Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/AbD2z3pe0AGml_xFhiuwjt7VnQI.roa
File: AbD2z3pe0AGml_xFhiuwjt7VnQI.roa (raw, json)
Hash identifier: W9tIBvIjyrTD115+AR03KgvYi4zRlgmqM0AJdotBc+Q=
Subject key identifier: 01:B0:F6:CF:7A:5E:D0:01:A6:97:FC:45:86:2B:B0:8E:DE:D5:9D:02
Certificate issuer: /CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Certificate serial: 019123E8CCF59CB3E6D38C5848E269F17144
Authority key identifier: BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/AbD2z3pe0AGml_xFhiuwjt7VnQI.roa
Signing time: Mon 05 Aug 2024 18:59:04 +0000
ROA not before: Mon 05 Aug 2024 18:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48539
IP address blocks: 109.205.189.0/24 maxlen: 24
146.19.131.0/24 maxlen: 24
178.212.137.0/24 maxlen: 24
194.63.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 09:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:e8:cc:f5:9c:b3:e6:d3:8c:58:48:e2:69:f1:71:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Validity
Not Before: Aug 5 18:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01b0f6cf7a5ed001a697fc45862bb08eded59d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:f8:6a:20:72:23:e8:d8:d0:0f:16:0f:3e:
37:32:fe:1c:5c:64:4e:e5:f4:ae:1a:9d:bf:f2:91:
76:38:6b:08:56:11:4f:9b:83:de:fc:a2:f9:60:41:
71:37:ee:97:f6:56:8f:95:6f:2e:24:9e:e7:c3:c0:
f2:a6:15:3b:50:1b:72:48:c1:b4:71:2d:7c:ba:36:
ae:fe:66:af:f3:b2:3d:e4:e0:fa:52:f4:55:80:08:
54:d0:2c:ea:67:a4:9b:d8:6e:94:6e:88:d6:aa:6b:
5b:9d:82:31:cd:7c:cb:4d:9c:98:cb:a8:1b:00:db:
c5:7c:08:b4:de:ca:35:cd:67:1b:d9:d8:05:85:a2:
29:c1:65:7e:a8:60:a8:2c:3f:b1:bf:e6:dc:71:22:
95:cc:04:60:80:8d:d2:38:39:de:91:20:11:11:48:
00:52:db:96:e5:a8:ed:71:5e:7d:1c:f6:5d:0c:88:
c4:ea:61:b6:29:ee:57:8a:42:62:15:ea:8e:07:c1:
2d:f2:64:1f:66:b0:3a:bf:4c:c6:24:8c:ea:eb:1f:
47:ec:e9:b3:29:aa:20:0d:04:a7:ca:3e:76:d9:ee:
4a:07:83:0c:85:0f:5b:cf:16:1f:87:ee:b6:5c:83:
e6:e7:45:89:8c:98:de:06:e2:85:72:04:ed:39:82:
91:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B0:F6:CF:7A:5E:D0:01:A6:97:FC:45:86:2B:B0:8E:DE:D5:9D:02
X509v3 Authority Key Identifier:
keyid:BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/AbD2z3pe0AGml_xFhiuwjt7VnQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.189.0/24
146.19.131.0/24
178.212.137.0/24
194.63.144.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:81:54:80:f0:8b:80:17:0c:5a:f4:2a:23:70:04:67:5c:ad:
fd:44:d8:41:95:e8:e3:0b:0e:df:46:19:1f:f7:b5:e9:04:af:
ba:9e:19:6b:b9:d3:85:0e:92:55:a7:ca:fd:43:b1:41:45:b3:
a6:68:d0:0e:9b:c8:94:78:0e:29:b9:d8:de:dc:24:a5:82:3a:
9d:0d:34:fd:18:08:c3:49:f6:15:bb:ab:03:b6:04:55:57:ae:
d0:aa:78:2e:be:3d:01:f5:d1:e7:e4:12:f8:6f:b2:12:61:87:
28:f2:b2:ac:40:49:29:69:5b:8f:48:91:a6:15:9c:91:cb:ad:
10:0f:15:d2:3a:ca:aa:58:83:c7:33:23:82:09:3f:0d:aa:0c:
fe:90:9b:41:10:b2:4f:b9:bd:7e:38:8e:15:8e:12:16:f6:80:
bc:af:e0:8b:67:17:eb:e1:99:06:4d:09:c0:af:4e:f8:24:cb:
08:8b:97:3d:a3:79:70:50:cc:60:7d:c4:eb:6a:ed:15:3e:3b:
b5:55:c4:ce:60:bc:31:20:eb:bb:2d:69:31:cc:e0:1a:a0:cc:
82:77:0c:3d:fa:8b:c4:76:e4:69:a8:b3:43:fe:26:87:d1:71:
91:23:5e:cd:c3:9f:42:13:5b:b3:48:21:b5:63:bf:42:6d:e5:
c5:e2:a1:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEj6Mz1nLPm04xYSOJp8XFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2NjOGY0YjM3ZDg5MjI4Y2QwMjNkMjUyMWQyOTk2OGRl
MGI5MjUwHhcNMjQwODA1MTg1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWIwZjZjZjdhNWVkMDAxYTY5N2ZjNDU4NjJiYjA4ZWRlZDU5ZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlP4aiByI+jY0A8WDz43Mv4cXGRO
5fSuGp2/8pF2OGsIVhFPm4Pe/KL5YEFxN+6X9laPlW8uJJ7nw8DyphU7UBtySMG0
cS18ujau/mav87I95OD6UvRVgAhU0CzqZ6Sb2G6UbojWqmtbnYIxzXzLTZyYy6gb
ANvFfAi03so1zWcb2dgFhaIpwWV+qGCoLD+xv+bccSKVzARggI3SODnekSAREUgA
UtuW5ajtcV59HPZdDIjE6mG2Ke5XikJiFeqOB8Et8mQfZrA6v0zGJIzq6x9H7Omz
KaogDQSnyj522e5KB4MMhQ9bzxYfh+62XIPm50WJjJjeBuKFcgTtOYKR5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAGw9s96XtABppf8RYYrsI7e1Z0CMB8GA1UdIwQY
MBaAFLzMyPSzfYkijNAj0lIdKZaN4LklMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYt
MDIxNWM0ZWFhN2MzLzEvQWJEMnozcGUwQUdtbF94RmhpdXdqdDdWblFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYtMDIxNWM0ZWFhN2Mz
LzEvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbc29AwQA
khODAwQAstSJAwQAwj+QMA0GCSqGSIb3DQEBCwUAA4IBAQCMgVSA8IuAFwxa9Coj
cARnXK39RNhBlejjCw7fRhkf97XpBK+6nhlrudOFDpJVp8r9Q7FBRbOmaNAOm8iU
eA4pudje3CSlgjqdDTT9GAjDSfYVu6sDtgRVV67Qqnguvj0B9dHn5BL4b7ISYYco
8rKsQEkpaVuPSJGmFZyRy60QDxXSOsqqWIPHMyOCCT8Nqgz+kJtBELJPub1+OI4V
jhIW9oC8r+CLZxfr4ZkGTQnAr074JMsIi5c9o3lwUMxgfcTrau0VPju1VcTOYLwx
IOu7LWkxzOAaoMyCdww9+ovEduRpqLND/iaH0XGRI17Nw59CE1uzSCG1Y79CbeXF
4qFb
-----END CERTIFICATE-----
Generated at Thu Sep 19 20:10:44 2024 by rpki-client on console-ams.rpki-client.org