Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/AguHBebCgKGNPd6agC4Df6RIEsI.roa
File: AguHBebCgKGNPd6agC4Df6RIEsI.roa (raw, json)
Hash identifier: +3u1d+ANyPlfQRr5lM4qVfEBhpG9dDU3Whvt2PbHYao=
Subject key identifier: 02:0B:87:05:E6:C2:80:A1:8D:3D:DE:9A:80:2E:03:7F:A4:48:12:C2
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 018CC9BC8D5A9ECF7309BB908AD3FFB3E733
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/AguHBebCgKGNPd6agC4Df6RIEsI.roa
Signing time: Tue 02 Jan 2024 10:33:46 +0000
ROA not before: Tue 02 Jan 2024 10:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6220
IP address blocks: 213.198.48.0/24 maxlen: 24
213.198.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:8d:5a:9e:cf:73:09:bb:90:8a:d3:ff:b3:e7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 10:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=020b8705e6c280a18d3dde9a802e037fa44812c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:43:83:96:ba:62:60:5a:ab:cd:fc:49:b6:a9:
c0:7a:27:a2:db:bd:7c:bb:89:34:8f:29:c1:85:5f:
b7:cc:69:0a:0c:e7:da:a7:d4:05:4d:9a:6b:cb:5e:
32:a6:f7:cc:18:b8:a4:04:3c:27:65:be:2b:fd:2d:
83:7e:66:2f:04:bd:0a:aa:61:90:22:0d:c9:97:67:
21:8f:39:f2:82:34:5e:57:7c:14:8e:30:17:ab:34:
bd:92:62:7c:02:e4:20:f7:62:11:e3:07:4b:a6:60:
08:cb:93:92:40:ca:ce:fe:d3:21:43:d8:25:eb:3b:
86:c2:34:89:0a:d7:d2:42:e9:1d:ae:e4:3d:91:da:
10:03:ef:2b:a7:17:71:49:52:d1:20:2a:b1:1c:7b:
12:04:87:c9:52:cb:b1:a7:cb:7b:aa:04:ad:06:28:
ba:ba:36:c2:6f:20:74:43:a4:55:d4:d0:12:20:d3:
47:63:dd:a2:47:c8:e3:fc:10:fd:c8:a4:8b:ab:03:
b9:b2:ca:09:2e:49:a0:0a:f9:64:5a:56:25:ec:2c:
5f:92:0f:02:b2:65:f7:92:cd:f7:7b:b0:cd:bc:12:
b5:da:cd:2c:41:e5:14:3a:e9:25:3f:8b:69:58:2a:
e7:65:8f:71:4d:69:7c:a9:a0:35:08:1a:7a:af:ae:
48:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0B:87:05:E6:C2:80:A1:8D:3D:DE:9A:80:2E:03:7F:A4:48:12:C2
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/AguHBebCgKGNPd6agC4Df6RIEsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.198.48.0/23
Signature Algorithm: sha256WithRSAEncryption
22:66:43:87:fd:31:d3:51:cb:2b:5c:24:22:67:94:d9:56:72:
6a:a5:c9:0e:f2:f7:f2:4d:aa:ee:19:1f:3a:97:bd:5e:4c:2f:
8c:50:93:e0:e8:8c:1d:ad:c0:b9:8a:63:29:09:80:33:28:d0:
74:88:01:73:e6:02:14:13:4d:5d:16:ab:a5:6b:58:0b:5d:b7:
29:f2:4e:d5:09:69:4b:75:da:bf:ab:da:2c:d3:cf:5c:3d:58:
a3:76:b7:32:10:b0:29:c5:97:9c:4d:7a:5a:b2:20:13:86:4c:
da:1e:3a:fe:1e:6c:4f:83:a4:bc:77:0a:1c:f2:18:73:ec:f2:
86:ef:fc:1a:dd:71:34:fc:b3:66:cc:d3:93:61:a7:1f:02:b6:
ed:c9:0c:94:b8:61:c2:47:6d:ab:06:1c:7b:a5:14:ea:81:dd:
f8:b6:a0:98:01:bb:8e:a3:55:09:ff:ff:ef:3a:49:80:10:d7:
44:89:67:24:23:f0:ff:0f:e7:aa:95:49:f5:9c:a2:16:b4:dc:
9a:76:9f:49:15:bf:6c:12:9c:48:a6:f3:13:35:56:cc:64:2f:
72:09:8e:e3:90:19:99:20:dc:6d:67:bd:c2:55:1e:d2:e3:64:
db:96:cb:0e:73:bb:96:50:3b:7f:87:80:2c:74:20:4f:df:12:
a5:46:fd:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvI1ans9zCbuQitP/s+czMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjQwMTAyMTAzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBiODcwNWU2YzI4MGExOGQzZGRlOWE4MDJlMDM3ZmE0NDgxMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEODlrpiYFqrzfxJtqnAeiei2718
u4k0jynBhV+3zGkKDOfap9QFTZpry14ypvfMGLikBDwnZb4r/S2DfmYvBL0KqmGQ
Ig3Jl2chjznygjReV3wUjjAXqzS9kmJ8AuQg92IR4wdLpmAIy5OSQMrO/tMhQ9gl
6zuGwjSJCtfSQukdruQ9kdoQA+8rpxdxSVLRICqxHHsSBIfJUsuxp8t7qgStBii6
ujbCbyB0Q6RV1NASINNHY92iR8jj/BD9yKSLqwO5ssoJLkmgCvlkWlYl7Cxfkg8C
smX3ks33e7DNvBK12s0sQeUUOuklP4tpWCrnZY9xTWl8qaA1CBp6r65IRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAILhwXmwoChjT3emoAuA3+kSBLCMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvQWd1SEJlYkNnS0dOUGQ2YWdDNERmNlJJRXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1cYwMA0G
CSqGSIb3DQEBCwUAA4IBAQAiZkOH/THTUcsrXCQiZ5TZVnJqpckO8vfyTaruGR86
l71eTC+MUJPg6IwdrcC5imMpCYAzKNB0iAFz5gIUE01dFqula1gLXbcp8k7VCWlL
ddq/q9os089cPVijdrcyELApxZecTXpasiAThkzaHjr+HmxPg6S8dwoc8hhz7PKG
7/wa3XE0/LNmzNOTYacfArbtyQyUuGHCR22rBhx7pRTqgd34tqCYAbuOo1UJ///v
OkmAENdEiWckI/D/D+eqlUn1nKIWtNyadp9JFb9sEpxIpvMTNVbMZC9yCY7jkBmZ
INxtZ73CVR7S42TblssOc7uWUDt/h4AsdCBP3xKlRv04
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:51:57 2024 by rpki-client on console-ams.rpki-client.org