Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/AxaO9bOCtEqczcK3nAOe-XgSoZo.roa
File: AxaO9bOCtEqczcK3nAOe-XgSoZo.roa (raw, json)
Hash identifier: H6H9uzqobdQ3f2uHDHqOB+s7q6NzTnvE0wj45mp8u98=
Subject key identifier: 03:16:8E:F5:B3:82:B4:4A:9C:CD:C2:B7:9C:03:9E:F9:78:12:A1:9A
Certificate issuer: /CN=eadf80048d2032ec224364a773fe81d23fa914e0
Certificate serial: 018CC87013F4BD7474D4A054AB1BD2F4A3A8
Authority key identifier: EA:DF:80:04:8D:20:32:EC:22:43:64:A7:73:FE:81:D2:3F:A9:14:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/AxaO9bOCtEqczcK3nAOe-XgSoZo.roa
Signing time: Tue 02 Jan 2024 04:30:37 +0000
ROA not before: Tue 02 Jan 2024 04:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209825
IP address blocks: 85.209.44.0/24 maxlen: 24
85.209.44.0/22 maxlen: 22
85.209.47.0/24 maxlen: 24
85.209.45.0/24 maxlen: 24
85.209.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:13:f4:bd:74:74:d4:a0:54:ab:1b:d2:f4:a3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eadf80048d2032ec224364a773fe81d23fa914e0
Validity
Not Before: Jan 2 04:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03168ef5b382b44a9ccdc2b79c039ef97812a19a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:21:2c:a4:90:e2:69:29:47:53:57:37:02:e8:
92:58:54:59:37:b1:fb:c6:dd:7d:eb:8c:6c:1b:0e:
55:43:6d:8a:31:b5:0b:69:79:22:03:15:d7:a5:17:
0e:79:97:ad:b2:da:35:2d:44:35:48:81:83:0b:b9:
c0:71:ce:44:f9:96:5f:58:6a:ba:5f:f5:8a:a2:ac:
5b:f8:9e:0f:b4:c5:75:e2:16:0b:94:e1:01:16:9e:
2e:d3:19:40:8e:01:b1:06:fe:37:19:19:32:64:41:
2b:ca:84:d1:ab:37:07:7f:35:1d:ac:dc:4b:6b:b9:
6f:b5:d2:d1:1a:82:bf:5b:ef:85:9b:42:d1:6a:c4:
23:e5:75:fa:c3:7d:99:c0:f5:9e:95:24:bc:67:0d:
7f:41:83:36:84:74:c8:cc:9b:7a:83:c7:ff:5e:48:
60:3d:dd:ea:a3:1d:cd:fe:32:59:f9:ae:79:9a:6b:
91:9f:d2:fb:0d:3a:23:38:d6:e0:f4:fc:63:95:63:
a7:cb:f0:13:e8:fb:53:2f:ea:2f:d2:7b:db:f5:9b:
5a:6c:22:23:65:71:30:bd:aa:86:f5:e5:48:20:b0:
60:ea:26:a2:2f:09:ba:cc:4b:33:7a:a6:6e:de:e6:
d0:31:0e:3a:17:a8:8d:b4:96:cc:62:83:57:b0:64:
b2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:16:8E:F5:B3:82:B4:4A:9C:CD:C2:B7:9C:03:9E:F9:78:12:A1:9A
X509v3 Authority Key Identifier:
keyid:EA:DF:80:04:8D:20:32:EC:22:43:64:A7:73:FE:81:D2:3F:A9:14:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/AxaO9bOCtEqczcK3nAOe-XgSoZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.44.0/22
Signature Algorithm: sha256WithRSAEncryption
be:ea:02:85:5b:98:d1:0b:fa:9a:d5:68:29:b5:4e:86:77:ce:
52:1a:22:da:e0:65:cf:7d:6f:7d:4b:8c:c7:74:37:38:ae:d3:
3c:d0:c1:92:88:51:eb:7f:21:3b:87:41:fe:c5:07:1d:dd:83:
09:6b:ae:96:ce:83:10:f4:f6:a1:4d:95:cc:41:4b:21:c0:5c:
c6:53:d2:e4:44:43:e7:bc:35:b3:c9:0d:13:20:f6:9d:70:cb:
69:67:08:36:38:2b:2e:b0:e2:b0:e9:0f:a6:f0:bd:24:ff:69:
f2:35:0b:2b:b7:82:9b:dc:07:87:51:93:14:8a:22:11:1e:e9:
ae:11:05:8d:1f:e0:a1:c0:ae:75:1f:2b:26:e5:59:d1:f2:77:
ae:2b:59:31:7b:9c:ac:71:2e:c7:3d:ca:bf:20:cb:73:46:82:
b9:ae:b6:8a:21:f4:cc:be:a8:4b:8c:56:8b:09:75:83:ee:c5:
03:49:21:7b:e6:35:8b:73:e5:b7:7e:72:a8:29:fb:14:68:84:
c8:f9:da:82:b6:fc:af:21:be:6c:62:18:ca:97:ce:83:00:21:
14:88:3f:b5:e8:aa:f5:0d:5e:a1:83:68:7f:b2:57:6c:6a:2d:
8c:b7:73:8e:08:b4:aa:06:5f:70:d9:38:d6:76:f5:9b:40:5d:
65:1c:0e:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcBP0vXR01KBUqxvS9KOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZGY4MDA0OGQyMDMyZWMyMjQzNjRhNzczZmU4MWQyM2Zh
OTE0ZTAwHhcNMjQwMTAyMDQzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzE2OGVmNWIzODJiNDRhOWNjZGMyYjc5YzAzOWVmOTc4MTJhMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iEspJDiaSlHU1c3AuiSWFRZN7H7
xt1964xsGw5VQ22KMbULaXkiAxXXpRcOeZetsto1LUQ1SIGDC7nAcc5E+ZZfWGq6
X/WKoqxb+J4PtMV14hYLlOEBFp4u0xlAjgGxBv43GRkyZEEryoTRqzcHfzUdrNxL
a7lvtdLRGoK/W++Fm0LRasQj5XX6w32ZwPWelSS8Zw1/QYM2hHTIzJt6g8f/Xkhg
Pd3qox3N/jJZ+a55mmuRn9L7DTojONbg9PxjlWOny/AT6PtTL+ov0nvb9ZtabCIj
ZXEwvaqG9eVIILBg6iaiLwm6zEszeqZu3ubQMQ46F6iNtJbMYoNXsGSy1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMWjvWzgrRKnM3Ct5wDnvl4EqGaMB8GA1UdIwQY
MBaAFOrfgASNIDLsIkNkp3P+gdI/qRTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnQtQUJJMGdNdXdpUTJTbmNfNkIwai1wRk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81ZGE4YzItY2ZkNS00ODUzLTk4MzEt
ZmJiMTM0OGE4NjIwLzEvQXhhTzliT0N0RXFjemNLM25BT2UtWGdTb1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81ZGE4YzItY2ZkNS00ODUzLTk4MzEtZmJiMTM0OGE4NjIw
LzEvNnQtQUJJMGdNdXdpUTJTbmNfNkIwai1wRk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdEsMA0G
CSqGSIb3DQEBCwUAA4IBAQC+6gKFW5jRC/qa1WgptU6Gd85SGiLa4GXPfW99S4zH
dDc4rtM80MGSiFHrfyE7h0H+xQcd3YMJa66WzoMQ9PahTZXMQUshwFzGU9LkREPn
vDWzyQ0TIPadcMtpZwg2OCsusOKw6Q+m8L0k/2nyNQsrt4Kb3AeHUZMUiiIRHumu
EQWNH+ChwK51Hysm5VnR8neuK1kxe5yscS7HPcq/IMtzRoK5rraKIfTMvqhLjFaL
CXWD7sUDSSF75jWLc+W3fnKoKfsUaITI+dqCtvyvIb5sYhjKl86DACEUiD+16Kr1
DV6hg2h/sldsai2Mt3OOCLSqBl9w2TjWdvWbQF1lHA4P
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:33:28 2024 by rpki-client on console-ams.rpki-client.org