Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/AJOLKE2Flv_FgbL4gDRgjGjFXuE.roa
File: AJOLKE2Flv_FgbL4gDRgjGjFXuE.roa (raw, json)
Hash identifier: Y7i/5jdLaltCXniIz/vTYwNic4y/JUthLby94o67aIY=
Subject key identifier: 00:93:8B:28:4D:85:96:FF:C5:81:B2:F8:80:34:60:8C:68:C5:5E:E1
Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Certificate serial: 018CC424813498BA31E6384BFDDAB542324E
Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/AJOLKE2Flv_FgbL4gDRgjGjFXuE.roa
Signing time: Mon 01 Jan 2024 08:29:35 +0000
ROA not before: Mon 01 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211564
IP address blocks: 2001:678:fa8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:81:34:98:ba:31:e6:38:4b:fd:da:b5:42:32:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Validity
Not Before: Jan 1 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00938b284d8596ffc581b2f88034608c68c55ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fa:f4:35:5e:e9:6d:66:b4:b8:89:a3:7e:3f:
87:d1:85:17:03:a4:40:7e:c4:cc:6e:9c:56:e8:92:
f4:8c:8b:f6:c5:f2:a7:08:3c:ca:1c:de:17:26:a8:
e3:1b:5f:6d:59:a2:b3:2a:ff:39:82:73:2d:76:e2:
df:51:db:5b:f2:ba:19:a5:6a:fd:b1:75:f9:d6:4a:
89:86:05:71:f9:a7:6f:d2:1b:27:17:fe:48:1b:c2:
58:fd:05:52:78:93:b5:16:91:df:3d:99:ba:fd:1f:
f6:38:cd:14:b3:cd:8c:89:74:8f:6d:4f:1f:f0:76:
15:98:5f:5c:fe:1c:1d:bf:d6:09:29:e5:0b:81:b6:
2c:10:6b:17:e8:1e:8d:5c:65:70:2d:6f:e6:70:19:
6d:7e:1c:74:db:67:32:8a:66:08:ca:18:d5:63:c6:
73:cf:23:04:67:98:1d:c1:0f:63:3a:de:3e:a4:4a:
d8:46:14:ac:79:89:11:b6:da:21:97:d9:a7:67:73:
54:8b:1a:12:62:73:0a:eb:5c:2e:f4:48:32:8a:ae:
a4:4a:98:dc:ad:60:d0:21:be:0f:bf:de:ba:14:ca:
97:e4:80:93:3b:28:cf:40:a6:79:1c:64:c6:8d:80:
3b:de:75:4c:f7:8c:05:36:58:c4:d0:ec:2e:60:82:
e2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:93:8B:28:4D:85:96:FF:C5:81:B2:F8:80:34:60:8C:68:C5:5E:E1
X509v3 Authority Key Identifier:
keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/AJOLKE2Flv_FgbL4gDRgjGjFXuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fa8::/48
Signature Algorithm: sha256WithRSAEncryption
b6:14:e3:ec:20:2c:2d:ed:50:6e:11:b7:17:66:fa:ac:ed:6f:
48:d6:34:9a:5b:f5:ff:b8:09:7b:5d:8f:f5:d5:8e:96:de:18:
6c:ae:57:92:8a:09:c3:b9:31:c2:9a:5c:4f:93:25:1c:3b:48:
25:72:45:bc:aa:85:95:d3:b2:6b:92:8e:14:37:3a:03:ea:32:
ef:23:e1:cc:39:da:44:4e:af:24:c4:ab:34:0b:bf:49:06:bf:
6f:66:0d:1a:96:c4:4f:d6:89:8c:40:0d:d2:85:4f:f4:66:79:
10:8d:fa:47:db:1a:dc:46:f8:5c:7d:90:0e:f5:44:ce:b0:e9:
4e:97:3f:90:d2:b1:00:89:85:5f:7c:78:e7:73:9b:77:dd:11:
4b:21:d3:1c:71:a1:e1:52:3a:d3:95:20:53:e3:04:e6:1a:11:
62:82:b9:c1:c5:ef:b5:e7:21:25:af:75:41:3e:90:05:97:28:
0f:1d:d1:11:06:50:a8:24:7c:90:aa:30:4f:cb:fa:04:b5:26:
34:c9:c6:9b:c5:01:4d:81:96:41:31:83:6c:74:98:bc:0d:4e:
0a:f1:74:7a:ea:74:2a:50:44:6b:c1:2e:3e:e6:cd:60:87:1a:
09:57:e4:55:d4:a3:9f:4f:a2:38:13:ea:4b:20:29:d1:9f:71:
fc:83:c6:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJIE0mLox5jhL/dq1QjJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1
NmMzNTgwHhcNMjQwMTAxMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDkzOGIyODRkODU5NmZmYzU4MWIyZjg4MDM0NjA4YzY4YzU1ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vr0NV7pbWa0uImjfj+H0YUXA6RA
fsTMbpxW6JL0jIv2xfKnCDzKHN4XJqjjG19tWaKzKv85gnMtduLfUdtb8roZpWr9
sXX51kqJhgVx+adv0hsnF/5IG8JY/QVSeJO1FpHfPZm6/R/2OM0Us82MiXSPbU8f
8HYVmF9c/hwdv9YJKeULgbYsEGsX6B6NXGVwLW/mcBltfhx022cyimYIyhjVY8Zz
zyMEZ5gdwQ9jOt4+pErYRhSseYkRttohl9mnZ3NUixoSYnMK61wu9Egyiq6kSpjc
rWDQIb4Pv966FMqX5ICTOyjPQKZ5HGTGjYA73nVM94wFNljE0OwuYILiIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFACTiyhNhZb/xYGy+IA0YIxoxV7hMB8GA1UdIwQY
MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt
Yzg3ZmJiZDAzZTg2LzEvQUpPTEtFMkZsdl9GZ2JMNGdEUmdqR2pGWHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2
LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA+o
MA0GCSqGSIb3DQEBCwUAA4IBAQC2FOPsICwt7VBuEbcXZvqs7W9I1jSaW/X/uAl7
XY/11Y6W3hhsrleSignDuTHCmlxPkyUcO0glckW8qoWV07Jrko4UNzoD6jLvI+HM
OdpETq8kxKs0C79JBr9vZg0alsRP1omMQA3ShU/0ZnkQjfpH2xrcRvhcfZAO9UTO
sOlOlz+Q0rEAiYVffHjnc5t33RFLIdMccaHhUjrTlSBT4wTmGhFigrnBxe+15yEl
r3VBPpAFlygPHdERBlCoJHyQqjBPy/oEtSY0ycabxQFNgZZBMYNsdJi8DU4K8XR6
6nQqUERrwS4+5s1ghxoJV+RV1KOfT6I4E+pLICnRn3H8g8Zi
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:50:41 2024 by rpki-client on console-ams.rpki-client.org