Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/AojfL2AhYfgVuAqC0bEQ4Gmk4Rw.roa
File: AojfL2AhYfgVuAqC0bEQ4Gmk4Rw.roa (raw, json)
Hash identifier: OwleWVqLqAKbq+BkX/70VnSgulOa0ZLs0gatevnaZ5Y=
Subject key identifier: 02:88:DF:2F:60:21:61:F8:15:B8:0A:82:D1:B1:10:E0:69:A4:E1:1C
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 018CC8DE7281E24C220E7A04E66CE9D00B25
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/AojfL2AhYfgVuAqC0bEQ4Gmk4Rw.roa
Signing time: Tue 02 Jan 2024 06:31:10 +0000
ROA not before: Tue 02 Jan 2024 06:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28831
IP address blocks: 185.107.148.0/23 maxlen: 23
185.107.150.0/23 maxlen: 23
62.169.32.0/21 maxlen: 21
62.169.42.0/24 maxlen: 24
62.169.40.0/21 maxlen: 21
62.169.48.0/21 maxlen: 21
62.169.49.0/24 maxlen: 24
62.169.56.0/21 maxlen: 21
62.169.63.0/24 maxlen: 24
62.169.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:72:81:e2:4c:22:0e:7a:04:e6:6c:e9:d0:0b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Jan 2 06:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0288df2f602161f815b80a82d1b110e069a4e11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:2d:7c:05:ce:27:87:5c:1f:e9:a3:67:23:
df:27:b2:3f:8a:70:32:c4:15:4c:e1:89:5b:6f:92:
dc:f3:85:b4:d8:7a:e6:2d:4b:7b:1d:cd:61:f1:39:
63:9e:c4:51:55:80:7d:7c:9e:86:1f:01:e9:2c:8a:
7e:93:90:df:98:65:07:e7:de:e2:0e:5a:4c:0a:9f:
8d:76:69:7e:64:d6:fb:87:d8:5e:27:55:77:9e:7d:
2c:52:8b:ad:00:33:29:fa:4c:fa:be:d4:5c:9e:14:
54:c3:32:e6:bb:39:77:1f:e2:dc:12:bf:22:d6:34:
57:e3:08:fe:ff:85:a7:af:95:53:92:6d:94:aa:10:
b8:0b:98:44:8e:97:b1:29:46:b4:da:a8:cc:99:20:
2a:0c:c2:a9:42:3b:4d:16:02:9a:75:c1:b3:7a:a8:
5f:20:42:ed:87:46:3b:26:a4:f1:8e:5a:c2:77:ed:
a8:51:3e:6a:38:9e:23:2e:9d:d9:c8:51:8e:38:3c:
aa:d5:cc:30:01:6b:6c:06:8a:7d:a0:85:20:5c:08:
a3:cb:68:42:02:22:46:7c:56:e2:f9:55:8e:a0:25:
0d:0b:ce:94:05:86:00:96:19:81:85:8e:ed:05:ef:
20:15:c2:5a:42:cb:16:c6:57:84:6d:b8:d3:9b:fc:
2f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:88:DF:2F:60:21:61:F8:15:B8:0A:82:D1:B1:10:E0:69:A4:E1:1C
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/AojfL2AhYfgVuAqC0bEQ4Gmk4Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.32.0/19
185.107.148.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:c4:43:ee:90:e4:85:e5:5b:41:14:5e:f5:8a:e4:b3:7c:a2:
81:ef:c1:a8:e9:50:cb:c6:f2:65:35:e1:f2:bc:5a:0f:d7:2d:
fc:d7:3a:9f:07:a0:98:71:c4:2f:14:79:87:54:f4:20:6d:f5:
b9:fe:ae:92:94:75:05:29:2e:f8:08:7c:03:e3:3b:f7:3f:87:
75:14:4f:0c:76:a1:44:7c:cf:09:23:ef:e7:ed:b8:c8:22:ea:
86:31:91:d1:f7:50:df:fb:14:33:48:72:74:b3:dc:ce:02:52:
70:a6:b4:6d:81:78:f1:ac:77:1f:d9:a3:96:34:7c:6b:e7:84:
6c:3c:ca:d3:45:90:c0:3f:d9:dd:c6:8b:1f:0b:8a:49:7f:8e:
0c:1b:b6:c6:f3:0a:e9:a6:38:98:51:ef:d3:63:c2:99:a9:a5:
d4:fe:f7:e9:9a:2e:75:dc:d8:6f:df:81:95:b9:78:42:e5:a3:
25:35:0b:27:92:36:b7:83:4e:f4:d5:1a:ec:ed:79:ff:e1:f8:
2a:bf:2d:0f:a9:2b:eb:93:84:5e:5a:fb:a6:f5:c3:aa:a9:f8:
47:44:d4:09:28:8e:a2:7d:82:84:d4:d8:82:34:35:a1:a8:1d:
06:60:23:5b:ec:85:94:38:31:a0:5b:3a:6d:f9:55:c0:62:db:
9b:1d:30:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3nKB4kwiDnoE5mzp0AslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2
OTI4YzMwHhcNMjQwMTAyMDYzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg4ZGYyZjYwMjE2MWY4MTViODBhODJkMWIxMTBlMDY5YTRlMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4YtfAXOJ4dcH+mjZyPfJ7I/inAy
xBVM4Ylbb5Lc84W02HrmLUt7Hc1h8TljnsRRVYB9fJ6GHwHpLIp+k5DfmGUH597i
DlpMCp+Ndml+ZNb7h9heJ1V3nn0sUoutADMp+kz6vtRcnhRUwzLmuzl3H+LcEr8i
1jRX4wj+/4Wnr5VTkm2UqhC4C5hEjpexKUa02qjMmSAqDMKpQjtNFgKadcGzeqhf
IELth0Y7JqTxjlrCd+2oUT5qOJ4jLp3ZyFGOODyq1cwwAWtsBop9oIUgXAijy2hC
AiJGfFbi+VWOoCUNC86UBYYAlhmBhY7tBe8gFcJaQssWxleEbbjTm/wvBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKI3y9gIWH4FbgKgtGxEOBppOEcMB8GA1UdIwQY
MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt
ZWNhZTQxNDQ2Yjc3LzEvQW9qZkwyQWhZZmdWdUFxQzBiRVE0R21rNFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3
LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFPqkgAwQC
uWuUMA0GCSqGSIb3DQEBCwUAA4IBAQCrxEPukOSF5VtBFF71iuSzfKKB78Go6VDL
xvJlNeHyvFoP1y381zqfB6CYccQvFHmHVPQgbfW5/q6SlHUFKS74CHwD4zv3P4d1
FE8MdqFEfM8JI+/n7bjIIuqGMZHR91Df+xQzSHJ0s9zOAlJwprRtgXjxrHcf2aOW
NHxr54RsPMrTRZDAP9ndxosfC4pJf44MG7bG8wrppjiYUe/TY8KZqaXU/vfpmi51
3Nhv34GVuXhC5aMlNQsnkja3g0701Rrs7Xn/4fgqvy0PqSvrk4ReWvum9cOqqfhH
RNQJKI6ifYKE1NiCNDWhqB0GYCNb7IWUODGgWzpt+VXAYtubHTDy
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:41:37 2024 by rpki-client on console-ams.rpki-client.org