Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/AWDGlLSPTHsT8ccmfgBdlZumMc4.roa
File: AWDGlLSPTHsT8ccmfgBdlZumMc4.roa (raw, json)
Hash identifier: ry8zFoxoFQG8Hel8vUbhmIJm+gkmqHSCQWP+i3/IEmU=
Subject key identifier: 01:60:C6:94:B4:8F:4C:7B:13:F1:C7:26:7E:00:5D:95:9B:A6:31:CE
Certificate issuer: /CN=0a5f6129142bd0a9dc69dfd402489ff25f5b3ef2
Certificate serial: 018CC4247B23D5056F7E44620436EBD39D77
Authority key identifier: 0A:5F:61:29:14:2B:D0:A9:DC:69:DF:D4:02:48:9F:F2:5F:5B:3E:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/AWDGlLSPTHsT8ccmfgBdlZumMc4.roa
Signing time: Mon 01 Jan 2024 08:29:34 +0000
ROA not before: Mon 01 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43341
IP address blocks: 185.188.120.0/22 maxlen: 22
213.211.192.0/18 maxlen: 29
88.150.0.0/17 maxlen: 29
194.45.154.0/24 maxlen: 24
2a03:5080::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:7b:23:d5:05:6f:7e:44:62:04:36:eb:d3:9d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a5f6129142bd0a9dc69dfd402489ff25f5b3ef2
Validity
Not Before: Jan 1 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0160c694b48f4c7b13f1c7267e005d959ba631ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ca:3c:e1:01:4f:9d:7d:17:42:f5:bc:73:bb:
02:78:5f:53:f5:e0:da:85:7b:11:c2:15:0f:65:11:
19:5b:04:4b:3f:87:6f:1e:e9:ad:4b:99:2f:a2:2a:
f3:c6:de:71:1f:d4:b5:30:f5:fa:5b:a0:74:4c:6b:
00:15:2b:e7:b2:7b:33:ad:c2:43:29:38:fb:00:79:
d5:36:bf:f3:f2:32:2d:71:1e:fc:75:0c:71:8b:93:
f2:98:ef:cd:53:22:6b:f6:d2:3a:ba:3c:3e:7f:9c:
90:81:0d:14:c4:c5:95:aa:d2:f5:7b:40:3d:50:6f:
24:b2:54:a8:26:6a:96:57:99:bc:95:e2:27:53:45:
8e:03:be:a2:62:8a:b1:f1:c9:1e:eb:39:0c:1d:a9:
d5:f0:20:79:4f:61:24:bd:c7:b0:4d:2a:d3:91:8b:
db:40:70:26:27:79:79:ff:f6:88:a8:b2:44:0d:3a:
20:1b:f9:db:d8:ca:a7:2f:30:4b:10:29:ac:17:13:
b1:09:a0:97:53:c5:70:b2:30:07:fb:e4:99:a7:36:
34:0a:aa:49:a9:17:42:43:d3:10:c7:c7:c2:35:dd:
2a:16:bc:dd:6a:72:0f:2a:99:4d:84:b9:97:39:81:
c2:b1:3b:6b:d3:90:30:56:99:40:68:3c:71:09:0c:
54:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:60:C6:94:B4:8F:4C:7B:13:F1:C7:26:7E:00:5D:95:9B:A6:31:CE
X509v3 Authority Key Identifier:
keyid:0A:5F:61:29:14:2B:D0:A9:DC:69:DF:D4:02:48:9F:F2:5F:5B:3E:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/AWDGlLSPTHsT8ccmfgBdlZumMc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.150.0.0/17
185.188.120.0/22
194.45.154.0/24
213.211.192.0/18
IPv6:
2a03:5080::/32
Signature Algorithm: sha256WithRSAEncryption
36:92:65:8a:1b:7a:88:f8:1e:c3:70:a9:4a:c6:21:59:c2:9b:
1a:aa:0a:0c:1d:14:65:88:84:18:77:0b:8b:20:ef:7d:4b:91:
49:23:c5:89:e6:fc:81:41:be:52:8d:77:a7:f8:53:35:79:62:
12:63:8a:ea:53:be:25:58:5e:63:61:98:8e:44:9f:c0:1c:b2:
ca:f6:0b:98:cd:a6:02:cc:a9:02:e1:14:92:d2:25:38:8a:e6:
81:96:63:ae:f1:c5:1d:99:28:95:ef:8b:d4:34:d2:e0:ab:2d:
80:3b:8d:65:79:ae:a9:40:28:ac:e9:58:dc:ba:88:ca:0a:c8:
70:af:a3:35:ca:0f:18:67:30:fe:40:3f:0e:ce:6c:ef:51:83:
9d:31:37:53:09:1a:b8:31:f6:65:9e:2b:cb:24:23:7f:c0:08:
95:bf:58:9f:4f:36:f7:c0:f8:d3:3d:4f:f7:e7:86:a6:77:2e:
03:17:72:9a:77:d0:8f:80:e2:ae:b9:0a:eb:00:96:c7:98:e6:
c6:2f:59:b4:5f:ab:0f:8e:1c:26:aa:95:ca:78:7a:ed:db:33:
dc:4e:f4:8d:06:df:1f:15:7d:0a:e3:f9:c6:0f:83:19:f7:77:
03:82:c5:27:16:05:57:9a:af:c5:12:ee:5e:43:9f:64:69:d2:
72:5a:bf:a8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJHsj1QVvfkRiBDbr0513MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNWY2MTI5MTQyYmQwYTlkYzY5ZGZkNDAyNDg5ZmYyNWY1
YjNlZjIwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTYwYzY5NGI0OGY0YzdiMTNmMWM3MjY3ZTAwNWQ5NTliYTYzMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgso84QFPnX0XQvW8c7sCeF9T9eDa
hXsRwhUPZREZWwRLP4dvHumtS5kvoirzxt5xH9S1MPX6W6B0TGsAFSvnsnszrcJD
KTj7AHnVNr/z8jItcR78dQxxi5PymO/NUyJr9tI6ujw+f5yQgQ0UxMWVqtL1e0A9
UG8kslSoJmqWV5m8leInU0WOA76iYoqx8cke6zkMHanV8CB5T2EkvcewTSrTkYvb
QHAmJ3l5//aIqLJEDTogG/nb2MqnLzBLECmsFxOxCaCXU8VwsjAH++SZpzY0CqpJ
qRdCQ9MQx8fCNd0qFrzdanIPKplNhLmXOYHCsTtr05AwVplAaDxxCQxU+wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAFgxpS0j0x7E/HHJn4AXZWbpjHOMB8GA1UdIwQY
MBaAFApfYSkUK9Cp3Gnf1AJIn/JfWz7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2w5aEtSUXIwS25jYWRfVUFraWY4bDliUHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wYWQyNjQtM2E1MC00NTYzLWEzNWEt
MGQyYmJlNThjMTQ1LzEvQVdER2xMU1BUSHNUOGNjbWZnQmRsWnVtTWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wYWQyNjQtM2E1MC00NTYzLWEzNWEtMGQyYmJlNThjMTQ1
LzEvQ2w5aEtSUXIwS25jYWRfVUFraWY4bDliUHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHWJYAAwQC
ubx4AwQAwi2aAwQG1dPAMA0EAgACMAcDBQAqA1CAMA0GCSqGSIb3DQEBCwUAA4IB
AQA2kmWKG3qI+B7DcKlKxiFZwpsaqgoMHRRliIQYdwuLIO99S5FJI8WJ5vyBQb5S
jXen+FM1eWISY4rqU74lWF5jYZiORJ/AHLLK9guYzaYCzKkC4RSS0iU4iuaBlmOu
8cUdmSiV74vUNNLgqy2AO41lea6pQCis6VjcuojKCshwr6M1yg8YZzD+QD8Ozmzv
UYOdMTdTCRq4MfZlnivLJCN/wAiVv1ifTzb3wPjTPU/354amdy4DF3Kad9CPgOKu
uQrrAJbHmObGL1m0X6sPjhwmqpXKeHrt2zPcTvSNBt8fFX0K4/nGD4MZ93cDgsUn
FgVXmq/FEu5eQ59kadJyWr+o
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:07:51 2024 by rpki-client on console-ams.rpki-client.org