Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/__aIy9ZzV2fNlUpi3s_6Vi-FohY.roa
File: __aIy9ZzV2fNlUpi3s_6Vi-FohY.roa (raw, json)
Hash identifier: bfjFf6F8IOP5N3vg42KoPPSZtq+6T6zWS6Vm2lF2f0Y=
Subject key identifier: FF:F6:88:CB:D6:73:57:67:CD:95:4A:62:DE:CF:FA:56:2F:85:A2:16
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DAD6391A50A1AA456D4624DC7D31B
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/__aIy9ZzV2fNlUpi3s_6Vi-FohY.roa
Signing time: Tue 02 Jan 2024 08:32:40 +0000
ROA not before: Tue 02 Jan 2024 08:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50564
IP address blocks: 176.227.156.0/24 maxlen: 24
178.156.77.0/24 maxlen: 24
86.104.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ad:63:91:a5:0a:1a:a4:56:d4:62:4d:c7:d3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fff688cbd6735767cd954a62decffa562f85a216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:95:3a:d6:af:41:39:a7:1c:b8:18:fa:d5:ab:
c6:a3:84:02:cd:b3:0d:8b:14:b5:fe:74:a3:ca:d5:
dd:1e:79:66:f9:9f:41:45:33:90:f5:21:e5:ae:65:
68:9a:1a:63:6f:20:e4:18:e1:21:34:96:28:ad:cf:
d5:d0:2c:ac:2f:ea:c7:35:a3:76:51:e7:2d:df:1d:
57:27:4f:9f:41:e4:e6:e4:a8:34:44:be:68:45:35:
59:c6:59:6a:7e:e6:a4:e3:0e:7c:7f:8e:65:96:78:
56:a6:bb:93:45:dc:19:6e:2a:ed:8b:ee:f6:9e:c5:
8b:67:25:ff:17:dc:92:b0:1b:b5:96:ca:92:02:f6:
40:b3:77:d5:7f:72:e4:86:40:6b:d5:58:92:3b:03:
a5:96:3f:6d:f4:a7:63:e2:c2:9d:a4:98:b2:f6:f8:
6f:c5:b6:0a:7f:28:71:a9:cb:24:bd:9c:cd:0a:bf:
bc:cb:84:4b:8d:a7:24:2b:7e:da:c1:a3:2e:65:50:
d2:65:ab:5c:7c:7f:82:fd:97:2f:d6:38:7c:18:b8:
25:40:9e:b3:3d:46:15:92:16:12:cd:cd:12:50:dd:
5e:53:87:e0:87:ad:c6:23:14:99:19:ed:bc:09:50:
f0:53:58:7a:7c:11:f2:23:72:f6:e4:29:25:34:81:
86:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F6:88:CB:D6:73:57:67:CD:95:4A:62:DE:CF:FA:56:2F:85:A2:16
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/__aIy9ZzV2fNlUpi3s_6Vi-FohY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.25.0/24
176.227.156.0/24
178.156.77.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:79:ba:a5:a6:4e:50:2a:e7:51:b5:ef:fc:ed:f2:f7:b7:66:
3b:5b:37:52:9e:6d:8f:e8:c4:30:bb:83:a6:98:86:4f:9b:7d:
a8:ad:2f:ee:bc:3d:b9:dd:16:73:07:47:a0:9b:41:68:d1:ee:
65:66:2a:1f:d2:09:fb:8f:e9:8a:a8:f8:8e:39:8f:1a:a6:0a:
82:9f:58:36:b7:e1:57:ed:1a:7c:0a:40:db:0b:72:43:1a:43:
0b:4b:20:80:a1:af:e7:4b:16:10:5c:a7:f3:68:bd:a8:e0:0b:
4a:3b:e2:cc:f2:02:d6:f6:e3:8f:c9:be:ff:b2:25:55:09:a4:
ff:71:68:57:79:6f:d8:e8:ec:ef:9e:0e:a5:6c:ab:21:cd:1f:
49:4b:16:58:06:6e:f1:d4:9f:8d:bb:27:48:bd:5e:e3:7b:86:
35:60:5f:d3:39:c6:32:11:10:45:a2:4e:a2:a1:55:10:f9:10:
43:29:78:c4:b3:a1:ef:87:20:78:bf:ea:c6:1f:f5:fe:ce:ad:
83:33:17:72:6c:8c:a2:2c:b8:ad:f7:56:9f:fa:74:d3:82:6a:
39:49:03:10:6f:26:5b:f4:e3:98:af:e6:4c:83:4f:87:9d:f2:
b3:36:9d:14:43:e8:74:f1:63:9b:8b:00:50:c5:4c:c6:5b:c2:
46:36:e7:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTa1jkaUKGqRW1GJNx9MbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY2ODhjYmQ2NzM1NzY3Y2Q5NTRhNjJkZWNmZmE1NjJmODVhMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJU61q9BOaccuBj61avGo4QCzbMN
ixS1/nSjytXdHnlm+Z9BRTOQ9SHlrmVomhpjbyDkGOEhNJYorc/V0CysL+rHNaN2
Uect3x1XJ0+fQeTm5Kg0RL5oRTVZxllqfuak4w58f45llnhWpruTRdwZbirti+72
nsWLZyX/F9ySsBu1lsqSAvZAs3fVf3LkhkBr1ViSOwOllj9t9Kdj4sKdpJiy9vhv
xbYKfyhxqcskvZzNCr+8y4RLjackK37awaMuZVDSZatcfH+C/Zcv1jh8GLglQJ6z
PUYVkhYSzc0SUN1eU4fgh63GIxSZGe28CVDwU1h6fBHyI3L25CklNIGGNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP/2iMvWc1dnzZVKYt7P+lYvhaIWMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvX19hSXk5WnpWMmZObFVwaTNzXzZWaS1Gb2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVmgZAwQA
sOOcAwQAspxNMA0GCSqGSIb3DQEBCwUAA4IBAQDBebqlpk5QKudRte/87fL3t2Y7
WzdSnm2P6MQwu4OmmIZPm32orS/uvD253RZzB0egm0Fo0e5lZiof0gn7j+mKqPiO
OY8apgqCn1g2t+FX7Rp8CkDbC3JDGkMLSyCAoa/nSxYQXKfzaL2o4AtKO+LM8gLW
9uOPyb7/siVVCaT/cWhXeW/Y6Ozvng6lbKshzR9JSxZYBm7x1J+NuydIvV7je4Y1
YF/TOcYyERBFok6ioVUQ+RBDKXjEs6HvhyB4v+rGH/X+zq2DMxdybIyiLLit91af
+nTTgmo5SQMQbyZb9OOYr+ZMg0+HnfKzNp0UQ+h08WObiwBQxUzGW8JGNuc5
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:55 2024 by rpki-client on console-ams.rpki-client.org