Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/Ak0XzHOSwwrkCADIgkofeWxQ4lE.roa
File: Ak0XzHOSwwrkCADIgkofeWxQ4lE.roa (raw, json)
Hash identifier: 6p8bze2mCfUkajcGcUf/rrXILsI797qE5DP1tY1jgEI=
Subject key identifier: 02:4D:17:CC:73:92:C3:0A:E4:08:00:C8:82:4A:1F:79:6C:50:E2:51
Certificate issuer: /CN=ee0739d0528dcb4fce578d11f7ec34b0e37452cf
Certificate serial: 01902C1B7360CD6E20341F4DB6B3C1FA71DD
Authority key identifier: EE:07:39:D0:52:8D:CB:4F:CE:57:8D:11:F7:EC:34:B0:E3:74:52:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/Ak0XzHOSwwrkCADIgkofeWxQ4lE.roa
Signing time: Tue 18 Jun 2024 16:08:34 +0000
ROA not before: Tue 18 Jun 2024 16:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212024
IP address blocks: 209.112.97.0/24 maxlen: 24
2001:67c:17fc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/7gc50FKNy0_OV40R9-w0sON0Us8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/7gc50FKNy0_OV40R9-w0sON0Us8.mft
rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2c:1b:73:60:cd:6e:20:34:1f:4d:b6:b3:c1:fa:71:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0739d0528dcb4fce578d11f7ec34b0e37452cf
Validity
Not Before: Jun 18 16:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=024d17cc7392c30ae40800c8824a1f796c50e251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0a:f1:b7:74:15:5c:53:b1:d3:1e:64:dc:ac:
87:89:15:2e:6b:da:c1:27:76:a1:62:dd:29:ed:83:
41:51:63:c1:b6:b1:83:29:65:02:7f:6d:b3:b2:06:
2e:75:cc:c4:a8:9f:af:61:8f:72:be:93:ba:27:03:
82:d6:62:7c:b6:8f:d0:3b:10:4d:8b:c5:72:32:bb:
ed:47:2e:7c:c1:72:90:fe:aa:2e:61:64:9e:40:65:
e5:db:19:2f:84:fa:5f:0c:6c:b2:80:ce:63:d9:29:
2a:8f:53:42:a9:a2:8a:90:bf:bc:6a:76:a3:41:f0:
53:32:99:ae:19:df:64:5e:1f:4c:cb:ec:95:3d:31:
d3:c0:96:09:1f:8d:79:ce:61:82:20:b1:0d:7b:a4:
7b:a4:47:52:91:ad:42:e6:f3:76:d5:2b:01:cb:26:
88:cb:ca:35:ad:49:f6:44:44:c1:f0:f3:04:81:be:
29:36:cc:b7:a0:b3:ff:c2:f6:3c:26:ce:ed:8e:42:
8f:dd:38:d9:60:21:a4:6b:9b:3f:f7:28:78:7e:bc:
11:24:40:a7:b9:fd:b0:d3:72:f2:38:a5:53:aa:04:
ae:68:c7:86:8d:eb:46:40:38:0c:24:d6:0a:38:ef:
d2:24:73:78:5c:94:88:6c:7b:0a:80:e1:41:bc:93:
40:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4D:17:CC:73:92:C3:0A:E4:08:00:C8:82:4A:1F:79:6C:50:E2:51
X509v3 Authority Key Identifier:
keyid:EE:07:39:D0:52:8D:CB:4F:CE:57:8D:11:F7:EC:34:B0:E3:74:52:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/Ak0XzHOSwwrkCADIgkofeWxQ4lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/7gc50FKNy0_OV40R9-w0sON0Us8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.112.97.0/24
IPv6:
2001:67c:17fc::/48
Signature Algorithm: sha256WithRSAEncryption
1f:8a:74:ed:b5:37:a7:48:3a:0d:9b:13:ba:2c:f7:82:a8:fb:
15:b2:6a:df:85:67:07:ac:4e:8e:73:32:42:16:a9:95:a7:68:
ab:be:d4:f0:46:d4:8d:4a:bd:c9:d1:5a:c5:77:0d:6f:f4:07:
89:fc:f2:1f:da:1a:1d:a0:fb:d1:20:46:26:88:23:58:89:6b:
21:bd:7e:2b:60:dd:c8:a4:b2:e4:0d:45:31:4b:bc:70:a8:75:
54:1b:56:50:c2:9a:e9:f1:c7:4f:29:8e:ba:b7:c6:3d:0d:06:
82:54:cf:f5:55:4e:15:17:2e:00:84:cb:3b:b7:66:dc:55:2d:
d1:14:7c:98:d0:80:0d:6b:2e:0a:ef:7e:bf:92:35:4e:6c:86:
6d:91:06:3a:49:2d:67:41:bc:a6:22:15:06:48:e4:6e:69:d4:
fd:47:af:bd:37:eb:b8:44:b5:44:0f:06:c5:e0:4a:ae:b2:1a:
ac:24:d5:1a:12:99:6c:02:72:5c:b5:c9:14:9d:20:19:30:9a:
87:f1:0c:f8:4e:cf:fa:b2:56:11:b4:3d:b1:8a:7a:7f:85:4b:
eb:a3:6e:ed:b7:c5:22:34:dc:78:bf:58:96:77:bf:be:3c:35:
8e:66:95:0b:26:b8:20:75:71:86:fc:4e:e5:20:ef:8d:9c:22:
6c:ac:10:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAsG3NgzW4gNB9NtrPB+nHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDczOWQwNTI4ZGNiNGZjZTU3OGQxMWY3ZWMzNGIwZTM3
NDUyY2YwHhcNMjQwNjE4MTYwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjRkMTdjYzczOTJjMzBhZTQwODAwYzg4MjRhMWY3OTZjNTBlMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjArxt3QVXFOx0x5k3KyHiRUua9rB
J3ahYt0p7YNBUWPBtrGDKWUCf22zsgYudczEqJ+vYY9yvpO6JwOC1mJ8to/QOxBN
i8VyMrvtRy58wXKQ/qouYWSeQGXl2xkvhPpfDGyygM5j2Skqj1NCqaKKkL+8anaj
QfBTMpmuGd9kXh9My+yVPTHTwJYJH415zmGCILENe6R7pEdSka1C5vN21SsByyaI
y8o1rUn2RETB8PMEgb4pNsy3oLP/wvY8Js7tjkKP3TjZYCGka5s/9yh4frwRJECn
uf2w03LyOKVTqgSuaMeGjetGQDgMJNYKOO/SJHN4XJSIbHsKgOFBvJNAZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAJNF8xzksMK5AgAyIJKH3lsUOJRMB8GA1UdIwQY
MBaAFO4HOdBSjctPzleNEffsNLDjdFLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2djNTBGS055MF9PVjQwUjktdzBzT04wVXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84NTNlZTMtM2E0Zi00ZDk1LTliZGIt
YjAzYzJmYmRjNjQ0LzEvQWswWHpIT1N3d3JrQ0FESWdrb2ZlV3hRNGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84NTNlZTMtM2E0Zi00ZDk1LTliZGItYjAzYzJmYmRjNjQ0
LzEvN2djNTBGS055MF9PVjQwUjktdzBzT04wVXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA0XBhMA8E
AgACMAkDBwAgAQZ8F/wwDQYJKoZIhvcNAQELBQADggEBAB+KdO21N6dIOg2bE7os
94Ko+xWyat+FZwesTo5zMkIWqZWnaKu+1PBG1I1KvcnRWsV3DW/0B4n88h/aGh2g
+9EgRiaII1iJayG9fitg3ciksuQNRTFLvHCodVQbVlDCmunxx08pjrq3xj0NBoJU
z/VVThUXLgCEyzu3ZtxVLdEUfJjQgA1rLgrvfr+SNU5shm2RBjpJLWdBvKYiFQZI
5G5p1P1Hr70367hEtUQPBsXgSq6yGqwk1RoSmWwCcly1yRSdIBkwmofxDPhOz/qy
VhG0PbGKen+FS+ujbu23xSI03Hi/WJZ3v748NY5mlQsmuCB1cYb8TuUg742cImys
EA0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:06 2024 by rpki-client on console-fra.rpki-client.org