Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/Ag1IJJ_aGL25RlltrDNTCpSjkJk.roa
File: Ag1IJJ_aGL25RlltrDNTCpSjkJk.roa (raw, json)
Hash identifier: TfbUPM8o9aFUUYlbbrFXauSHc+ZlOYUubA4eqosE8uw=
Subject key identifier: 02:0D:48:24:9F:DA:18:BD:B9:46:59:6D:AC:33:53:0A:94:A3:90:99
Certificate issuer: /CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Certificate serial: 018CC726EC8F7BC3DB037BD1B4BE473CCDED
Authority key identifier: C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/Ag1IJJ_aGL25RlltrDNTCpSjkJk.roa
Signing time: Mon 01 Jan 2024 22:31:06 +0000
ROA not before: Mon 01 Jan 2024 22:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210353
IP address blocks: 194.44.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.mft
rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ec:8f:7b:c3:db:03:7b:d1:b4:be:47:3c:cd:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Validity
Not Before: Jan 1 22:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=020d48249fda18bdb946596dac33530a94a39099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0e:d8:d7:66:fd:f7:42:b9:9b:46:17:69:10:
4a:5d:8e:5e:47:e5:07:de:19:83:65:9e:af:bd:48:
a6:40:dd:a3:3a:9c:16:80:7f:45:5e:32:c0:b2:d6:
bc:ed:78:b4:6e:65:ac:ff:42:80:14:ae:e2:31:c5:
3d:a9:f1:d6:c3:df:92:cc:39:d1:5e:08:64:8b:a7:
12:18:46:7c:6e:e3:91:5f:90:55:3d:44:0c:e5:90:
c6:d0:75:10:0e:29:f4:30:72:06:7c:a1:17:d2:bf:
69:5c:55:23:15:e6:94:b0:f6:4a:48:7f:89:1e:43:
63:33:3f:e1:3b:b0:bf:90:04:cc:9b:f2:e2:c1:98:
b4:5e:8c:80:7c:5e:96:52:31:3d:f1:7d:e6:f7:da:
83:cf:bd:0d:21:cb:af:1d:7b:30:76:e5:62:12:46:
d2:c8:28:0f:3d:8f:89:b0:95:7c:24:fc:ca:0a:27:
02:44:47:83:de:c6:a5:29:86:04:80:17:1f:8c:b0:
fc:7b:fe:bb:d9:09:c4:a0:45:4a:1e:7f:36:f6:bc:
e4:8c:c1:e7:03:40:b4:3f:20:2f:cc:20:f5:77:78:
a2:be:9f:24:c6:96:4a:38:08:a8:48:21:8b:66:a3:
f4:4f:69:b7:5c:2d:38:3e:61:32:9e:f6:e7:fb:28:
b9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0D:48:24:9F:DA:18:BD:B9:46:59:6D:AC:33:53:0A:94:A3:90:99
X509v3 Authority Key Identifier:
keyid:C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/Ag1IJJ_aGL25RlltrDNTCpSjkJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.44.234.0/24
Signature Algorithm: sha256WithRSAEncryption
35:42:15:81:08:38:0e:69:f1:8f:29:a6:b4:8d:4e:91:be:bb:
7e:8a:86:23:29:d7:82:41:f0:04:09:10:f5:72:3b:6b:5d:a6:
34:1d:81:cb:e4:73:6e:7f:c5:ad:35:b4:2f:04:ab:64:86:36:
26:f6:b8:b9:c3:a7:82:be:98:1b:d7:c5:89:48:4b:ad:2b:54:
ad:4b:bc:61:d4:56:ae:6b:7a:7d:07:01:b7:94:3f:18:3a:75:
73:5a:15:1d:da:76:20:7b:02:1e:ec:44:84:44:0c:95:91:91:
49:95:f6:19:e0:6b:2d:33:e4:0b:9e:dc:3a:dc:f2:8c:de:81:
c7:ac:5e:5b:29:df:2d:69:61:67:c3:d3:51:27:36:4c:27:d4:
fe:27:db:56:d6:3a:7d:a9:58:a6:aa:d1:70:bb:29:43:74:e6:
ad:7d:72:8a:7c:2e:a4:32:b3:09:79:30:e3:ae:1a:2f:84:2e:
53:13:b5:b2:53:34:26:a0:9a:b2:00:4e:02:95:c7:f8:66:8b:
c1:5f:80:34:38:8e:06:cb:83:73:ed:f0:04:8c:63:95:e3:55:
2d:43:27:43:29:1f:2b:73:e7:13:fd:6d:69:8e:ac:48:69:dd:
7c:4e:1a:fc:ab:b1:2b:45:9f:b0:b4:a4:e5:51:26:00:67:3c:
33:d1:17:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJuyPe8PbA3vRtL5HPM3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmI0MDNhMjQxODgzZTU4ZmNlZDUyZDM5ZDgwZWFiZDUy
YmIzNmYwHhcNMjQwMTAxMjIzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBkNDgyNDlmZGExOGJkYjk0NjU5NmRhYzMzNTMwYTk0YTM5MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA7Y12b990K5m0YXaRBKXY5eR+UH
3hmDZZ6vvUimQN2jOpwWgH9FXjLAsta87Xi0bmWs/0KAFK7iMcU9qfHWw9+SzDnR
Xghki6cSGEZ8buORX5BVPUQM5ZDG0HUQDin0MHIGfKEX0r9pXFUjFeaUsPZKSH+J
HkNjMz/hO7C/kATMm/LiwZi0XoyAfF6WUjE98X3m99qDz70NIcuvHXswduViEkbS
yCgPPY+JsJV8JPzKCicCREeD3salKYYEgBcfjLD8e/672QnEoEVKHn829rzkjMHn
A0C0PyAvzCD1d3iivp8kxpZKOAioSCGLZqP0T2m3XC04PmEynvbn+yi5TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAINSCSf2hi9uUZZbawzUwqUo5CZMB8GA1UdIwQY
MBaAFMP7QDokGIPlj87VLTnYDqvVK7NvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUt
YTlhNzc5MDI2ZjBhLzEvQWcxSUpKX2FHTDI1UmxsdHJETlRDcFNqa0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUtYTlhNzc5MDI2ZjBh
LzEvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwizqMA0G
CSqGSIb3DQEBCwUAA4IBAQA1QhWBCDgOafGPKaa0jU6Rvrt+ioYjKdeCQfAECRD1
cjtrXaY0HYHL5HNuf8WtNbQvBKtkhjYm9ri5w6eCvpgb18WJSEutK1StS7xh1Fau
a3p9BwG3lD8YOnVzWhUd2nYgewIe7ESERAyVkZFJlfYZ4GstM+QLntw63PKM3oHH
rF5bKd8taWFnw9NRJzZMJ9T+J9tW1jp9qVimqtFwuylDdOatfXKKfC6kMrMJeTDj
rhovhC5TE7WyUzQmoJqyAE4Clcf4ZovBX4A0OI4Gy4Nz7fAEjGOV41UtQydDKR8r
c+cT/W1pjqxIad18Thr8q7ErRZ+wtKTlUSYAZzwz0RcV
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:58:28 2024 by rpki-client on console-ams.rpki-client.org