Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AyAOj8oQfB13FZJr9YcHqvMqMTA.roa
File: AyAOj8oQfB13FZJr9YcHqvMqMTA.roa (raw, json)
Hash identifier: m4aohcLmXz3JeCVHsHRpduz7e2JfG4RI0O6Bcrb0g3s=
Subject key identifier: 03:20:0E:8F:CA:10:7C:1D:77:15:92:6B:F5:87:07:AA:F3:2A:31:30
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCDFB7779FD706CCA083F8158A6263
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AyAOj8oQfB13FZJr9YcHqvMqMTA.roa
Signing time: Mon 01 Jan 2024 16:30:35 +0000
ROA not before: Mon 01 Jan 2024 16:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
82.163.60.0/22 maxlen: 24
82.163.104.0/21 maxlen: 24
92.114.44.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 13:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:df:b7:77:9f:d7:06:cc:a0:83:f8:15:8a:62:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03200e8fca107c1d7715926bf58707aaf32a3130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:65:3b:13:34:a8:61:a5:1f:a2:a2:ce:8d:9b:
a7:ec:33:ac:a6:ab:b2:8c:38:1d:c6:e8:d5:e1:86:
d3:6f:93:50:93:71:a5:3b:48:68:c2:e5:fc:f7:2e:
01:dc:e9:13:f3:e6:e1:6e:13:c6:ca:ec:f8:82:68:
3e:51:98:01:45:e6:28:6e:0d:8a:19:f5:1a:6a:69:
5e:42:8d:97:68:29:42:0c:7b:ac:60:ae:61:23:95:
22:0e:55:d6:35:c7:d1:41:b2:39:42:8d:58:6f:8e:
81:e9:cc:cc:b4:d0:66:39:ff:0a:c7:a0:7c:54:47:
1e:f6:58:30:02:78:20:70:58:f7:36:28:bb:06:71:
f1:9b:bd:f8:32:f6:18:87:1e:27:02:0a:0a:74:ec:
29:2d:73:a7:f1:fd:34:79:eb:f5:2e:a6:38:20:b5:
4f:02:7e:dc:b0:bd:4c:23:c0:0b:83:c2:24:c7:72:
58:ee:61:61:b3:7a:9a:f2:b5:d0:10:0b:46:b3:23:
9e:52:0f:55:b8:48:5e:d2:5e:6b:06:59:84:c8:64:
a7:71:2b:5b:58:d4:7b:5f:2c:53:92:13:21:d2:a3:
60:90:70:78:3f:58:de:4c:e3:b5:fa:ab:07:fe:7a:
dc:19:0a:ff:06:bf:2b:d5:9e:bb:f6:6b:9a:cb:76:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:20:0E:8F:CA:10:7C:1D:77:15:92:6B:F5:87:07:AA:F3:2A:31:30
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AyAOj8oQfB13FZJr9YcHqvMqMTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
82.163.60.0/22
82.163.104.0/21
92.114.44.0/22
Signature Algorithm: sha256WithRSAEncryption
79:2d:4c:59:aa:8c:ef:94:56:9a:40:47:de:c8:39:f3:c4:e4:
0b:7a:15:ab:49:db:5d:f0:74:fb:89:b4:1d:49:96:f0:06:a3:
7e:0b:21:43:98:91:e0:2f:d3:97:fa:65:0e:f9:51:83:3b:3f:
78:b1:aa:dc:39:1b:35:7d:eb:53:dc:d9:e2:d1:95:25:ac:7d:
12:f3:8b:c5:e8:10:7c:58:d7:9a:b2:3d:52:63:a3:87:ca:48:
9c:82:70:b4:63:a9:7d:5a:56:51:bc:78:47:a8:5b:4c:db:6c:
8f:85:8c:e9:39:0b:ad:3d:c0:e9:9b:f8:b4:16:06:43:e2:ff:
43:e3:a1:35:4f:23:81:30:d7:7f:b2:f3:3b:f4:90:b2:a1:8d:
5e:2e:43:64:9f:c0:86:57:51:c2:df:85:3e:7f:da:ae:a6:49:
bb:bf:31:e6:15:51:64:ac:60:c4:d3:bd:d9:99:3d:1f:07:c8:
14:84:b7:68:c7:ad:76:7e:19:04:da:54:fd:06:31:9e:a2:f5:
d8:a4:b3:2c:e6:80:1b:8a:2e:e9:9c:1b:84:81:0d:49:da:9d:
28:60:10:3b:9c:f7:c5:e4:9e:db:22:7b:17:95:91:b3:b3:46:
22:3b:fb:dc:8a:ef:56:2a:ff:b8:4c:76:29:76:8a:57:0d:72:
8f:35:2e:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3N+3d5/XBsygg/gVimJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIwMGU4ZmNhMTA3YzFkNzcxNTkyNmJmNTg3MDdhYWYzMmEzMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2U7EzSoYaUfoqLOjZun7DOspquy
jDgdxujV4YbTb5NQk3GlO0howuX89y4B3OkT8+bhbhPGyuz4gmg+UZgBReYobg2K
GfUaamleQo2XaClCDHusYK5hI5UiDlXWNcfRQbI5Qo1Yb46B6czMtNBmOf8Kx6B8
VEce9lgwAnggcFj3Nii7BnHxm734MvYYhx4nAgoKdOwpLXOn8f00eev1LqY4ILVP
An7csL1MI8ALg8Ikx3JY7mFhs3qa8rXQEAtGsyOeUg9VuEhe0l5rBlmEyGSncStb
WNR7XyxTkhMh0qNgkHB4P1jeTOO1+qsH/nrcGQr/Br8r1Z679muay3Z3UwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAMgDo/KEHwddxWSa/WHB6rzKjEwMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQXlBT2o4b1FmQjEzRlpKcjlZY0hxdk1xTVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7qwAwQD
LhTYAwQCUqM8AwQDUqNoAwQCXHIsMA0GCSqGSIb3DQEBCwUAA4IBAQB5LUxZqozv
lFaaQEfeyDnzxOQLehWrSdtd8HT7ibQdSZbwBqN+CyFDmJHgL9OX+mUO+VGDOz94
sarcORs1fetT3Nni0ZUlrH0S84vF6BB8WNeasj1SY6OHykicgnC0Y6l9WlZRvHhH
qFtM22yPhYzpOQutPcDpm/i0FgZD4v9D46E1TyOBMNd/svM79JCyoY1eLkNkn8CG
V1HC34U+f9qupkm7vzHmFVFkrGDE073ZmT0fB8gUhLdox612fhkE2lT9BjGeovXY
pLMs5oAbii7pnBuEgQ1J2p0oYBA7nPfF5J7bInsXlZGzs0YiO/vciu9WKv+4THYp
dopXDXKPNS6P
-----END CERTIFICATE-----
Generated at Mon May 13 17:38:34 2024 by rpki-client on console-ams.rpki-client.org