Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/Aal5fDlv8KTqjduL-1trsHe7lCc.roa
File: Aal5fDlv8KTqjduL-1trsHe7lCc.roa (raw, json)
Hash identifier: zj/AVp1HZvxzwBQuPni9XQZCW87AasIvY9xqo7RidLM=
Subject key identifier: 01:A9:79:7C:39:6F:F0:A4:EA:8D:DB:8B:FB:5B:6B:B0:77:BB:94:27
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018CC26D2E227C840E0F5C1CA12FEEDD1F96
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/Aal5fDlv8KTqjduL-1trsHe7lCc.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43345
IP address blocks: 62.221.250.0/24 maxlen: 24
185.94.228.0/24 maxlen: 24
2a05:1500:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2e:22:7c:84:0e:0f:5c:1c:a1:2f:ee:dd:1f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01a9797c396ff0a4ea8ddb8bfb5b6bb077bb9427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:db:c6:fb:8f:20:b7:cc:e1:72:09:b4:1f:f9:
65:22:51:5f:eb:0d:c6:c9:b9:84:e8:71:29:e9:f2:
c0:4f:3e:6d:7c:7a:75:4a:e7:e1:45:93:5a:96:bd:
c7:6a:87:70:90:f2:60:67:b7:a2:69:db:f4:f6:92:
26:55:a5:67:7b:36:54:19:d4:92:67:39:fb:c2:04:
1c:2b:32:3e:2c:24:f8:64:f2:27:15:34:3b:b5:b8:
28:c6:0b:37:31:a8:21:23:52:9c:ec:7b:15:1a:fa:
25:23:4f:86:3b:8d:b2:c8:0c:d9:00:c8:65:da:64:
85:06:ac:88:3e:82:0f:29:dc:6b:6d:d5:e5:44:e4:
51:2f:fc:5c:79:6a:b4:3d:97:2b:6e:84:85:9a:42:
62:10:b9:42:55:3b:8c:82:56:53:0c:ff:b3:2d:f9:
a8:18:21:d7:a3:bc:ab:5c:02:4c:b2:67:d9:67:67:
cf:b2:8d:2a:6c:ab:c4:1d:b5:03:0e:ea:f2:d1:dd:
18:78:68:bd:e3:7c:1c:25:24:dc:be:a0:56:f4:96:
f5:86:29:3e:d8:be:37:2f:79:0c:30:b5:71:5c:b3:
63:64:ae:17:70:b8:99:dd:e6:5b:7e:ae:6e:16:02:
e5:6a:24:99:a8:2b:a2:6d:df:44:08:69:c6:c4:a1:
ba:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A9:79:7C:39:6F:F0:A4:EA:8D:DB:8B:FB:5B:6B:B0:77:BB:94:27
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/Aal5fDlv8KTqjduL-1trsHe7lCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.250.0/24
185.94.228.0/24
IPv6:
2a05:1500:500::/40
Signature Algorithm: sha256WithRSAEncryption
7a:d6:a5:9a:54:cd:e0:06:b8:22:a5:83:20:38:f1:eb:5c:9b:
26:79:3f:89:a0:58:1c:d9:cc:c5:af:86:25:a1:3c:75:95:77:
6b:5d:db:d9:36:a0:01:6b:a3:bb:df:3f:1d:fd:bb:78:43:d9:
42:28:9b:a5:51:27:ef:86:67:98:5e:8a:cb:df:f6:6c:35:31:
44:95:ab:e2:d6:68:43:05:99:6a:57:fc:cb:86:d1:9a:a9:f2:
29:05:91:66:6e:b7:b7:8d:35:c9:42:5f:81:62:e0:4b:60:8e:
15:2e:0e:aa:d8:6b:d3:7e:ff:41:97:b9:26:54:8d:3e:ec:e4:
0a:53:5a:6a:bf:15:2f:48:82:33:6a:73:ea:55:06:0d:09:2c:
cf:ba:71:35:15:43:1b:40:83:85:44:de:3c:42:03:6b:76:37:
9d:76:49:6d:e5:84:1b:ca:48:57:eb:c3:0b:a3:70:9d:20:aa:
51:64:bd:c4:a6:15:c0:6d:33:dc:e7:43:5e:75:32:26:1b:54:
19:10:02:dd:09:6f:73:0b:82:97:a2:10:47:73:ef:38:eb:02:
5e:54:9d:13:89:60:4d:0d:91:db:9a:4b:b5:9e:a7:d1:cb:ec:
a6:e4:65:d7:bd:78:09:8d:1d:2d:d5:f3:a7:4c:e4:64:18:d9:
62:4d:26:c0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzCbS4ifIQOD1wcoS/u3R+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE5Nzk3YzM5NmZmMGE0ZWE4ZGRiOGJmYjViNmJiMDc3YmI5NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtvG+48gt8zhcgm0H/llIlFf6w3G
ybmE6HEp6fLATz5tfHp1SufhRZNalr3HaodwkPJgZ7eiadv09pImVaVnezZUGdSS
Zzn7wgQcKzI+LCT4ZPInFTQ7tbgoxgs3MaghI1Kc7HsVGvolI0+GO42yyAzZAMhl
2mSFBqyIPoIPKdxrbdXlRORRL/xceWq0PZcrboSFmkJiELlCVTuMglZTDP+zLfmo
GCHXo7yrXAJMsmfZZ2fPso0qbKvEHbUDDury0d0YeGi943wcJSTcvqBW9Jb1hik+
2L43L3kMMLVxXLNjZK4XcLiZ3eZbfq5uFgLlaiSZqCuibd9ECGnGxKG6ewIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAGpeXw5b/Ck6o3bi/tba7B3u5QnMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvQWFsNWZEbHY4S1RxamR1TC0xdHJzSGU3bENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAPt36AwQA
uV7kMA4EAgACMAgDBgAqBRUABTANBgkqhkiG9w0BAQsFAAOCAQEAetalmlTN4Aa4
IqWDIDjx61ybJnk/iaBYHNnMxa+GJaE8dZV3a13b2TagAWuju98/Hf27eEPZQiib
pVEn74ZnmF6Ky9/2bDUxRJWr4tZoQwWZalf8y4bRmqnyKQWRZm63t401yUJfgWLg
S2COFS4Oqthr037/QZe5JlSNPuzkClNaar8VL0iCM2pz6lUGDQksz7pxNRVDG0CD
hUTePEIDa3Y3nXZJbeWEG8pIV+vDC6NwnSCqUWS9xKYVwG0z3OdDXnUyJhtUGRAC
3QlvcwuCl6IQR3PvOOsCXlSdE4lgTQ2R25pLtZ6n0cvspuRl1714CY0dLdXzp0zk
ZBjZYk0mwA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:04 2024 by rpki-client on console-ams.rpki-client.org