Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/aTFTqCliaOCE6H5BzxBuotVVudA.roa
File: aTFTqCliaOCE6H5BzxBuotVVudA.roa (raw, json)
Hash identifier: 7eQHXoW6FWTyfkFBHBKyy4q9U7ervVzftEDYlYriHAg=
Subject key identifier: 69:31:53:A8:29:62:68:E0:84:E8:7E:41:CF:10:6E:A2:D5:55:B9:D0
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 018CC56E6B83FEE40D8E2D7117F40F849610
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/aTFTqCliaOCE6H5BzxBuotVVudA.roa
Signing time: Mon 01 Jan 2024 14:29:57 +0000
ROA not before: Mon 01 Jan 2024 14:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39216
IP address blocks: 185.21.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:6b:83:fe:e4:0d:8e:2d:71:17:f4:0f:84:96:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 1 14:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=693153a8296268e084e87e41cf106ea2d555b9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:07:fa:ae:27:40:0e:20:74:24:fe:5a:83:bd:
48:00:41:e9:0d:11:62:46:1f:3c:e4:54:7b:05:83:
6c:83:14:2f:3c:23:e3:2d:07:22:2f:22:36:05:a2:
4c:e9:65:25:de:01:ad:12:07:0b:81:ac:b6:11:e8:
87:21:83:08:b8:04:f4:f0:03:56:d9:af:5f:ea:3a:
5a:a5:de:97:db:f4:e9:c1:f4:a9:bc:9f:dd:12:7d:
2d:5c:5f:a1:c9:7a:10:7e:c2:65:95:02:2b:8b:d3:
d2:44:43:4d:7b:9d:9c:f0:19:f6:ba:1e:c0:14:a4:
27:9a:65:6a:59:4b:63:1f:50:a1:f4:dd:5e:d9:72:
46:6a:72:80:eb:c5:ab:55:a2:2c:45:a6:6b:15:52:
6d:67:33:cc:df:7f:19:97:0b:42:4f:5d:a2:ff:1e:
27:17:1b:7b:17:a2:41:d5:b6:e3:85:f4:11:60:58:
7c:ba:d4:57:b3:ad:ae:40:8d:8e:6b:c8:12:5a:ac:
f6:30:97:ba:33:64:23:d8:94:17:f4:3d:da:6b:40:
d9:93:5a:eb:89:62:56:82:f1:69:02:27:98:96:48:
b0:22:58:32:5f:3b:0e:17:8d:e5:2f:d8:57:1c:b7:
75:04:88:ea:17:50:65:55:01:f3:ab:35:b7:64:ca:
77:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:31:53:A8:29:62:68:E0:84:E8:7E:41:CF:10:6E:A2:D5:55:B9:D0
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/aTFTqCliaOCE6H5BzxBuotVVudA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
88:78:95:be:8c:8b:50:bf:d1:55:90:ec:cb:39:4e:06:a4:f4:
8f:5e:7d:04:b0:f8:d9:e3:8c:10:1e:76:bf:f2:ce:41:27:98:
15:3c:c3:6b:d6:fa:0b:16:af:77:92:b2:77:5a:66:32:21:36:
13:c2:36:01:0d:df:8e:25:65:92:40:1f:fb:83:cf:00:3e:c1:
61:71:8f:39:9d:89:13:ee:52:64:bb:9e:f8:ff:1a:2d:e1:d7:
eb:a0:c7:8c:f7:77:b3:e6:15:10:58:d7:ef:18:8c:b4:8e:5c:
e7:bb:04:bd:db:65:9f:7b:fc:0a:f9:f8:31:f8:26:66:75:53:
8d:67:e1:21:4a:74:d2:c5:4a:4f:5a:4b:53:e3:ea:ba:4f:22:
50:a4:30:86:f8:5c:18:f0:ba:fb:b8:7b:bb:a9:23:3b:bc:9e:
00:e8:bc:e0:8d:85:62:03:53:45:96:ae:72:f6:00:86:0f:d8:
97:57:f7:8e:81:ca:ae:71:d9:e9:78:df:ad:bb:75:c8:c8:f1:
e8:db:4e:49:df:66:d2:26:c5:70:e0:2e:59:ac:5a:ef:00:6a:
69:de:7a:67:f9:34:cc:6b:6e:38:76:cb:94:68:a8:1d:36:3e:
95:6f:30:11:16:0b:2c:1c:16:bc:3a:3a:22:03:2d:2c:28:cc:
fc:ae:60:3e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzFbmuD/uQNji1xF/QPhJYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjQwMTAxMTQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMxNTNhODI5NjI2OGUwODRlODdlNDFjZjEwNmVhMmQ1NTViOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQf6ridADiB0JP5ag71IAEHpDRFi
Rh885FR7BYNsgxQvPCPjLQciLyI2BaJM6WUl3gGtEgcLgay2EeiHIYMIuAT08ANW
2a9f6jpapd6X2/TpwfSpvJ/dEn0tXF+hyXoQfsJllQIri9PSRENNe52c8Bn2uh7A
FKQnmmVqWUtjH1Ch9N1e2XJGanKA68WrVaIsRaZrFVJtZzPM338ZlwtCT12i/x4n
Fxt7F6JB1bbjhfQRYFh8utRXs62uQI2Oa8gSWqz2MJe6M2Qj2JQX9D3aa0DZk1rr
iWJWgvFpAieYlkiwIlgyXzsOF43lL9hXHLd1BIjqF1BlVQHzqzW3ZMp3vwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGkxU6gpYmjghOh+Qc8QbqLVVbnQMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL2FURlRxQ2xpYU9DRTZINUJ6eEJ1b3RWVnVkQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5FYsw
DQYJKoZIhvcNAQELBQADggEBAIh4lb6Mi1C/0VWQ7Ms5Tgak9I9efQSw+NnjjBAe
dr/yzkEnmBU8w2vW+gsWr3eSsndaZjIhNhPCNgEN344lZZJAH/uDzwA+wWFxjzmd
iRPuUmS7nvj/Gi3h1+ugx4z3d7PmFRBY1+8YjLSOXOe7BL3bZZ97/Ar5+DH4JmZ1
U41n4SFKdNLFSk9aS1Pj6rpPIlCkMIb4XBjwuvu4e7upIzu8ngDovOCNhWIDU0WW
rnL2AIYP2JdX946Byq5x2el43627dcjI8ejbTknfZtImxXDgLlmsWu8Aamneemf5
NMxrbjh2y5RoqB02PpVvMBEWCywcFrw6OiIDLSwozPyuYD4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:08:48 2024 by rpki-client on console-ams.rpki-client.org