Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/lAboOltir4cKStiHjiiqZbX3Yeg.roa
File: lAboOltir4cKStiHjiiqZbX3Yeg.roa (raw, json)
Hash identifier: 8QxFJr3V2Gs0/xI6VIe22Sv49IgfTXbESvU3odW6QIk=
Subject key identifier: 94:06:E8:3A:5B:62:AF:87:0A:4A:D8:87:8E:28:AA:65:B5:F7:61:E8
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938B31EABAAFBD63DB7B14442633E8
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/lAboOltir4cKStiHjiiqZbX3Yeg.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.122.0/24 maxlen: 24
91.194.218.0/24 maxlen: 24
2001:7f8:cd::/48 maxlen: 48
2001:7f8:61::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8b:31:ea:ba:af:bd:63:db:7b:14:44:26:33:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9406e83a5b62af870a4ad8878e28aa65b5f761e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f5:b1:38:89:78:d9:dd:95:02:79:11:7e:d3:
49:56:08:a3:41:43:93:5a:fe:32:1e:13:c1:d8:69:
be:1e:ec:88:c5:dc:49:2f:87:21:bc:c3:18:cb:e6:
a6:f6:e6:bb:c5:54:17:c1:62:5a:86:e1:bc:28:83:
05:65:3d:34:02:53:a2:88:b1:a4:e1:f3:b7:2e:bf:
54:4d:e7:91:cc:7d:a4:3c:52:e8:f8:36:27:ea:19:
3c:1d:39:37:6e:37:7d:8b:79:9f:b1:60:86:ea:2e:
17:b1:71:5c:a9:be:ad:4a:c2:7c:f6:a2:82:76:ac:
25:c7:32:02:84:e6:57:39:07:ad:7c:3a:9d:08:f4:
90:60:4d:bd:c1:ec:ec:42:18:a6:3d:75:dc:bb:78:
d2:fb:b2:79:4b:56:24:d6:f5:23:a9:fa:79:2c:d8:
d7:07:ca:62:dd:70:5e:f0:e4:fe:3a:9d:4e:ca:ad:
a5:f3:99:f8:9b:76:20:4d:87:69:e4:01:92:eb:d3:
03:ad:ed:5d:55:a5:bf:3a:a5:b9:a5:4e:db:10:f2:
ba:da:42:5f:ed:fe:ae:8c:36:06:f0:0a:af:85:2a:
ed:18:07:82:3e:e4:9a:06:bd:b9:b2:14:31:40:2e:
c0:07:45:c1:5e:4b:f2:59:79:33:1c:be:75:60:2b:
51:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:06:E8:3A:5B:62:AF:87:0A:4A:D8:87:8E:28:AA:65:B5:F7:61:E8
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/lAboOltir4cKStiHjiiqZbX3Yeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.218.0/24
185.1.122.0/24
IPv6:
2001:7f8:61::/48
2001:7f8:cd::/48
Signature Algorithm: sha256WithRSAEncryption
69:59:c3:63:1a:4f:a2:ac:b5:6b:a1:ab:b8:36:b8:4d:da:c8:
0d:88:bf:23:35:81:88:33:fc:24:52:8d:2a:15:11:ed:00:23:
d3:d5:b9:27:fc:33:00:1d:e7:35:03:b5:cd:36:9c:27:e3:d7:
90:de:05:34:be:1b:fd:2d:c2:75:58:16:66:45:61:be:ee:a4:
07:d1:79:7d:ac:b8:9b:84:56:09:46:92:25:98:26:4d:86:17:
92:a0:df:62:f3:c6:c6:37:5a:c8:4c:8d:53:ed:41:3e:ca:4d:
61:ab:b8:57:35:e8:93:28:83:ba:73:ac:0e:a7:9a:18:f9:bf:
9c:fe:0e:47:0e:93:c8:42:f5:80:6f:38:99:87:b1:e3:f1:96:
26:85:73:5d:63:99:84:63:1b:a5:1d:95:8b:54:24:90:70:1b:
a5:c4:87:e8:31:cd:48:5a:96:5b:e3:c5:9f:66:af:e5:2f:93:
da:f4:41:9f:9f:52:b1:b5:a8:a4:a3:1b:30:d6:22:eb:cc:a3:
e9:17:cb:78:d8:a5:14:ca:25:eb:a0:00:3f:c1:12:44:63:c6:
cb:0b:3f:5f:b0:a5:a4:0b:3c:b5:6a:73:76:56:55:de:ef:a0:
68:45:e4:b9:4c:43:42:25:a9:70:32:40:c3:ca:b4:5a:cc:3a:
43:82:69:3a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzEk4sx6rqvvWPbexREJjPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA2ZTgzYTViNjJhZjg3MGE0YWQ4ODc4ZTI4YWE2NWI1Zjc2MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPWxOIl42d2VAnkRftNJVgijQUOT
Wv4yHhPB2Gm+HuyIxdxJL4chvMMYy+am9ua7xVQXwWJahuG8KIMFZT00AlOiiLGk
4fO3Lr9UTeeRzH2kPFLo+DYn6hk8HTk3bjd9i3mfsWCG6i4XsXFcqb6tSsJ89qKC
dqwlxzIChOZXOQetfDqdCPSQYE29wezsQhimPXXcu3jS+7J5S1Yk1vUjqfp5LNjX
B8pi3XBe8OT+Op1Oyq2l85n4m3YgTYdp5AGS69MDre1dVaW/OqW5pU7bEPK62kJf
7f6ujDYG8AqvhSrtGAeCPuSaBr25shQxQC7AB0XBXkvyWXkzHL51YCtRaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJQG6DpbYq+HCkrYh44oqmW192HoMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvbEFib09sdGlyNGNLU3RpSGppaXFaYlgzWWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW8LaAwQA
uQF6MBgEAgACMBIDBwAgAQf4AGEDBwAgAQf4AM0wDQYJKoZIhvcNAQELBQADggEB
AGlZw2MaT6KstWuhq7g2uE3ayA2IvyM1gYgz/CRSjSoVEe0AI9PVuSf8MwAd5zUD
tc02nCfj15DeBTS+G/0twnVYFmZFYb7upAfReX2suJuEVglGkiWYJk2GF5Kg32Lz
xsY3WshMjVPtQT7KTWGruFc16JMog7pzrA6nmhj5v5z+DkcOk8hC9YBvOJmHsePx
liaFc11jmYRjG6UdlYtUJJBwG6XEh+gxzUhallvjxZ9mr+Uvk9r0QZ+fUrG1qKSj
GzDWIuvMo+kXy3jYpRTKJeugAD/BEkRjxssLP1+wpaQLPLVqc3ZWVd7voGhF5LlM
Q0IlqXAyQMPKtFrMOkOCaTo=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:58:14 2024 by rpki-client on console-ams.rpki-client.org