ln6zV/UfZqcc76MXHYnm
bsvJNHLow9XeqqA92LeF/A5uJdQSb0aOOemDjW3Tw/QlqiQorFfjvOHLapWSihFz
G4KglBsJJjdr5Gv5bLc4Dw2olssUBmULIbaptZ5e1Ep/A6MzFuyRSKKT9EWOEFKP
DrUBLOcemFQR/cXW4BOs9bNsqtxnEx6b1xqONFkU/8IpaCHf80037I3vrlb2BlI7
8+pACW6oH5V6hQxSbrCiwjhFfOIROIHdjgFjK6GIJ5FLnKsdAaUuV2p1twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3ihMNKtNvuKk+ZcIx3LjWbPpN1MB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvdmVLRXcwcTAyLTRxVDVsd2pIY3VOWnMtazNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRf6MA0G
CSqGSIb3DQEBCwUAA4IBAQCpXUDobyRTGZ6lR8EFGurfV5Pecc8UqNVf9bUqpyYv
QZvpcwkX7Rwwp+IB8ePs68Kdum066dmkEWxFLD4iq9B+WkyJLDhyLCL/SpVsAD48
DODQ18+nUzolc7QZ6biAT1CnhauMMwd2gTYDQkGfN64w5WLqfJTZLmxAM1n8q2mJ
htdWJKrJke1/cuCbbWBbyUFBY1Zo08i7WkrtXT9DYRpRpdebQrH7SnO+DmqRmD79
kFsfF/rgCqfgsqPQNqohpEonN2O/SvEF2JnUhZMmu+VEQpjwihSaH8dhVhOzBZkc
YPTs69ltOJqTfHPVdVeHmrbOlttXCIjbEMJ7j2OBvEPA
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:07:12 2024 by rpki-client on console-fra.rpki-client.org