Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/d2yjai3pEAj04CY5iVEdCFh4CIY.roa
File: d2yjai3pEAj04CY5iVEdCFh4CIY.roa (raw, json)
Hash identifier: j8LYkVq/zx8arahQjscDrtffHbliNAMbv2bMtw/qPOM=
Subject key identifier: 77:6C:A3:6A:2D:E9:10:08:F4:E0:26:39:89:51:1D:08:58:78:08:86
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649E66C03B840BDCE49F4EA7E1B7092
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/d2yjai3pEAj04CY5iVEdCFh4CIY.roa
Signing time: Mon 01 Jan 2024 18:29:41 +0000
ROA not before: Mon 01 Jan 2024 18:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198576
IP address blocks: 84.242.132.0/24 maxlen: 24
212.95.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e6:6c:03:b8:40:bd:ce:49:f4:ea:7e:1b:70:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=776ca36a2de91008f4e0263989511d0858780886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f2:1e:82:78:0d:11:9b:9b:c8:b0:df:95:e2:
e3:b7:c9:ea:10:6c:c5:61:18:41:6f:ae:4a:c2:a0:
d7:98:e2:e7:c6:95:28:2f:1b:94:96:ac:78:46:b0:
76:8a:64:d7:f2:eb:26:71:71:7c:7f:34:b9:15:45:
22:37:29:24:58:36:7c:98:a2:03:33:83:ad:df:c9:
ce:f5:8d:53:05:c9:47:6f:bd:22:72:e6:bc:90:d8:
cf:0b:34:a0:ee:b6:26:6e:7b:b0:8d:7c:58:84:83:
43:1a:cd:26:ee:31:d4:7d:d2:cf:bf:d0:d6:ea:91:
aa:64:e5:0e:ef:16:dc:ab:e8:47:80:de:6f:a7:6c:
19:8c:7e:81:9a:1c:03:72:1a:6b:14:ce:30:81:35:
bc:04:d2:01:75:37:93:e5:f6:db:be:99:ee:41:86:
32:16:33:3b:90:53:b8:19:06:81:6e:01:09:c4:c2:
ac:3e:7d:5e:9b:55:e1:cd:f3:7f:b5:72:11:0a:10:
12:b0:05:f5:14:87:8b:45:f1:ba:8b:3f:c2:db:94:
1c:ad:54:47:29:e2:9c:a0:83:fa:9e:ab:c0:5c:df:
1a:bd:8e:4c:fe:23:7c:0b:95:28:58:59:0d:0f:3f:
a2:76:54:6d:87:a0:34:09:77:ad:2a:9f:63:4b:2a:
93:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6C:A3:6A:2D:E9:10:08:F4:E0:26:39:89:51:1D:08:58:78:08:86
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/d2yjai3pEAj04CY5iVEdCFh4CIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.242.132.0/24
212.95.175.0/24
Signature Algorithm: sha256WithRSAEncryption
22:07:46:f2:81:79:95:29:1a:52:7c:95:98:58:6a:30:eb:28:
d7:40:00:a5:c1:b5:a6:a8:84:69:81:dc:cd:08:3a:07:be:2d:
af:90:96:f2:44:3d:0f:42:cf:e0:f3:98:e3:ce:8e:a6:a8:4d:
ff:c0:cd:e6:9a:2b:f1:41:31:dc:4f:31:d0:c5:c6:9e:e1:9a:
a1:0f:2c:6b:e3:fb:ce:ad:80:68:0d:6b:c5:a6:b3:d2:98:7e:
3a:60:31:a5:b2:6d:c8:ce:a1:b2:c0:48:ab:ac:c0:2d:41:ad:
a6:c2:ae:93:c1:fe:56:a9:d9:d3:e8:37:58:1c:05:90:d0:54:
37:ad:e9:7a:4b:1f:83:72:92:93:2b:65:64:ae:1d:69:f7:1a:
07:de:51:bc:ce:0d:5b:dd:b6:aa:2d:a1:69:3f:9f:72:6e:f4:
74:e4:1f:e9:92:d7:7c:00:90:4c:8f:04:a2:ea:18:af:b5:15:
38:92:27:1e:ae:b1:e1:02:b5:68:34:69:36:44:1c:aa:a4:0f:
93:ab:09:52:5d:01:8b:87:b9:5a:44:ec:31:4b:58:3e:6e:c4:
4c:4f:4e:e3:7c:1c:29:37:99:11:76:4a:f1:1e:58:2c:49:01:
d8:7c:e9:a2:aa:dc:36:3e:0b:88:27:b2:85:ec:a3:8c:13:e3:
30:4b:db:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSeZsA7hAvc5J9Op+G3CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZjYTM2YTJkZTkxMDA4ZjRlMDI2Mzk4OTUxMWQwODU4NzgwODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfIegngNEZubyLDfleLjt8nqEGzF
YRhBb65KwqDXmOLnxpUoLxuUlqx4RrB2imTX8usmcXF8fzS5FUUiNykkWDZ8mKID
M4Ot38nO9Y1TBclHb70icua8kNjPCzSg7rYmbnuwjXxYhINDGs0m7jHUfdLPv9DW
6pGqZOUO7xbcq+hHgN5vp2wZjH6BmhwDchprFM4wgTW8BNIBdTeT5fbbvpnuQYYy
FjM7kFO4GQaBbgEJxMKsPn1em1XhzfN/tXIRChASsAX1FIeLRfG6iz/C25QcrVRH
KeKcoIP6nqvAXN8avY5M/iN8C5UoWFkNDz+idlRth6A0CXetKp9jSyqToQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdso2ot6RAI9OAmOYlRHQhYeAiGMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvZDJ5amFpM3BFQWowNENZNWlWRWRDRmg0Q0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVPKEAwQA
1F+vMA0GCSqGSIb3DQEBCwUAA4IBAQAiB0bygXmVKRpSfJWYWGow6yjXQAClwbWm
qIRpgdzNCDoHvi2vkJbyRD0PQs/g85jjzo6mqE3/wM3mmivxQTHcTzHQxcae4Zqh
Dyxr4/vOrYBoDWvFprPSmH46YDGlsm3IzqGywEirrMAtQa2mwq6Twf5WqdnT6DdY
HAWQ0FQ3rel6Sx+DcpKTK2Vkrh1p9xoH3lG8zg1b3baqLaFpP59ybvR05B/pktd8
AJBMjwSi6hivtRU4kicerrHhArVoNGk2RByqpA+TqwlSXQGLh7laROwxS1g+bsRM
T07jfBwpN5kRdkrxHlgsSQHYfOmiqtw2PguIJ7KF7KOME+MwS9vx
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:49 2024 by rpki-client on console-ams.rpki-client.org