Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/rO21BT9027LL6MS6aaVRgqtVJac.roa
File: rO21BT9027LL6MS6aaVRgqtVJac.roa (raw, json)
Hash identifier: 5p7jZa9sf5CUOkoTMAncAq8qlS1DL8kbhIFjxTZKOcc=
Subject key identifier: AC:ED:B5:05:3F:74:DB:B2:CB:E8:C4:BA:69:A5:51:82:AB:55:25:A7
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018CC87131D75FF244BD1C0DD24E4F58D483
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/rO21BT9027LL6MS6aaVRgqtVJac.roa
Signing time: Tue 02 Jan 2024 04:31:50 +0000
ROA not before: Tue 02 Jan 2024 04:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60199
IP address blocks: 84.239.96.0/22 maxlen: 22
141.101.60.0/22 maxlen: 24
2a00:6900:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:31:d7:5f:f2:44:bd:1c:0d:d2:4e:4f:58:d4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 04:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acedb5053f74dbb2cbe8c4ba69a55182ab5525a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e8:fc:2f:e2:5d:e9:8d:d6:c1:44:cf:8b:aa:
22:fa:48:7d:9c:9f:17:11:a3:2a:10:01:2e:a8:5a:
f8:b6:7e:fd:06:8f:b7:05:fa:5a:28:ac:3b:78:34:
63:7a:07:da:c3:5f:be:85:93:a6:e2:c7:a1:7e:e6:
7c:41:c7:69:e4:c1:f5:a4:83:42:bf:61:a2:7c:2c:
39:94:71:02:99:79:b3:e3:27:ee:d1:02:08:44:5c:
ae:d1:3d:36:26:6a:c7:06:83:3e:4f:d2:1c:6e:c0:
b9:3d:a7:3f:87:e3:07:c6:e6:93:4f:19:8d:7d:a9:
5e:ea:ee:46:44:40:f2:ed:6c:15:4d:ea:5a:e6:b1:
c7:8e:be:9d:4c:0f:bb:08:7b:e2:e6:e5:0a:01:97:
95:ca:37:d3:f8:c4:17:d7:c0:b9:3f:4d:fc:47:26:
c3:ef:45:33:4f:61:53:ca:0d:d6:c0:68:df:df:d1:
60:7f:41:8b:9e:0f:62:07:03:a9:d5:49:f7:ae:cf:
b7:fa:f6:e5:5e:9c:40:1e:31:01:05:9f:e3:0f:7d:
30:e2:a4:e6:79:a0:fa:cb:79:52:21:9b:e9:20:2f:
4a:33:67:bf:7b:f1:90:fc:ac:77:bb:26:0d:19:c1:
34:56:ae:da:96:97:e4:d3:8f:89:d5:e1:6f:11:c3:
30:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:ED:B5:05:3F:74:DB:B2:CB:E8:C4:BA:69:A5:51:82:AB:55:25:A7
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/rO21BT9027LL6MS6aaVRgqtVJac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.96.0/22
141.101.60.0/22
IPv6:
2a00:6900:10::/48
Signature Algorithm: sha256WithRSAEncryption
39:32:21:c2:67:d7:66:2c:e6:34:84:0c:5b:33:a5:c0:22:d5:
fc:4e:10:95:8d:b6:00:4b:ef:db:b5:78:ad:13:3c:19:76:78:
22:6e:1b:9b:81:b6:51:fc:57:05:09:3e:59:33:4a:c5:44:5f:
29:ac:fd:09:6b:b3:aa:e0:e3:06:41:79:98:f2:9a:2e:2a:50:
9b:60:52:ce:93:70:d6:be:df:1e:82:63:ea:30:2d:e2:eb:dc:
29:86:d7:bc:ac:ed:bf:4b:12:cf:7b:f7:1e:71:16:a0:95:dc:
4f:43:9f:4f:8d:dc:39:bd:1a:bf:81:76:6e:c3:59:0a:de:35:
73:6a:27:28:cc:cd:b5:81:f9:43:09:11:c2:48:cb:cb:07:cc:
8f:8d:8d:a5:57:5a:5a:b8:57:c1:5a:af:8c:2a:b9:56:01:dd:
e0:46:f5:2c:a5:6a:70:6c:d9:3d:83:1b:73:48:67:a4:25:71:
75:16:91:8c:55:8d:1a:02:bc:2f:ff:fb:54:4e:2f:6b:74:75:
11:5b:60:24:18:af:a9:47:3d:35:b6:74:c2:7f:8e:07:83:e1:
78:2c:23:73:39:3d:01:a0:bb:c2:26:70:6d:55:9c:3a:84:38:
26:5b:44:8f:06:91:ff:28:16:02:d6:25:e5:9f:77:4f:e5:ac:
4b:0f:98:79
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIcTHXX/JEvRwN0k5PWNSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjQwMTAyMDQzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VkYjUwNTNmNzRkYmIyY2JlOGM0YmE2OWE1NTE4MmFiNTUyNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuj8L+Jd6Y3WwUTPi6oi+kh9nJ8X
EaMqEAEuqFr4tn79Bo+3BfpaKKw7eDRjegfaw1++hZOm4sehfuZ8Qcdp5MH1pINC
v2GifCw5lHECmXmz4yfu0QIIRFyu0T02JmrHBoM+T9IcbsC5Pac/h+MHxuaTTxmN
fale6u5GREDy7WwVTepa5rHHjr6dTA+7CHvi5uUKAZeVyjfT+MQX18C5P038RybD
70UzT2FTyg3WwGjf39Fgf0GLng9iBwOp1Un3rs+3+vblXpxAHjEBBZ/jD30w4qTm
eaD6y3lSIZvpIC9KM2e/e/GQ/Kx3uyYNGcE0Vq7alpfk04+J1eFvEcMwgwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKzttQU/dNuyy+jEummlUYKrVSWnMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvck8yMUJUOTAyN0xMNk1TNmFhVlJncXRWSmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVO9gAwQC
jWU8MA8EAgACMAkDBwAqAGkAABAwDQYJKoZIhvcNAQELBQADggEBADkyIcJn12Ys
5jSEDFszpcAi1fxOEJWNtgBL79u1eK0TPBl2eCJuG5uBtlH8VwUJPlkzSsVEXyms
/Qlrs6rg4wZBeZjymi4qUJtgUs6TcNa+3x6CY+owLeLr3CmG17ys7b9LEs979x5x
FqCV3E9Dn0+N3Dm9Gr+Bdm7DWQreNXNqJyjMzbWB+UMJEcJIy8sHzI+NjaVXWlq4
V8Far4wquVYB3eBG9SylanBs2T2DG3NIZ6QlcXUWkYxVjRoCvC//+1ROL2t0dRFb
YCQYr6lHPTW2dMJ/jgeD4XgsI3M5PQGgu8ImcG1VnDqEOCZbRI8Gkf8oFgLWJeWf
d0/lrEsPmHk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:54:23 2024 by rpki-client on console-fra.rpki-client.org