Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/AcgHrDL1Qf1i3_khrxLLit0GyfM.roa
File: AcgHrDL1Qf1i3_khrxLLit0GyfM.roa (raw, json)
Hash identifier: sxmYeaDOyuXFVuAq5UXP+xmWPLLdrmtmItLT/GK3PLA=
Subject key identifier: 01:C8:07:AC:32:F5:41:FD:62:DF:F9:21:AF:12:CB:8A:DD:06:C9:F3
Certificate issuer: /CN=3108ad527c720eb79707b3fb7b172c88b733b133
Certificate serial: 018CC5DC43DB08F7BB66A63A83B97FFF2E52
Authority key identifier: 31:08:AD:52:7C:72:0E:B7:97:07:B3:FB:7B:17:2C:88:B7:33:B1:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQitUnxyDreXB7P7excsiLczsTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/AcgHrDL1Qf1i3_khrxLLit0GyfM.roa
Signing time: Mon 01 Jan 2024 16:29:56 +0000
ROA not before: Mon 01 Jan 2024 16:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138915
IP address blocks: 194.110.138.0/24 maxlen: 24
194.110.134.0/24 maxlen: 24
194.110.135.0/24 maxlen: 24
194.110.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/MQitUnxyDreXB7P7excsiLczsTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/MQitUnxyDreXB7P7excsiLczsTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MQitUnxyDreXB7P7excsiLczsTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:43:db:08:f7:bb:66:a6:3a:83:b9:7f:ff:2e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3108ad527c720eb79707b3fb7b172c88b733b133
Validity
Not Before: Jan 1 16:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c807ac32f541fd62dff921af12cb8add06c9f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0d:43:f0:e0:5a:03:ad:cc:fd:94:39:51:29:
ef:4a:d3:fd:e4:0c:5a:85:30:e6:47:40:43:90:52:
fd:a8:e4:3e:1d:ba:41:a7:91:b8:69:e9:a5:7b:bc:
84:0f:54:c4:64:dd:c4:00:0a:b6:0e:d6:f6:cd:6c:
bc:21:15:45:ce:8f:d0:da:3c:f7:ae:83:74:ed:91:
73:3d:04:43:33:64:fa:ae:4b:ba:2e:30:31:45:95:
c3:c5:77:fa:5f:ca:f8:4c:42:14:a1:3b:24:7a:69:
28:d3:53:81:68:bd:5b:19:b4:8f:61:92:42:a9:23:
b5:5e:04:40:c6:67:59:e1:0e:d4:67:66:14:7a:83:
44:a3:02:7e:6e:4c:1a:41:db:90:b8:93:7a:0d:1d:
3b:da:2c:29:f3:01:64:36:07:9a:0b:c4:0b:0f:e3:
92:cb:47:e7:50:64:5a:f6:df:17:9c:6a:f4:c1:61:
94:10:cb:52:01:2f:84:93:9c:40:9c:d3:43:a4:9d:
2d:5a:b9:85:cf:d5:69:9c:39:59:e6:d0:ee:48:81:
59:0a:ec:98:0d:27:44:4c:fa:3e:f1:eb:e7:f4:4f:
0d:7a:7d:7a:e2:72:6f:1e:4a:59:79:ef:d6:06:ae:
dd:0a:bd:4f:93:60:c5:03:03:43:d1:f1:47:b3:4b:
c7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C8:07:AC:32:F5:41:FD:62:DF:F9:21:AF:12:CB:8A:DD:06:C9:F3
X509v3 Authority Key Identifier:
keyid:31:08:AD:52:7C:72:0E:B7:97:07:B3:FB:7B:17:2C:88:B7:33:B1:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQitUnxyDreXB7P7excsiLczsTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/AcgHrDL1Qf1i3_khrxLLit0GyfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/MQitUnxyDreXB7P7excsiLczsTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.134.0/23
194.110.138.0/23
Signature Algorithm: sha256WithRSAEncryption
36:fa:97:81:a7:27:83:91:16:91:ce:1f:07:ae:ed:b5:38:5b:
14:47:ab:7a:b0:e1:61:84:56:1f:04:f0:2a:9c:9a:29:c2:d7:
d2:40:fd:0e:0d:4b:e0:0a:b5:9c:3c:a5:e4:4c:d7:4e:16:45:
17:8d:7a:b0:b6:25:3c:1d:0b:cf:49:1b:fb:f8:82:a7:32:78:
03:64:d1:9a:69:90:5e:12:ae:63:2e:2f:38:70:38:cc:5b:1b:
02:56:75:b9:37:bb:c6:fc:71:06:77:40:08:12:a1:a2:bd:57:
27:b0:71:b8:51:78:29:5d:7b:99:46:4a:0a:25:2f:9c:25:4d:
cb:6f:84:0e:58:60:c6:b6:8f:06:5c:85:59:da:49:cd:b4:21:
e4:7b:49:ef:24:bf:d2:69:d0:d1:ed:c2:e7:22:b7:83:12:c8:
26:f5:e1:6c:14:db:0a:7c:f9:9e:d2:b2:8e:37:a4:dc:2c:66:
ad:39:7e:67:02:89:6c:0f:7d:8a:45:15:db:fd:bb:47:a4:4d:
e2:4e:56:32:b9:df:73:df:c5:11:e0:c3:ee:1f:cb:85:d2:83:
f2:59:1f:79:1e:45:95:7b:a0:ee:c2:e0:80:51:1c:85:bb:3f:
72:c6:c8:2e:bd:e1:60:ff:7f:08:69:1b:ee:da:a1:8b:08:e4:
d2:57:19:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3EPbCPe7ZqY6g7l//y5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMDhhZDUyN2M3MjBlYjc5NzA3YjNmYjdiMTcyYzg4Yjcz
M2IxMzMwHhcNMjQwMTAxMTYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM4MDdhYzMyZjU0MWZkNjJkZmY5MjFhZjEyY2I4YWRkMDZjOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg1D8OBaA63M/ZQ5USnvStP95Axa
hTDmR0BDkFL9qOQ+HbpBp5G4aemle7yED1TEZN3EAAq2Dtb2zWy8IRVFzo/Q2jz3
roN07ZFzPQRDM2T6rku6LjAxRZXDxXf6X8r4TEIUoTskemko01OBaL1bGbSPYZJC
qSO1XgRAxmdZ4Q7UZ2YUeoNEowJ+bkwaQduQuJN6DR072iwp8wFkNgeaC8QLD+OS
y0fnUGRa9t8XnGr0wWGUEMtSAS+Ek5xAnNNDpJ0tWrmFz9VpnDlZ5tDuSIFZCuyY
DSdETPo+8evn9E8Nen164nJvHkpZee/WBq7dCr1Pk2DFAwND0fFHs0vHiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAHIB6wy9UH9Yt/5Ia8Sy4rdBsnzMB8GA1UdIwQY
MBaAFDEIrVJ8cg63lwez+3sXLIi3M7EzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFpdFVueHlEcmVYQjdQN2V4Y3NpTGN6c1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zMzJjMjMtZDc5My00NTUzLTg0ZWEt
YWZhOTliM2ZmZmUzLzEvQWNnSHJETDFRZjFpM19raHJ4TExpdDBHeWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zMzJjMjMtZDc5My00NTUzLTg0ZWEtYWZhOTliM2ZmZmUz
LzEvTVFpdFVueHlEcmVYQjdQN2V4Y3NpTGN6c1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwm6GAwQB
wm6KMA0GCSqGSIb3DQEBCwUAA4IBAQA2+peBpyeDkRaRzh8Hru21OFsUR6t6sOFh
hFYfBPAqnJopwtfSQP0ODUvgCrWcPKXkTNdOFkUXjXqwtiU8HQvPSRv7+IKnMngD
ZNGaaZBeEq5jLi84cDjMWxsCVnW5N7vG/HEGd0AIEqGivVcnsHG4UXgpXXuZRkoK
JS+cJU3Lb4QOWGDGto8GXIVZ2knNtCHke0nvJL/SadDR7cLnIreDEsgm9eFsFNsK
fPme0rKON6TcLGatOX5nAolsD32KRRXb/btHpE3iTlYyud9z38UR4MPuH8uF0oPy
WR95HkWVe6DuwuCAURyFuz9yxsguveFg/38IaRvu2qGLCOTSVxl0
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:24:55 2024 by rpki-client on console-ams.rpki-client.org