Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/aBUo7thPCXwNTIZQqvHtYcEESlQ.roa
File: aBUo7thPCXwNTIZQqvHtYcEESlQ.roa (raw, json)
Hash identifier: aFhBSP/ByAz04uTBtewAfuX5IK3hFxExYxh6Ts6Elgc=
Subject key identifier: 68:15:28:EE:D8:4F:09:7C:0D:4C:86:50:AA:F1:ED:61:C1:04:4A:54
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938FB263BEA9037A18CCDF728BD7FD
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/aBUo7thPCXwNTIZQqvHtYcEESlQ.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35782
IP address blocks: 82.150.144.0/24 maxlen: 24
2a02:10:104::/48 maxlen: 48
2a02:10:105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8f:b2:63:be:a9:03:7a:18:cc:df:72:8b:d7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=681528eed84f097c0d4c8650aaf1ed61c1044a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b1:68:cd:f8:29:7a:a5:57:84:78:85:4e:45:
d7:db:f4:6d:ed:3d:bf:50:b6:91:98:1b:c2:e2:25:
8c:14:c2:f5:c3:aa:ca:3a:0b:40:20:d0:20:fb:27:
7e:82:c2:92:d6:1d:33:02:95:3d:2b:c7:74:1a:ff:
85:75:00:c4:ff:9d:cc:2c:18:a1:d0:bc:27:d2:38:
80:b1:90:65:84:c2:03:27:c1:3c:b2:3b:79:0e:07:
de:be:73:a2:1e:b5:56:36:d3:c9:92:65:df:8a:cb:
ff:ed:c2:10:d6:a8:36:64:34:5e:07:d6:d3:3e:de:
2c:56:ee:66:d9:f7:eb:00:35:62:5e:17:f0:7f:cd:
d0:c6:78:45:ee:2c:a0:2e:bb:88:d8:a6:b0:56:a7:
7a:15:8b:ca:67:d2:5a:5f:ac:4e:63:50:25:ff:15:
6f:fa:34:ec:cf:a6:4c:57:a3:31:61:00:4a:2d:08:
53:32:fd:6f:47:49:bd:7e:1d:c4:c3:aa:60:15:c6:
e4:19:af:c8:03:6b:2d:7f:b6:85:31:9a:1e:b2:b1:
2b:84:0a:ae:65:2d:9a:28:ab:48:47:40:52:df:f4:
b0:b5:81:15:78:fe:d4:96:dd:da:94:2f:00:1e:44:
b0:ef:03:e3:38:9f:13:a5:a8:05:b4:44:8e:bb:4e:
27:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:15:28:EE:D8:4F:09:7C:0D:4C:86:50:AA:F1:ED:61:C1:04:4A:54
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/aBUo7thPCXwNTIZQqvHtYcEESlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.144.0/24
IPv6:
2a02:10:104::/47
Signature Algorithm: sha256WithRSAEncryption
10:e3:2a:bc:7c:94:cc:e6:11:54:cb:21:1f:a0:57:a5:4e:79:
80:12:37:f1:7d:98:90:fb:a8:71:8d:cc:98:fc:24:31:f8:ce:
71:cb:89:19:50:de:09:ab:35:77:e9:5b:77:02:17:f6:a9:c4:
73:34:92:83:c5:7f:1c:2a:58:c4:1f:41:25:24:38:13:c5:5b:
dd:b4:32:ee:f1:be:e7:9c:7e:dc:51:12:4d:29:eb:a8:e3:b5:
19:71:9a:83:0c:37:d7:80:3c:49:f3:2b:36:cc:52:92:16:47:
d1:2d:e6:81:e8:46:ea:23:c9:db:e6:53:51:c1:79:39:49:6b:
8b:14:39:75:41:9e:ad:c5:b5:52:ba:26:2e:2c:d7:e9:65:1a:
df:13:33:5a:a4:9d:5c:e4:95:b9:fc:63:6b:bf:ef:db:fd:91:
3b:59:17:32:ff:2e:dd:57:1c:36:3b:96:7c:ed:6f:b2:4a:a9:
e4:2c:5d:17:01:94:35:d5:ac:d2:b9:f7:69:28:d8:0d:c0:d0:
5a:79:92:eb:dc:54:98:22:41:53:54:75:88:73:3c:77:1f:76:
04:27:a1:9e:4b:f1:e4:f6:c4:29:ac:6e:b3:84:6a:5d:24:de:
80:f8:b7:64:7c:90:33:2a:f6:05:16:f1:67:96:31:88:27:13:
b5:94:3d:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk4+yY76pA3oYzN9yi9f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODE1MjhlZWQ4NGYwOTdjMGQ0Yzg2NTBhYWYxZWQ2MWMxMDQ0YTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7FozfgpeqVXhHiFTkXX2/Rt7T2/
ULaRmBvC4iWMFML1w6rKOgtAINAg+yd+gsKS1h0zApU9K8d0Gv+FdQDE/53MLBih
0Lwn0jiAsZBlhMIDJ8E8sjt5DgfevnOiHrVWNtPJkmXfisv/7cIQ1qg2ZDReB9bT
Pt4sVu5m2ffrADViXhfwf83QxnhF7iygLruI2KawVqd6FYvKZ9JaX6xOY1Al/xVv
+jTsz6ZMV6MxYQBKLQhTMv1vR0m9fh3Ew6pgFcbkGa/IA2stf7aFMZoesrErhAqu
ZS2aKKtIR0BS3/SwtYEVeP7Ult3alC8AHkSw7wPjOJ8TpagFtESOu04nwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGgVKO7YTwl8DUyGUKrx7WHBBEpUMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvYUJVbzd0aFBDWHdOVElaUXF2SHRZY0VFU2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUpaQMA8E
AgACMAkDBwEqAgAQAQQwDQYJKoZIhvcNAQELBQADggEBABDjKrx8lMzmEVTLIR+g
V6VOeYASN/F9mJD7qHGNzJj8JDH4znHLiRlQ3gmrNXfpW3cCF/apxHM0koPFfxwq
WMQfQSUkOBPFW920Mu7xvuecftxREk0p66jjtRlxmoMMN9eAPEnzKzbMUpIWR9Et
5oHoRuojydvmU1HBeTlJa4sUOXVBnq3FtVK6Ji4s1+llGt8TM1qknVzklbn8Y2u/
79v9kTtZFzL/Lt1XHDY7lnztb7JKqeQsXRcBlDXVrNK592ko2A3A0Fp5kuvcVJgi
QVNUdYhzPHcfdgQnoZ5L8eT2xCmsbrOEal0k3oD4t2R8kDMq9gUW8WeWMYgnE7WU
Pak=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:23:37 2024 by rpki-client on console-ams.rpki-client.org