Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/AF49Ki0255bSw_h61bT_-nmyQjs.roa
File: AF49Ki0255bSw_h61bT_-nmyQjs.roa (raw, json)
Hash identifier: UxwitxAfLbcM+/EKZcDA4e0krl/uSHJMvSmJwcnJkpw=
Subject key identifier: 00:5E:3D:2A:2D:36:E7:96:D2:C3:F8:7A:D5:B4:FF:FA:79:B2:42:3B
Certificate issuer: /CN=8f3f9d85bcb3a4136362c5773e9d14e39e529453
Certificate serial: 018CC26CF48A7CC67C79DEBC7A8055BAD0A2
Authority key identifier: 8F:3F:9D:85:BC:B3:A4:13:63:62:C5:77:3E:9D:14:E3:9E:52:94:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jz-dhbyzpBNjYsV3Pp0U455SlFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/AF49Ki0255bSw_h61bT_-nmyQjs.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12337
IP address blocks: 209.16.144.0/24 maxlen: 24
209.16.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/jz-dhbyzpBNjYsV3Pp0U455SlFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/jz-dhbyzpBNjYsV3Pp0U455SlFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jz-dhbyzpBNjYsV3Pp0U455SlFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f4:8a:7c:c6:7c:79:de:bc:7a:80:55:ba:d0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3f9d85bcb3a4136362c5773e9d14e39e529453
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=005e3d2a2d36e796d2c3f87ad5b4fffa79b2423b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e1:4d:da:70:a0:0a:e6:8a:20:3c:ad:dc:8f:
87:ce:d7:2c:c9:f2:3a:80:01:ec:9f:32:31:37:13:
97:dc:15:d4:d0:65:8d:e0:22:ed:9c:4d:60:59:d2:
e1:07:c1:1e:4d:35:9f:4b:3d:66:2e:04:ab:87:b2:
1a:3d:66:cc:12:f3:09:54:13:89:90:77:7d:e5:39:
ef:47:93:64:6e:96:c4:83:99:80:3a:a4:28:11:51:
92:53:38:dc:81:16:dc:53:2d:8b:39:c7:e4:2a:03:
af:6b:7d:a3:6a:f5:86:c6:93:aa:ce:d5:bc:5a:6e:
bc:d0:c0:ac:0f:4c:66:d3:63:64:1e:ec:16:82:f6:
c2:c5:35:59:49:02:db:20:18:1f:5d:3e:8c:bc:37:
0d:21:fc:54:53:90:c2:e4:0f:94:cc:06:7c:27:be:
1a:08:f9:57:34:48:0e:94:56:16:23:5e:ca:8e:ee:
73:ae:d2:c4:5c:03:13:34:c5:7e:84:f6:df:52:9d:
e5:cb:ae:92:9a:e9:fd:ee:c8:7d:96:0e:2d:38:70:
bb:1b:b8:02:3b:23:4c:b8:0c:81:06:d0:75:72:7e:
ae:12:77:a0:97:2d:a9:6a:ae:05:87:89:6e:39:3b:
c1:c5:b2:30:ef:42:f5:5d:0d:a0:67:be:87:31:b9:
f3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5E:3D:2A:2D:36:E7:96:D2:C3:F8:7A:D5:B4:FF:FA:79:B2:42:3B
X509v3 Authority Key Identifier:
keyid:8F:3F:9D:85:BC:B3:A4:13:63:62:C5:77:3E:9D:14:E3:9E:52:94:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jz-dhbyzpBNjYsV3Pp0U455SlFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/AF49Ki0255bSw_h61bT_-nmyQjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/jz-dhbyzpBNjYsV3Pp0U455SlFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.16.144.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:d0:ee:76:27:45:a4:a7:20:9a:8b:46:69:08:e4:3c:20:12:
e0:88:d7:c1:20:3f:21:0a:f1:49:cc:88:b3:e9:3d:15:85:bf:
39:ad:10:54:d6:da:3b:4f:56:20:27:f3:ad:d8:33:91:20:44:
26:13:1e:09:76:6e:5a:18:74:3c:ad:c9:1d:3a:0a:f1:b2:7c:
14:c4:da:6d:f9:79:da:a0:88:fa:98:c5:b7:82:3c:ae:ee:0b:
40:a3:49:63:76:59:89:f7:41:00:8d:83:e7:11:b1:df:ea:83:
78:ff:06:3a:a5:97:ec:06:19:b6:42:32:bc:ea:d3:a4:70:88:
3f:b0:5a:b9:10:82:aa:91:44:3c:a6:92:93:3a:a8:4e:fa:34:
a8:9c:ee:09:8a:89:d7:a5:b2:74:f1:2f:1d:21:30:93:91:47:
c6:bf:f1:3c:91:4a:7b:0e:ca:cd:88:b4:6b:ed:39:63:b1:a0:
7b:83:23:29:5f:95:c9:39:52:a6:4a:0f:06:d2:96:c7:49:a0:
30:d7:31:16:99:22:68:3f:f7:41:3d:ad:91:d8:82:b7:e5:b2:
e2:de:f7:2f:f1:54:65:7a:40:18:79:e8:bd:b7:eb:7f:1c:f5:
84:1c:a0:e6:b2:da:ed:38:08:f5:86:9d:10:b6:97:5a:85:cb:
88:a8:7c:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbPSKfMZ8ed68eoBVutCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmM2Y5ZDg1YmNiM2E0MTM2MzYyYzU3NzNlOWQxNGUzOWU1
Mjk0NTMwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVlM2QyYTJkMzZlNzk2ZDJjM2Y4N2FkNWI0ZmZmYTc5YjI0MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+FN2nCgCuaKIDyt3I+HztcsyfI6
gAHsnzIxNxOX3BXU0GWN4CLtnE1gWdLhB8EeTTWfSz1mLgSrh7IaPWbMEvMJVBOJ
kHd95TnvR5NkbpbEg5mAOqQoEVGSUzjcgRbcUy2LOcfkKgOva32javWGxpOqztW8
Wm680MCsD0xm02NkHuwWgvbCxTVZSQLbIBgfXT6MvDcNIfxUU5DC5A+UzAZ8J74a
CPlXNEgOlFYWI17Kju5zrtLEXAMTNMV+hPbfUp3ly66Smun97sh9lg4tOHC7G7gC
OyNMuAyBBtB1cn6uEnegly2paq4Fh4luOTvBxbIw70L1XQ2gZ76HMbnzyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABePSotNueW0sP4etW0//p5skI7MB8GA1UdIwQY
MBaAFI8/nYW8s6QTY2LFdz6dFOOeUpRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanotZGhieXpwQk5qWXNWM1BwMFU0NTVTbEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYjBiYmEtZjA5NS00MjNlLTkyZDIt
Nzk5NWJmNjA4MDNiLzEvQUY0OUtpMDI1NWJTd19oNjFiVF8tbm15UWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYjBiYmEtZjA5NS00MjNlLTkyZDItNzk5NWJmNjA4MDNi
LzEvanotZGhieXpwQk5qWXNWM1BwMFU0NTVTbEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB0RCQMA0G
CSqGSIb3DQEBCwUAA4IBAQBa0O52J0WkpyCai0ZpCOQ8IBLgiNfBID8hCvFJzIiz
6T0Vhb85rRBU1to7T1YgJ/Ot2DORIEQmEx4Jdm5aGHQ8rckdOgrxsnwUxNpt+Xna
oIj6mMW3gjyu7gtAo0ljdlmJ90EAjYPnEbHf6oN4/wY6pZfsBhm2QjK86tOkcIg/
sFq5EIKqkUQ8ppKTOqhO+jSonO4JionXpbJ08S8dITCTkUfGv/E8kUp7DsrNiLRr
7TljsaB7gyMpX5XJOVKmSg8G0pbHSaAw1zEWmSJoP/dBPa2R2IK35bLi3vcv8VRl
ekAYeei9t+t/HPWEHKDmstrtOAj1hp0QtpdahcuIqHwQ
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:59:59 2024 by rpki-client on console-fra.rpki-client.org