Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/2f97fc-5fa3-4083-9515-cd9da2d92e8d/1/ahwgRgnWtg3JSzcmj_TkM_z1ffs.roa
File: ahwgRgnWtg3JSzcmj_TkM_z1ffs.roa (raw, json)
Hash identifier: FGNgHJ9/Fw0TdyiZyE7Uf4lDNjUGPXjVg6ceQSPg2jA=
Subject key identifier: 6A:1C:20:46:09:D6:B6:0D:C9:4B:37:26:8F:F4:E4:33:FC:F5:7D:FB
Certificate issuer: /CN=29a39ebb4e57ff34853c76b0f5877ae8ab3c7cf6
Certificate serial: 018CC4252BDA68A4324731C47690D74082D5
Authority key identifier: 29:A3:9E:BB:4E:57:FF:34:85:3C:76:B0:F5:87:7A:E8:AB:3C:7C:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KaOeu05X_zSFPHaw9Yd66Ks8fPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/2f97fc-5fa3-4083-9515-cd9da2d92e8d/1/ahwgRgnWtg3JSzcmj_TkM_z1ffs.roa
Signing time: Mon 01 Jan 2024 08:30:19 +0000
ROA not before: Mon 01 Jan 2024 08:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51164
IP address blocks: 178.217.128.0/21 maxlen: 21
185.93.48.0/22 maxlen: 22
2a0b:8880::/29 maxlen: 29
2001:67c:224::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/2f97fc-5fa3-4083-9515-cd9da2d92e8d/1/KaOeu05X_zSFPHaw9Yd66Ks8fPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/2f97fc-5fa3-4083-9515-cd9da2d92e8d/1/KaOeu05X_zSFPHaw9Yd66Ks8fPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KaOeu05X_zSFPHaw9Yd66Ks8fPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2b:da:68:a4:32:47:31:c4:76:90:d7:40:82:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a39ebb4e57ff34853c76b0f5877ae8ab3c7cf6
Validity
Not Before: Jan 1 08:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a1c204609d6b60dc94b37268ff4e433fcf57dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f9:51:ee:36:fa:aa:b0:1e:a5:88:49:34:6a:
fb:69:2c:46:4d:5f:09:78:b3:82:81:04:3d:79:b0:
3a:37:13:e6:77:52:eb:0a:a6:7c:f4:5f:a1:1f:43:
fa:b4:c0:80:b0:cc:41:05:61:97:15:38:3b:46:1d:
dc:b5:c2:45:f6:d9:64:6a:c7:fd:0d:b2:9d:79:cb:
64:72:58:97:69:f0:25:38:7d:5c:17:da:55:8f:42:
90:f8:ac:cc:77:63:c5:11:07:1a:01:e7:e7:ce:46:
93:2c:b5:23:85:e9:c2:f4:85:57:cb:c7:7b:76:f1:
27:9f:5b:4d:bf:84:38:83:ae:7a:fa:e3:76:b1:1e:
83:5a:36:fb:a8:5a:94:19:99:cc:d7:b4:a7:f5:25:
78:24:24:34:8b:71:8f:c5:e5:24:9e:e2:ee:d5:6b:
4f:b0:a0:6e:7f:2c:9e:ee:43:15:45:4e:0a:60:10:
74:6d:7d:44:da:bb:fb:83:73:83:b7:fd:09:cb:1b:
c9:a9:6c:13:f2:a9:c8:c2:35:b4:54:75:3f:43:e7:
dd:da:a9:ee:73:eb:bc:03:05:dc:7a:cd:c3:f7:a4:
98:bf:f2:c5:cc:03:8a:1c:3b:e3:f0:81:d3:82:4b:
c9:b4:4e:bf:fd:ec:c3:5a:f4:00:34:50:30:29:f9:
1b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1C:20:46:09:D6:B6:0D:C9:4B:37:26:8F:F4:E4:33:FC:F5:7D:FB
X509v3 Authority Key Identifier:
keyid:29:A3:9E:BB:4E:57:FF:34:85:3C:76:B0:F5:87:7A:E8:AB:3C:7C:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KaOeu05X_zSFPHaw9Yd66Ks8fPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2f97fc-5fa3-4083-9515-cd9da2d92e8d/1/ahwgRgnWtg3JSzcmj_TkM_z1ffs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2f97fc-5fa3-4083-9515-cd9da2d92e8d/1/KaOeu05X_zSFPHaw9Yd66Ks8fPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.128.0/21
185.93.48.0/22
IPv6:
2001:67c:224::/48
2a0b:8880::/29
Signature Algorithm: sha256WithRSAEncryption
05:b7:7b:20:5c:89:38:0f:5a:9e:f5:cd:d9:38:39:b4:73:ac:
41:bb:ee:a2:e9:f6:0f:02:b7:22:84:50:38:6a:83:3c:ab:75:
b2:0f:8d:bc:cf:ae:0a:35:39:b6:68:b3:39:97:fb:7d:cc:44:
17:ef:08:99:1c:1d:60:79:40:64:dc:a0:50:0c:c0:73:c3:c2:
a6:09:5b:e0:1d:12:4c:09:6a:ef:f2:1e:b3:ec:ae:23:57:e6:
08:a3:f4:3b:71:ff:1e:e5:7a:69:21:1d:75:3d:4c:0a:7f:91:
be:4d:15:cb:9a:65:28:70:89:75:9a:73:63:d3:5e:e8:1c:ed:
81:f8:92:9a:4e:05:5a:d4:62:b0:42:03:66:74:d1:7d:de:b2:
5d:ff:f6:dc:e6:38:cb:00:7e:55:ac:0e:8d:0f:08:0d:93:36:
73:75:b4:1a:35:73:50:c9:2d:cc:96:e2:27:4b:cd:c6:7d:0d:
e7:af:f9:eb:35:98:44:11:12:e7:3f:70:ba:f8:94:cd:54:df:
ac:f6:79:35:22:2c:e1:0b:d5:12:59:92:94:2f:bc:24:85:3e:
a8:c0:41:4c:59:b6:57:f4:65:1f:cd:30:6a:5c:5b:65:da:85:
71:a9:a2:20:b0:a6:72:e5:77:17:05:6b:14:ad:81:86:9d:cc:
8c:7a:89:df
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJSvaaKQyRzHEdpDXQILVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTM5ZWJiNGU1N2ZmMzQ4NTNjNzZiMGY1ODc3YWU4YWIz
YzdjZjYwHhcNMjQwMTAxMDgzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTFjMjA0NjA5ZDZiNjBkYzk0YjM3MjY4ZmY0ZTQzM2ZjZjU3ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/lR7jb6qrAepYhJNGr7aSxGTV8J
eLOCgQQ9ebA6NxPmd1LrCqZ89F+hH0P6tMCAsMxBBWGXFTg7Rh3ctcJF9tlkasf9
DbKdectkcliXafAlOH1cF9pVj0KQ+KzMd2PFEQcaAefnzkaTLLUjhenC9IVXy8d7
dvEnn1tNv4Q4g656+uN2sR6DWjb7qFqUGZnM17Sn9SV4JCQ0i3GPxeUknuLu1WtP
sKBufyye7kMVRU4KYBB0bX1E2rv7g3ODt/0JyxvJqWwT8qnIwjW0VHU/Q+fd2qnu
c+u8AwXces3D96SYv/LFzAOKHDvj8IHTgkvJtE6//ezDWvQANFAwKfkb8QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGocIEYJ1rYNyUs3Jo/05DP89X37MB8GA1UdIwQY
MBaAFCmjnrtOV/80hTx2sPWHeuirPHz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FPZXUwNVhfelNGUEhhdzlZZDY2S3M4ZlBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yZjk3ZmMtNWZhMy00MDgzLTk1MTUt
Y2Q5ZGEyZDkyZThkLzEvYWh3Z1Jnbld0ZzNKU3pjbWpfVGtNX3oxZmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yZjk3ZmMtNWZhMy00MDgzLTk1MTUtY2Q5ZGEyZDkyZThk
LzEvS2FPZXUwNVhfelNGUEhhdzlZZDY2S3M4ZlBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDstmAAwQC
uV0wMBYEAgACMBADBwAgAQZ8AiQDBQMqC4iAMA0GCSqGSIb3DQEBCwUAA4IBAQAF
t3sgXIk4D1qe9c3ZODm0c6xBu+6i6fYPArcihFA4aoM8q3WyD428z64KNTm2aLM5
l/t9zEQX7wiZHB1geUBk3KBQDMBzw8KmCVvgHRJMCWrv8h6z7K4jV+YIo/Q7cf8e
5XppIR11PUwKf5G+TRXLmmUocIl1mnNj017oHO2B+JKaTgVa1GKwQgNmdNF93rJd
//bc5jjLAH5VrA6NDwgNkzZzdbQaNXNQyS3MluInS83GfQ3nr/nrNZhEERLnP3C6
+JTNVN+s9nk1IizhC9USWZKUL7wkhT6owEFMWbZX9GUfzTBqXFtl2oVxqaIgsKZy
5XcXBWsUrYGGncyMeonf
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:55 2024 by rpki-client on console-fra.rpki-client.org