Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/AkBzGHk81KsbBWOxiAMM3CD1wzU.roa
File: AkBzGHk81KsbBWOxiAMM3CD1wzU.roa (raw, json)
Hash identifier: dWS7vF4AEwJ2dqWyI9JsKU5BzlmktQmqPFksd0w/YRk=
Subject key identifier: 02:40:73:18:79:3C:D4:AB:1B:05:63:B1:88:03:0C:DC:20:F5:C3:35
Certificate issuer: /CN=99efbb2b1653422837937dd27de354e68f9e01a3
Certificate serial: 018CC424702527C8E3B1BB4C07E0AC68549C
Authority key identifier: 99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/AkBzGHk81KsbBWOxiAMM3CD1wzU.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48325
IP address blocks: 185.137.240.0/22 maxlen: 24
185.137.240.0/24 maxlen: 24
185.137.242.0/23 maxlen: 23
185.137.241.0/24 maxlen: 24
2a07:b80::/32 maxlen: 32
2a07:b81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/me-7KxZTQig3k33SfeNU5o-eAaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/me-7KxZTQig3k33SfeNU5o-eAaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:70:25:27:c8:e3:b1:bb:4c:07:e0:ac:68:54:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99efbb2b1653422837937dd27de354e68f9e01a3
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02407318793cd4ab1b0563b188030cdc20f5c335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:78:82:19:7f:78:b4:50:a5:62:b5:49:6f:
41:6f:ee:f6:4f:e0:c4:f2:1c:76:7d:aa:8e:88:38:
fc:87:24:42:1e:de:53:43:f5:67:a8:03:e2:23:0f:
3e:d6:fc:59:8c:3e:99:e1:43:8e:c4:dd:a0:30:e9:
11:72:73:d7:1b:07:7f:0a:db:b9:dd:13:8a:cb:68:
ed:87:d6:7b:71:a5:d8:43:8a:eb:e2:df:4e:60:25:
b1:80:fd:6d:69:02:dd:0a:b9:ae:89:43:85:53:c8:
ed:96:79:55:4c:2f:60:8d:69:13:93:25:41:11:21:
a8:29:c9:d4:f6:ae:30:59:70:ae:81:1b:1f:0a:bc:
a9:91:4b:11:7d:37:e1:07:a8:c2:fb:45:92:e8:17:
69:f6:1c:b1:24:02:d6:ea:42:25:60:ae:da:95:06:
86:be:e7:f0:cb:82:c3:cd:66:77:13:ff:a0:1f:17:
bc:c4:7b:97:d7:05:fa:7a:10:8d:d7:57:86:e4:50:
06:ef:e3:9f:f9:7e:e9:99:2b:24:ad:32:68:3c:f1:
00:8e:fc:66:9a:fb:13:78:0c:ec:23:6b:af:af:c8:
92:94:93:98:09:df:46:42:ea:bc:65:2e:76:41:6a:
04:97:1e:34:f9:f6:0c:8a:e5:e9:f1:98:c6:db:62:
95:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:40:73:18:79:3C:D4:AB:1B:05:63:B1:88:03:0C:DC:20:F5:C3:35
X509v3 Authority Key Identifier:
keyid:99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/AkBzGHk81KsbBWOxiAMM3CD1wzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/me-7KxZTQig3k33SfeNU5o-eAaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.240.0/22
IPv6:
2a07:b80::/31
Signature Algorithm: sha256WithRSAEncryption
21:29:16:6a:4a:49:a4:09:a2:c7:93:b6:f6:94:29:4b:fe:31:
58:ae:da:fc:ae:36:0d:75:ac:02:37:3e:a1:08:4b:ca:8d:7a:
e6:f1:6b:aa:2d:a3:e0:50:7e:42:d7:f7:94:eb:2c:d6:8c:28:
e1:63:88:50:c1:96:cc:37:6c:da:19:49:2a:ce:f9:25:6a:70:
b4:ff:ab:28:b6:aa:d5:62:ad:91:28:cd:ed:52:62:01:8f:92:
cb:52:9e:5d:b8:35:78:27:26:fe:02:78:13:96:0b:e3:44:fa:
df:9c:34:32:e5:e8:d1:d7:76:28:7c:6a:f2:3e:a8:12:bd:2b:
46:26:d4:e5:0e:1e:16:93:f0:79:68:65:3e:8b:aa:ba:da:8e:
ad:98:21:f5:db:7c:88:17:6c:9a:4c:ad:d6:a5:dd:47:96:13:
08:96:a0:c1:e2:d6:f5:ad:15:17:30:53:37:39:82:8d:15:a7:
e0:c4:06:39:b7:49:02:df:42:41:a8:19:90:36:38:7f:95:fc:
08:4e:60:4c:02:f6:0a:b3:cb:80:ad:99:72:fc:0a:f6:bc:b9:
71:ef:00:75:36:4c:87:4e:4a:13:db:6b:7c:8e:3c:ed:b1:72:
a1:61:b5:99:03:c6:29:52:a8:64:c7:52:74:db:1d:55:0b:e0:
51:bc:d8:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJHAlJ8jjsbtMB+CsaFScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZWZiYjJiMTY1MzQyMjgzNzkzN2RkMjdkZTM1NGU2OGY5
ZTAxYTMwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQwNzMxODc5M2NkNGFiMWIwNTYzYjE4ODAzMGNkYzIwZjVjMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAV4ghl/eLRQpWK1SW9Bb+72T+DE
8hx2faqOiDj8hyRCHt5TQ/VnqAPiIw8+1vxZjD6Z4UOOxN2gMOkRcnPXGwd/Ctu5
3ROKy2jth9Z7caXYQ4rr4t9OYCWxgP1taQLdCrmuiUOFU8jtlnlVTC9gjWkTkyVB
ESGoKcnU9q4wWXCugRsfCrypkUsRfTfhB6jC+0WS6Bdp9hyxJALW6kIlYK7alQaG
vufwy4LDzWZ3E/+gHxe8xHuX1wX6ehCN11eG5FAG7+Of+X7pmSskrTJoPPEAjvxm
mvsTeAzsI2uvr8iSlJOYCd9GQuq8ZS52QWoElx40+fYMiuXp8ZjG22KVsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAJAcxh5PNSrGwVjsYgDDNwg9cM1MB8GA1UdIwQY
MBaAFJnvuysWU0IoN5N90n3jVOaPngGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWUtN0t4WlRRaWczazMzU2ZlTlU1by1lQWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjZiYmMtZDA2MS00YWYxLTg5NjQt
NDFkNzllZmI0OWE5LzEvQWtCekdIazgxS3NiQldPeGlBTU0zQ0Qxd3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjZiYmMtZDA2MS00YWYxLTg5NjQtNDFkNzllZmI0OWE5
LzEvbWUtN0t4WlRRaWczazMzU2ZlTlU1by1lQWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYnwMA0E
AgACMAcDBQEqBwuAMA0GCSqGSIb3DQEBCwUAA4IBAQAhKRZqSkmkCaLHk7b2lClL
/jFYrtr8rjYNdawCNz6hCEvKjXrm8WuqLaPgUH5C1/eU6yzWjCjhY4hQwZbMN2za
GUkqzvklanC0/6sotqrVYq2RKM3tUmIBj5LLUp5duDV4Jyb+AngTlgvjRPrfnDQy
5ejR13YofGryPqgSvStGJtTlDh4Wk/B5aGU+i6q62o6tmCH123yIF2yaTK3Wpd1H
lhMIlqDB4tb1rRUXMFM3OYKNFafgxAY5t0kC30JBqBmQNjh/lfwITmBMAvYKs8uA
rZly/Ar2vLlx7wB1NkyHTkoT22t8jjztsXKhYbWZA8YpUqhkx1J02x1VC+BRvNge
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:24 2024 by rpki-client on console-fra.rpki-client.org