Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/ClRNaiB0WAUybSnG9epVEDw47JI.roa
File: ClRNaiB0WAUybSnG9epVEDw47JI.roa (raw, json)
Hash identifier: vOw1sHSWzzM+BDP4d9F7GEu7a105Ux1BiV+esK0fivI=
Subject key identifier: 0A:54:4D:6A:20:74:58:05:32:6D:29:C6:F5:EA:55:10:3C:38:EC:92
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 018CC2DAC271AF2A14A16794305723997DF7
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/ClRNaiB0WAUybSnG9epVEDw47JI.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41783
IP address blocks: 217.26.16.0/20 maxlen: 22
2a00:7c00::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c2:71:af:2a:14:a1:67:94:30:57:23:99:7d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a544d6a20745805326d29c6f5ea55103c38ec92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1a:f2:92:b1:08:b3:cc:68:52:88:4d:55:5b:
d3:c1:31:ae:b9:75:c7:52:c8:cb:83:43:99:d1:d9:
f6:bb:b0:ef:13:ad:c1:ff:ee:41:9e:a3:f4:8b:da:
dd:81:48:bf:fe:d1:6a:f7:ef:1a:48:09:f6:21:8a:
68:c6:ec:e2:ca:cb:6f:d9:30:32:dd:ca:1c:a5:9c:
7a:36:82:18:ab:cb:16:98:27:cd:47:06:e6:00:bc:
ed:7c:16:de:3d:63:cf:1d:7e:78:31:50:e4:ce:9a:
db:65:2f:86:e5:aa:f1:8e:5d:3d:3d:df:72:06:76:
d0:1c:da:91:44:0b:b5:31:08:0e:fd:13:d8:6e:7a:
9b:63:cc:4e:89:db:95:51:48:9d:5e:1c:0e:eb:1b:
c5:9c:b2:fb:21:99:93:fd:48:8e:a8:97:07:5f:61:
ff:b5:59:8d:0c:66:6e:08:67:13:ce:6f:2d:18:c4:
0d:5e:bd:07:68:13:64:27:64:9b:5d:85:6b:33:08:
cb:da:71:2a:1c:66:19:0b:51:96:6a:77:74:de:07:
2c:fb:b3:bb:f2:58:7d:da:4b:a5:8f:11:ee:6e:85:
2f:0d:c7:54:7b:4c:d1:55:77:b7:30:a9:5d:7f:b2:
02:ba:92:78:ff:07:df:b4:51:09:62:1d:5e:3a:d3:
38:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:54:4D:6A:20:74:58:05:32:6D:29:C6:F5:EA:55:10:3C:38:EC:92
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/ClRNaiB0WAUybSnG9epVEDw47JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.16.0/20
IPv6:
2a00:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
0e:d3:b2:09:7a:8e:68:50:79:9e:2f:2d:b2:ec:14:32:68:be:
6d:d5:e1:b6:32:21:1a:ac:4a:d0:6e:43:64:54:8e:c5:f0:b9:
30:36:1d:52:15:de:7a:25:2c:46:57:75:b4:88:1e:2b:1d:98:
9c:db:0e:80:9a:d3:7d:f7:84:6a:be:02:b8:42:10:02:17:f1:
a6:0d:ab:ca:0e:c8:7b:3d:f2:5c:28:a7:e9:8e:8c:34:b7:77:
eb:47:47:f6:9c:d7:f0:f5:ef:5d:3b:70:ba:3e:d7:2c:5d:fc:
48:36:51:e5:09:1a:ad:e0:64:ae:0d:13:0a:72:fb:5e:05:39:
f0:1d:71:07:e1:dc:ed:97:0d:10:c8:70:a5:1d:d3:f7:c0:f6:
1b:f9:e7:9f:1b:90:da:d8:5b:be:70:9e:8e:72:b2:3f:56:aa:
3c:88:3c:ef:23:af:a8:41:17:88:34:e6:bb:38:35:23:01:91:
e9:8b:75:f0:dc:ce:42:d9:ad:f7:33:34:eb:68:5b:7d:30:b7:
a3:ef:f4:8b:c3:22:53:71:45:6a:1c:ea:10:4c:e4:ac:80:50:
97:9d:7d:53:5f:9f:3b:3d:8f:df:f6:9c:b4:eb:08:e4:6a:d6:
f1:fd:89:61:b4:32:0a:ee:37:ac:95:8e:62:ad:b0:79:48:68:
82:4b:c6:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2sJxryoUoWeUMFcjmX33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU0NGQ2YTIwNzQ1ODA1MzI2ZDI5YzZmNWVhNTUxMDNjMzhlYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhrykrEIs8xoUohNVVvTwTGuuXXH
UsjLg0OZ0dn2u7DvE63B/+5BnqP0i9rdgUi//tFq9+8aSAn2IYpoxuziystv2TAy
3cocpZx6NoIYq8sWmCfNRwbmALztfBbePWPPHX54MVDkzprbZS+G5arxjl09Pd9y
BnbQHNqRRAu1MQgO/RPYbnqbY8xOiduVUUidXhwO6xvFnLL7IZmT/UiOqJcHX2H/
tVmNDGZuCGcTzm8tGMQNXr0HaBNkJ2SbXYVrMwjL2nEqHGYZC1GWand03gcs+7O7
8lh92kuljxHuboUvDcdUe0zRVXe3MKldf7ICupJ4/wfftFEJYh1eOtM4AQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFApUTWogdFgFMm0pxvXqVRA8OOySMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvQ2xSTmFpQjBXQVV5YlNuRzllcFZFRHc0N0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RoQMA0E
AgACMAcDBQAqAHwAMA0GCSqGSIb3DQEBCwUAA4IBAQAO07IJeo5oUHmeLy2y7BQy
aL5t1eG2MiEarErQbkNkVI7F8LkwNh1SFd56JSxGV3W0iB4rHZic2w6AmtN994Rq
vgK4QhACF/GmDavKDsh7PfJcKKfpjow0t3frR0f2nNfw9e9dO3C6PtcsXfxINlHl
CRqt4GSuDRMKcvteBTnwHXEH4dztlw0QyHClHdP3wPYb+eefG5Da2Fu+cJ6OcrI/
Vqo8iDzvI6+oQReINOa7ODUjAZHpi3Xw3M5C2a33MzTraFt9MLej7/SLwyJTcUVq
HOoQTOSsgFCXnX1TX587PY/f9py06wjkatbx/YlhtDIK7jeslY5irbB5SGiCS8YH
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:19:05 2024 by rpki-client on console-ams.rpki-client.org