Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/64kTOl9PHCRC4WvJUZhf0xqBGt4.roa
File: 64kTOl9PHCRC4WvJUZhf0xqBGt4.roa (raw, json)
Hash identifier: XLLzxX1qQLov4ATE3UOA4HA7nWxRTSSliy2UskN8ldk=
Subject key identifier: EB:89:13:3A:5F:4F:1C:24:42:E1:6B:C9:51:98:5F:D3:1A:81:1A:DE
Certificate issuer: /CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Certificate serial: 018D178C6837239C1F825935082C3041A0CA
Authority key identifier: 3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/64kTOl9PHCRC4WvJUZhf0xqBGt4.roa
Signing time: Wed 17 Jan 2024 13:11:34 +0000
ROA not before: Wed 17 Jan 2024 13:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4755
IP address blocks: 86.36.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:8c:68:37:23:9c:1f:82:59:35:08:2c:30:41:a0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Validity
Not Before: Jan 17 13:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb89133a5f4f1c2442e16bc951985fd31a811ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:30:9e:00:a4:95:07:2a:e5:d7:6e:b4:a4:39:
7d:cc:bd:af:b7:69:00:6f:4c:37:47:3f:a5:d5:b2:
fb:a3:b5:7d:95:22:c6:f0:c8:a9:5c:98:81:09:de:
2f:0a:6a:16:77:60:bf:5b:9b:94:17:ac:ff:5d:0f:
c6:b1:ad:f1:98:e3:6d:d2:df:85:bf:95:7b:19:44:
46:3c:e4:09:eb:c6:e8:d6:cd:b5:e7:0a:02:74:e8:
01:90:b0:ab:da:47:fc:c7:98:05:c7:9c:8a:de:bc:
16:6c:d2:3a:18:5c:44:d9:db:b9:42:0b:08:eb:0a:
66:18:80:da:85:8f:88:75:e6:2a:8c:f8:b9:da:c0:
6d:ab:e5:12:97:71:80:a1:fc:b3:51:4c:ca:5c:39:
d8:67:0d:c0:1a:31:00:c2:77:84:0f:23:1e:8b:9b:
fe:1e:7c:a7:8a:a5:9d:45:fa:5f:cd:02:5e:32:e1:
cd:a8:77:ff:33:1b:aa:bb:b4:b6:3e:4a:1c:fa:6e:
38:aa:c4:ad:5d:2f:f5:24:d2:0b:e5:dd:88:ce:1f:
d9:c6:5f:99:87:fb:5e:b1:0a:1b:20:d7:13:34:a3:
f0:f2:d7:f0:ba:6c:26:7d:8b:74:16:50:3d:ae:41:
95:d7:f9:6c:f8:d9:3d:bd:5e:9a:39:fc:e2:c0:5c:
47:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:89:13:3A:5F:4F:1C:24:42:E1:6B:C9:51:98:5F:D3:1A:81:1A:DE
X509v3 Authority Key Identifier:
keyid:3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/64kTOl9PHCRC4WvJUZhf0xqBGt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.36.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:be:4a:a7:ed:07:da:5f:83:e2:46:40:3f:b6:53:dd:42:e1:
d9:1c:8c:1a:62:d0:dd:2b:07:a2:36:e0:78:8b:15:58:18:84:
99:69:08:06:19:91:6c:3a:77:b8:e5:3f:07:23:c6:3e:67:b1:
a7:28:3b:3b:ff:a9:85:70:54:33:4e:58:67:8f:98:29:c9:46:
d7:d2:49:60:08:fa:c7:6e:a1:a8:96:fc:6d:e8:1f:61:87:78:
5c:1b:13:d8:17:14:a4:20:22:62:ef:4a:e6:50:12:18:7f:41:
66:b2:74:23:25:b7:92:a0:53:12:35:aa:b1:e5:8f:9a:4f:9d:
7b:44:f3:e8:d2:9b:2b:63:59:44:94:eb:20:15:78:b0:43:0d:
e3:a9:a3:f4:24:5b:8c:ad:72:05:e5:da:6a:91:eb:19:da:58:
63:fe:d4:ff:bb:c8:ee:8e:39:90:d0:27:c4:7b:62:f9:e9:df:
15:0d:9a:74:00:37:f3:04:41:b6:77:99:91:91:3a:73:a7:6e:
b6:31:bb:86:b1:fa:25:d6:eb:55:03:d2:66:ba:79:e6:09:0c:
48:54:2b:be:0d:7a:99:92:3e:d5:57:e0:89:f0:a0:cd:8e:5f:
87:fa:9d:49:59:6a:ee:7c:ba:45:9c:a9:79:d7:a6:60:4b:71:
8d:19:c7:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0XjGg3I5wfglk1CCwwQaDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGQzZmIwNDRlYjFjMGExMWJlMDYwMmFjZWVmODhlNWY1
ZDJkZGYwHhcNMjQwMTE3MTMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjg5MTMzYTVmNGYxYzI0NDJlMTZiYzk1MTk4NWZkMzFhODExYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzCeAKSVByrl1260pDl9zL2vt2kA
b0w3Rz+l1bL7o7V9lSLG8MipXJiBCd4vCmoWd2C/W5uUF6z/XQ/Gsa3xmONt0t+F
v5V7GURGPOQJ68bo1s215woCdOgBkLCr2kf8x5gFx5yK3rwWbNI6GFxE2du5QgsI
6wpmGIDahY+IdeYqjPi52sBtq+USl3GAofyzUUzKXDnYZw3AGjEAwneEDyMei5v+
HnyniqWdRfpfzQJeMuHNqHf/Mxuqu7S2Pkoc+m44qsStXS/1JNIL5d2Izh/Zxl+Z
h/tesQobINcTNKPw8tfwumwmfYt0FlA9rkGV1/ls+Nk9vV6aOfziwFxHzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuJEzpfTxwkQuFryVGYX9MagRreMB8GA1UdIwQY
MBaAFDxNP7BE6xwKEb4GAqzu+I5fXS3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEt
YjE4NGUzZjRiNTBlLzEvNjRrVE9sOVBIQ1JDNFd2SlVaaGYweHFCR3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEtYjE4NGUzZjRiNTBl
LzEvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCViQUMA0G
CSqGSIb3DQEBCwUAA4IBAQA8vkqn7QfaX4PiRkA/tlPdQuHZHIwaYtDdKweiNuB4
ixVYGISZaQgGGZFsOne45T8HI8Y+Z7GnKDs7/6mFcFQzTlhnj5gpyUbX0klgCPrH
bqGolvxt6B9hh3hcGxPYFxSkICJi70rmUBIYf0FmsnQjJbeSoFMSNaqx5Y+aT517
RPPo0psrY1lElOsgFXiwQw3jqaP0JFuMrXIF5dpqkesZ2lhj/tT/u8jujjmQ0CfE
e2L56d8VDZp0ADfzBEG2d5mRkTpzp262MbuGsfol1utVA9JmunnmCQxIVCu+DXqZ
kj7VV+CJ8KDNjl+H+p1JWWrufLpFnKl516ZgS3GNGcez
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:59 2024 by rpki-client on console-ams.rpki-client.org