Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/AKvyC_ZJBSo8bu8Ji2tAERDc7FA.roa
File: AKvyC_ZJBSo8bu8Ji2tAERDc7FA.roa (raw, json)
Hash identifier: nyeNHAuiwqAhjLExCY7F2K/so0t/yFRpvlXOsNfCufI=
Subject key identifier: 00:AB:F2:0B:F6:49:05:2A:3C:6E:EF:09:8B:6B:40:11:10:DC:EC:50
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 018CC3B6D1739C6DB29421E3CDB0AA60B157
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/AKvyC_ZJBSo8bu8Ji2tAERDc7FA.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12761
IP address blocks: 193.118.162.0/24 maxlen: 24
193.118.164.0/24 maxlen: 24
217.111.164.0/24 maxlen: 24
217.111.166.0/24 maxlen: 24
217.111.165.0/24 maxlen: 24
217.111.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d1:73:9c:6d:b2:94:21:e3:cd:b0:aa:60:b1:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00abf20bf649052a3c6eef098b6b401110dcec50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:a9:1e:41:bb:13:8d:e2:ef:b3:bd:70:c9:
99:bf:6f:d4:dd:39:a1:39:d4:74:0b:a3:f7:e1:2f:
c4:4d:d6:be:a4:ee:11:76:94:42:b7:44:32:51:40:
3e:01:39:7f:a3:bf:c9:13:43:3d:60:8d:58:8f:61:
f5:79:6f:c4:6f:6c:b2:06:98:f8:7a:a2:78:07:9c:
f8:b3:2e:b9:f3:63:ae:51:9b:2f:6b:bc:fe:5d:2c:
f0:aa:09:65:c0:3e:c0:28:59:f1:d2:76:33:bf:cf:
3b:c2:7a:bf:48:b3:6f:25:3c:c2:c8:78:55:8a:04:
8d:88:03:a8:1c:c4:9e:bf:83:cf:fa:59:90:74:1b:
68:70:d2:94:9e:c3:5e:17:5e:47:97:3b:a7:2a:81:
46:7b:77:7d:fb:df:db:0a:2e:6d:8d:75:27:91:f5:
0a:3c:02:a4:c9:a4:e2:c0:69:8c:92:d6:82:10:06:
c5:b1:e6:8a:eb:bb:59:7d:e8:ad:9a:ed:33:cf:77:
30:c7:5c:cb:0e:89:de:05:4a:0b:8d:aa:19:db:ea:
b8:c7:ae:a6:7e:40:53:e9:5c:d0:5e:20:7c:f7:52:
c6:18:83:f1:6d:76:22:48:87:17:36:71:eb:0e:41:
c4:0f:15:d1:c5:35:0b:a7:ea:ad:bc:be:8b:c7:81:
89:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AB:F2:0B:F6:49:05:2A:3C:6E:EF:09:8B:6B:40:11:10:DC:EC:50
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/AKvyC_ZJBSo8bu8Ji2tAERDc7FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.118.162.0/24
193.118.164.0/24
217.111.164.0/22
Signature Algorithm: sha256WithRSAEncryption
30:79:d5:bf:f2:47:30:79:91:6f:4f:58:f3:81:a7:5a:0f:c5:
8b:a5:82:37:9b:ab:c2:fc:e4:f5:6b:f6:2b:8a:62:b1:4b:dc:
5f:9e:e8:34:d5:36:21:55:13:97:a9:62:5e:a7:79:32:46:6f:
21:ae:96:1f:18:21:a8:c6:25:41:22:44:df:0a:39:47:28:36:
1e:28:19:90:35:39:9b:2d:cf:f5:71:93:eb:0a:70:63:cf:72:
09:9c:b6:08:3b:11:53:40:b8:67:75:36:51:c6:18:53:e6:54:
b8:b0:f2:d8:5a:d0:1d:0b:ba:73:21:86:68:ae:48:e6:4b:78:
65:7f:f9:88:8d:68:00:34:37:e8:ad:41:10:f8:42:d0:da:2e:
6d:68:da:6b:ce:34:26:91:88:ed:32:a3:1b:22:0d:87:1b:68:
19:26:fc:d7:30:e7:15:f9:d6:ba:0d:e5:f2:80:82:1f:79:61:
de:10:bf:a7:27:d4:d8:e4:8f:09:99:48:df:e5:e6:c8:50:a0:
2c:de:89:63:b6:1e:fd:74:d6:10:70:81:33:db:31:c5:cd:40:
fa:e2:83:56:48:4f:59:10:7a:93:3b:c6:f0:d5:59:ff:57:88:
9c:19:2c:11:42:f7:41:c5:c8:a0:99:57:b7:fa:97:91:9b:ed:
04:9e:56:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDttFznG2ylCHjzbCqYLFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFiZjIwYmY2NDkwNTJhM2M2ZWVmMDk4YjZiNDAxMTEwZGNlYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnepHkG7E43i77O9cMmZv2/U3Tmh
OdR0C6P34S/ETda+pO4RdpRCt0QyUUA+ATl/o7/JE0M9YI1Yj2H1eW/Eb2yyBpj4
eqJ4B5z4sy6582OuUZsva7z+XSzwqgllwD7AKFnx0nYzv887wnq/SLNvJTzCyHhV
igSNiAOoHMSev4PP+lmQdBtocNKUnsNeF15HlzunKoFGe3d9+9/bCi5tjXUnkfUK
PAKkyaTiwGmMktaCEAbFseaK67tZfeitmu0zz3cwx1zLDoneBUoLjaoZ2+q4x66m
fkBT6VzQXiB891LGGIPxbXYiSIcXNnHrDkHEDxXRxTULp+qtvL6Lx4GJ2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFACr8gv2SQUqPG7vCYtrQBEQ3OxQMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvQUt2eUNfWkpCU284YnU4SmkydEFFUkRjN0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXaiAwQA
wXakAwQC2W+kMA0GCSqGSIb3DQEBCwUAA4IBAQAwedW/8kcweZFvT1jzgadaD8WL
pYI3m6vC/OT1a/YrimKxS9xfnug01TYhVROXqWJep3kyRm8hrpYfGCGoxiVBIkTf
CjlHKDYeKBmQNTmbLc/1cZPrCnBjz3IJnLYIOxFTQLhndTZRxhhT5lS4sPLYWtAd
C7pzIYZorkjmS3hlf/mIjWgANDforUEQ+ELQ2i5taNprzjQmkYjtMqMbIg2HG2gZ
JvzXMOcV+da6DeXygIIfeWHeEL+nJ9TY5I8JmUjf5ebIUKAs3oljth79dNYQcIEz
2zHFzUD64oNWSE9ZEHqTO8bw1Vn/V4icGSwRQvdBxcigmVe3+peRm+0Enlb0
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:31 2024 by rpki-client on console-ams.rpki-client.org