Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/pOa3mva2TPJjuMonrSyv7tssVjs.roa
File: pOa3mva2TPJjuMonrSyv7tssVjs.roa (raw, json)
Hash identifier: 2pXxVcn+z35BZovq0P23uf2JupkAfayMooyXSjmXRY8=
Subject key identifier: A4:E6:B7:9A:F6:B6:4C:F2:63:B8:CA:27:AD:2C:AF:EE:DB:2C:56:3B
Certificate issuer: /CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Certificate serial: 018CC6B7F0C369D75E164484AFEAA9FFC0A5
Authority key identifier: 94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/pOa3mva2TPJjuMonrSyv7tssVjs.roa
Signing time: Mon 01 Jan 2024 20:29:52 +0000
ROA not before: Mon 01 Jan 2024 20:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207463
IP address blocks: 94.231.206.0/24 maxlen: 24
2a10:1800:1::/48 maxlen: 48
2a10:1800:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:f0:c3:69:d7:5e:16:44:84:af:ea:a9:ff:c0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Validity
Not Before: Jan 1 20:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e6b79af6b64cf263b8ca27ad2cafeedb2c563b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7c:47:90:6d:99:54:5e:3e:9f:ce:ab:2b:22:
19:53:84:0f:46:54:c5:c0:fc:20:aa:36:fc:80:b6:
0f:f2:b6:61:c6:8b:2a:94:d5:f9:01:2c:a9:b2:71:
3c:cb:e5:38:02:47:29:06:3a:e7:a4:8a:b2:80:1e:
76:76:e6:26:16:b3:de:26:bb:2a:57:4d:e3:32:4c:
ff:58:fd:a3:c2:fa:c5:59:bf:2c:80:3c:ae:29:c6:
8f:61:fa:5f:dc:7b:24:99:91:19:b6:99:d3:26:6d:
3e:62:37:9a:40:b2:24:89:0d:e8:bb:26:c8:e1:41:
70:52:59:88:ac:03:64:46:d9:30:37:4b:cc:93:a5:
40:ee:94:2c:59:ac:96:b4:9c:b0:c7:f5:1d:e8:d4:
c4:5f:0d:53:1e:1f:48:dd:74:1c:87:fa:fc:5f:37:
9a:98:7d:c1:98:70:d9:7f:3e:42:0d:f6:52:97:fc:
c0:c7:81:b5:38:4f:22:bd:df:c9:c1:aa:11:1f:04:
b2:9f:e1:5b:47:99:55:a4:3e:85:42:3f:c0:2c:47:
61:89:3a:77:93:d4:63:02:6a:9d:9f:fc:f6:fe:6c:
a4:f2:f6:51:fb:a9:c6:19:f4:6b:aa:24:d8:28:76:
80:65:00:8c:4c:47:54:3e:3e:95:30:89:5e:38:d5:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E6:B7:9A:F6:B6:4C:F2:63:B8:CA:27:AD:2C:AF:EE:DB:2C:56:3B
X509v3 Authority Key Identifier:
keyid:94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/pOa3mva2TPJjuMonrSyv7tssVjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.206.0/24
IPv6:
2a10:1800:1::-2a10:1800:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:1c:a9:e9:5e:b5:21:4c:39:00:d7:7a:7d:29:b9:f1:28:e9:
de:35:2c:c4:b7:88:05:14:6a:41:bf:f0:a6:0f:03:08:4a:c3:
9b:38:3f:ae:99:38:97:6a:04:b4:5b:c9:93:95:1b:f1:71:65:
30:4b:12:26:70:3e:5b:73:9b:47:a2:97:48:28:6d:62:6d:8d:
bc:6a:1e:86:ec:c3:1b:c3:89:97:ca:96:95:aa:64:f5:b9:9c:
a5:38:ad:aa:5d:df:4f:a4:03:85:6b:67:3a:42:f2:b4:71:9f:
87:04:97:58:fe:95:19:aa:02:de:bf:88:49:35:d0:91:6d:d7:
29:8a:3d:ca:80:06:5d:93:0f:a1:2c:cd:37:07:c6:30:c5:67:
4f:78:59:87:23:ca:d0:56:68:62:2c:9e:8b:f6:02:af:8c:ff:
23:32:95:a8:e8:d0:de:52:f6:14:73:13:d0:d7:65:cc:3d:ed:
d1:bf:0e:8d:53:0e:c1:33:17:df:82:e5:48:d7:16:e0:ce:e2:
fc:fd:59:37:aa:8b:4a:1f:f3:95:b9:3d:0d:d2:3f:28:98:b0:
47:7e:65:42:4a:9c:de:28:db:1a:4f:b8:14:73:6b:d6:9b:f5:
a0:d3:e3:cd:04:a1:03:50:4b:a9:61:14:12:e1:27:67:fd:d5:
a0:8e:45:10
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGt/DDaddeFkSEr+qp/8ClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTZmYTZhOTBlZDk0ZTIyMWRiNjlkMjFmY2RkYTdjNjZk
MTNjOTEwHhcNMjQwMTAxMjAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU2Yjc5YWY2YjY0Y2YyNjNiOGNhMjdhZDJjYWZlZWRiMmM1NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHxHkG2ZVF4+n86rKyIZU4QPRlTF
wPwgqjb8gLYP8rZhxosqlNX5ASypsnE8y+U4AkcpBjrnpIqygB52duYmFrPeJrsq
V03jMkz/WP2jwvrFWb8sgDyuKcaPYfpf3HskmZEZtpnTJm0+YjeaQLIkiQ3ouybI
4UFwUlmIrANkRtkwN0vMk6VA7pQsWayWtJywx/Ud6NTEXw1THh9I3XQch/r8Xzea
mH3BmHDZfz5CDfZSl/zAx4G1OE8ivd/JwaoRHwSyn+FbR5lVpD6FQj/ALEdhiTp3
k9RjAmqdn/z2/myk8vZR+6nGGfRrqiTYKHaAZQCMTEdUPj6VMIleONWr1wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKTmt5r2tkzyY7jKJ60sr+7bLFY7MB8GA1UdIwQY
MBaAFJQW+mqQ7ZTiIdtp0h/N2nxm0TyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYt
N2RlOTEwZTAwYmVkLzEvcE9hM212YTJUUEpqdU1vbnJTeXY3dHNzVmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYtN2RlOTEwZTAwYmVk
LzEvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAXufOMBoE
AgACMBQwEgMHACoQGAAAAQMHACoQGAAAAjANBgkqhkiG9w0BAQsFAAOCAQEAJhyp
6V61IUw5ANd6fSm58Sjp3jUsxLeIBRRqQb/wpg8DCErDmzg/rpk4l2oEtFvJk5Ub
8XFlMEsSJnA+W3ObR6KXSChtYm2NvGoehuzDG8OJl8qWlapk9bmcpTitql3fT6QD
hWtnOkLytHGfhwSXWP6VGaoC3r+ISTXQkW3XKYo9yoAGXZMPoSzNNwfGMMVnT3hZ
hyPK0FZoYiyei/YCr4z/IzKVqOjQ3lL2FHMT0NdlzD3t0b8OjVMOwTMX34LlSNcW
4M7i/P1ZN6qLSh/zlbk9DdI/KJiwR35lQkqc3ijbGk+4FHNr1pv1oNPjzQShA1BL
qWEUEuEnZ/3VoI5FEA==
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:48:07 2024 by rpki-client on console-ams.rpki-client.org