Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/Am-JTOTVUfUlVjj7YWkmV1cgCcU.roa
File: Am-JTOTVUfUlVjj7YWkmV1cgCcU.roa (raw, json)
Hash identifier: vWSA3yoXKlwxZklnLvOhixkEd/mLHxgs1OO1D5BH/UE=
Subject key identifier: 02:6F:89:4C:E4:D5:51:F5:25:56:38:FB:61:69:26:57:57:20:09:C5
Certificate issuer: /CN=a49f6266f61a1eccd4dee094cc71c6db86bbb37b
Certificate serial: 018CCA2A1D701E832DF1375A8A6400DE2A94
Authority key identifier: A4:9F:62:66:F6:1A:1E:CC:D4:DE:E0:94:CC:71:C6:DB:86:BB:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/Am-JTOTVUfUlVjj7YWkmV1cgCcU.roa
Signing time: Tue 02 Jan 2024 12:33:26 +0000
ROA not before: Tue 02 Jan 2024 12:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 185.149.68.0/24 maxlen: 24
185.149.69.0/24 maxlen: 24
185.149.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/pJ9iZvYaHszU3uCUzHHG24a7s3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/pJ9iZvYaHszU3uCUzHHG24a7s3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:1d:70:1e:83:2d:f1:37:5a:8a:64:00:de:2a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49f6266f61a1eccd4dee094cc71c6db86bbb37b
Validity
Not Before: Jan 2 12:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=026f894ce4d551f5255638fb61692657572009c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:3a:49:99:09:bc:3c:31:76:78:91:57:dc:
72:b3:d0:40:a6:3f:c6:ce:0b:3f:61:9e:88:d7:02:
59:ae:0a:a9:d3:b7:bd:75:b6:04:82:1f:78:53:13:
5c:c2:86:f8:3e:38:71:c8:94:55:9d:f7:4a:93:69:
f9:d7:2f:d8:54:fa:01:6d:57:62:66:25:ce:ac:4a:
69:e8:ef:f4:49:f0:cd:40:bd:6f:c1:e1:d2:2c:1e:
4e:28:b8:21:7e:65:f9:57:29:23:00:73:00:4c:b7:
7a:92:d6:3b:b7:0b:5f:61:21:19:c0:75:28:af:f4:
1e:7d:ce:92:81:7f:06:32:18:d8:18:b1:b0:91:4c:
d7:fa:2c:0d:f3:5f:58:d5:f5:ba:9c:93:bf:e5:66:
1f:7e:4f:2a:c1:1f:b6:e2:28:71:c0:43:62:c3:8b:
7f:e6:dd:2b:2f:78:42:e2:2c:90:9a:eb:3a:b6:b4:
06:dc:5c:f4:2b:a2:71:0d:71:b7:40:3f:fa:db:ae:
4c:b3:68:72:7e:5d:02:0d:5f:6e:ab:1f:9a:a5:6d:
61:9d:49:32:23:45:0f:54:a9:d3:a4:71:8d:65:19:
27:87:a2:5f:31:b4:38:d9:7c:8e:01:fd:1c:f7:e2:
ae:2f:d8:48:47:c1:3a:bb:76:aa:cc:f2:e0:88:37:
91:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6F:89:4C:E4:D5:51:F5:25:56:38:FB:61:69:26:57:57:20:09:C5
X509v3 Authority Key Identifier:
keyid:A4:9F:62:66:F6:1A:1E:CC:D4:DE:E0:94:CC:71:C6:DB:86:BB:B3:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/Am-JTOTVUfUlVjj7YWkmV1cgCcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/pJ9iZvYaHszU3uCUzHHG24a7s3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.68.0-185.149.70.255
Signature Algorithm: sha256WithRSAEncryption
99:75:57:07:d6:f3:ae:b0:55:5c:d2:42:9c:12:81:87:8a:0c:
1d:94:7e:44:b8:e0:0d:56:8b:7c:d7:9f:84:a9:f0:c1:25:6d:
9e:0b:ce:81:1f:0a:cc:a1:1a:ba:1f:0d:c6:9c:c1:33:30:20:
70:38:f7:fc:2e:d5:37:04:39:87:a5:8d:a0:f9:06:ab:50:2c:
e8:24:a7:e9:81:ba:a3:6b:1b:6f:09:ef:69:39:08:28:f4:1b:
e1:82:ff:03:ac:1c:84:85:2f:a4:a9:fb:57:7c:eb:d5:dc:ab:
7e:d5:30:a0:7e:4c:e0:7e:60:39:51:f1:9e:c1:19:f4:ef:d3:
5b:ff:73:06:bc:72:55:ea:b5:71:a9:8e:b8:66:b9:b6:ba:65:
d0:7e:de:74:cd:01:ff:80:19:a0:21:27:0b:26:f9:74:f8:2c:
ef:5e:8f:0d:bc:ab:46:d2:77:de:bf:c5:12:54:98:8d:1d:1e:
40:e3:b5:17:bb:cc:d2:be:62:88:a8:43:63:f4:ba:bb:2b:1a:
0a:cc:de:54:41:72:67:de:9a:a3:99:14:35:c6:3b:42:d3:64:
5c:12:e4:e0:91:88:a0:c6:60:4d:0c:17:cf:79:fc:9c:11:cb:
2e:35:00:54:18:77:0b:7f:98:de:93:31:42:e4:28:e6:8c:d2:
20:8b:6f:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKh1wHoMt8TdaimQA3iqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWY2MjY2ZjYxYTFlY2NkNGRlZTA5NGNjNzFjNmRiODZi
YmIzN2IwHhcNMjQwMTAyMTIzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjZmODk0Y2U0ZDU1MWY1MjU1NjM4ZmI2MTY5MjY1NzU3MjAwOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhg6SZkJvDwxdniRV9xys9BApj/G
zgs/YZ6I1wJZrgqp07e9dbYEgh94UxNcwob4PjhxyJRVnfdKk2n51y/YVPoBbVdi
ZiXOrEpp6O/0SfDNQL1vweHSLB5OKLghfmX5VykjAHMATLd6ktY7twtfYSEZwHUo
r/Qefc6SgX8GMhjYGLGwkUzX+iwN819Y1fW6nJO/5WYffk8qwR+24ihxwENiw4t/
5t0rL3hC4iyQmus6trQG3Fz0K6JxDXG3QD/6265Ms2hyfl0CDV9uqx+apW1hnUky
I0UPVKnTpHGNZRknh6JfMbQ42XyOAf0c9+KuL9hIR8E6u3aqzPLgiDeRrwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAJviUzk1VH1JVY4+2FpJldXIAnFMB8GA1UdIwQY
MBaAFKSfYmb2Gh7M1N7glMxxxtuGu7N7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEo5aVp2WWFIc3pVM3VDVXpISEcyNGE3czNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80NzYyNTMtMjc4OC00NTE5LWJlYmEt
OThiZTMzNWYzYzU0LzEvQW0tSlRPVFZVZlVsVmpqN1lXa21WMWNnQ2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80NzYyNTMtMjc4OC00NTE5LWJlYmEtOThiZTMzNWYzYzU0
LzEvcEo5aVp2WWFIc3pVM3VDVXpISEcyNGE3czNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5lUQD
BAC5lUYwDQYJKoZIhvcNAQELBQADggEBAJl1VwfW866wVVzSQpwSgYeKDB2UfkS4
4A1Wi3zXn4Sp8MElbZ4LzoEfCsyhGrofDcacwTMwIHA49/wu1TcEOYeljaD5BqtQ
LOgkp+mBuqNrG28J72k5CCj0G+GC/wOsHISFL6Sp+1d869Xcq37VMKB+TOB+YDlR
8Z7BGfTv01v/cwa8clXqtXGpjrhmuba6ZdB+3nTNAf+AGaAhJwsm+XT4LO9ejw28
q0bSd96/xRJUmI0dHkDjtRe7zNK+YoioQ2P0ursrGgrM3lRBcmfemqOZFDXGO0LT
ZFwS5OCRiKDGYE0MF895/JwRyy41AFQYdwt/mN6TMULkKOaM0iCLb8g=
-----END CERTIFICATE-----
Generated at Mon May 6 05:59:35 2024 by rpki-client on console-ams.rpki-client.org