Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/aUyywxNOefqmWwQd-aDL2VMuJH8.roa
File: aUyywxNOefqmWwQd-aDL2VMuJH8.roa (raw, json)
Hash identifier: 1x8CZ+CVU1uTYp6vZLKBM3QUxGw/1Hg9rhMu+H7NQp8=
Subject key identifier: 69:4C:B2:C3:13:4E:79:FA:A6:5B:04:1D:F9:A0:CB:D9:53:2E:24:7F
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01901B626FF1A2AFF243D92CDD9BDF7D87F6
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/aUyywxNOefqmWwQd-aDL2VMuJH8.roa
Signing time: Sat 15 Jun 2024 10:12:34 +0000
ROA not before: Sat 15 Jun 2024 10:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12660
IP address blocks: 94.184.128.0/21 maxlen: 21
94.184.128.0/22 maxlen: 22
94.184.132.0/22 maxlen: 22
194.225.32.0/20 maxlen: 24
194.225.40.0/21 maxlen: 21
194.225.40.0/24 maxlen: 24
194.225.44.0/22 maxlen: 22
194.225.80.0/21 maxlen: 21
194.225.80.0/22 maxlen: 22
194.225.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1b:62:6f:f1:a2:af:f2:43:d9:2c:dd:9b:df:7d:87:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jun 15 10:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=694cb2c3134e79faa65b041df9a0cbd9532e247f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:90:81:2c:cc:26:2b:a5:55:90:95:ba:cb:
93:a7:aa:c4:f4:57:4e:1a:41:c2:c2:02:16:e2:51:
a8:93:70:b4:33:8e:7c:45:13:cc:86:0f:b7:57:b7:
45:ef:33:45:11:28:6a:b1:2e:39:85:c3:4f:2a:45:
fc:d1:3f:c8:63:a5:f7:25:20:54:5d:61:77:89:44:
51:90:f9:38:e2:b0:b7:fe:26:bc:cb:19:df:ca:b3:
aa:ed:9e:aa:de:64:ee:05:87:ed:f8:83:14:ca:4b:
6a:90:22:b6:f9:6e:7f:80:23:63:68:8f:0c:89:34:
ca:a5:26:d3:cf:61:c0:81:87:ba:19:71:a4:c3:ab:
48:d9:76:12:1b:33:69:b6:ca:a3:ed:92:60:95:71:
52:43:e2:1d:f0:2d:e0:30:dd:7a:28:90:2d:cc:55:
3a:e8:46:2c:8b:d1:64:57:7a:d7:82:ca:1f:64:b4:
e3:4e:d6:3a:41:07:2f:02:9a:e5:8c:a5:f0:f3:72:
3f:98:ff:c7:09:2f:ad:85:25:b2:fa:3b:2b:f8:2d:
29:2b:aa:ea:2f:5c:16:8c:da:5f:8a:56:c3:dd:90:
82:d5:7e:29:36:74:71:bc:89:5e:f5:f7:d4:87:d3:
7d:d3:52:e2:b4:d8:62:7f:43:20:e7:d4:3c:eb:f4:
58:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4C:B2:C3:13:4E:79:FA:A6:5B:04:1D:F9:A0:CB:D9:53:2E:24:7F
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/aUyywxNOefqmWwQd-aDL2VMuJH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.32.0/20
194.225.80.0/21
Signature Algorithm: sha256WithRSAEncryption
29:55:01:aa:84:b1:ac:c5:fa:21:10:f9:4a:38:8a:8a:ef:cd:
26:ce:f2:a9:cc:a7:78:fc:74:38:56:0e:c3:8a:64:52:6f:0b:
db:76:46:f8:61:16:0c:79:d0:33:a5:3d:d2:7b:b9:0b:ab:81:
50:66:9e:69:61:76:5f:3e:89:3e:cb:6e:01:98:99:f3:fa:ca:
c0:3f:b5:40:45:6e:bc:f3:5b:a8:cf:8b:4e:31:ee:91:ff:b9:
a2:24:d1:a0:a7:70:12:66:f4:49:32:f4:af:7a:00:65:09:f5:
e7:b0:e8:cb:9a:27:70:d5:20:40:22:5a:31:0d:75:98:0d:d3:
21:4e:70:e0:45:03:df:5d:a2:ff:f8:2d:7a:d7:a4:c9:90:c5:
1e:35:2e:df:f1:5f:13:c1:51:7e:ce:2f:87:09:86:50:2e:d7:
dd:d3:6a:c7:80:1f:32:7a:a2:b5:9e:da:51:2a:45:df:97:fb:
40:84:82:37:07:ce:03:9e:5c:d9:58:b3:5d:74:9c:f5:5b:3d:
4e:13:f1:7b:05:b2:8c:2f:d5:b9:c4:82:8e:b5:3a:65:8c:91:
eb:57:2d:5f:19:c4:72:da:fa:9c:6c:ca:57:be:8f:ef:16:3a:
7d:81:25:76:3a:34:d0:26:e2:c2:90:a7:d4:a3:41:94:47:34:
07:c4:17:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAbYm/xoq/yQ9ks3ZvffYf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjQwNjE1MTAxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTRjYjJjMzEzNGU3OWZhYTY1YjA0MWRmOWEwY2JkOTUzMmUyNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgCQgSzMJiulVZCVusuTp6rE9FdO
GkHCwgIW4lGok3C0M458RRPMhg+3V7dF7zNFEShqsS45hcNPKkX80T/IY6X3JSBU
XWF3iURRkPk44rC3/ia8yxnfyrOq7Z6q3mTuBYft+IMUyktqkCK2+W5/gCNjaI8M
iTTKpSbTz2HAgYe6GXGkw6tI2XYSGzNptsqj7ZJglXFSQ+Id8C3gMN16KJAtzFU6
6EYsi9FkV3rXgsofZLTjTtY6QQcvAprljKXw83I/mP/HCS+thSWy+jsr+C0pK6rq
L1wWjNpfilbD3ZCC1X4pNnRxvIle9ffUh9N901LitNhif0Mg59Q86/RYvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGlMssMTTnn6plsEHfmgy9lTLiR/MB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvYVV5eXd4Tk9lZnFtV3dRZC1hREwyVk11Skg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXriAAwQE
wuEgAwQDwuFQMA0GCSqGSIb3DQEBCwUAA4IBAQApVQGqhLGsxfohEPlKOIqK780m
zvKpzKd4/HQ4Vg7DimRSbwvbdkb4YRYMedAzpT3Se7kLq4FQZp5pYXZfPok+y24B
mJnz+srAP7VARW6881uoz4tOMe6R/7miJNGgp3ASZvRJMvSvegBlCfXnsOjLmidw
1SBAIloxDXWYDdMhTnDgRQPfXaL/+C1616TJkMUeNS7f8V8TwVF+zi+HCYZQLtfd
02rHgB8yeqK1ntpRKkXfl/tAhII3B84DnlzZWLNddJz1Wz1OE/F7BbKML9W5xIKO
tTpljJHrVy1fGcRy2vqcbMpXvo/vFjp9gSV2OjTQJuLCkKfUo0GURzQHxBez
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:22:23 2024 by rpki-client on console-ams.rpki-client.org