Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/9ydGXKFDSqu48eNIpY4HYMAQqFM.roa
File: 9ydGXKFDSqu48eNIpY4HYMAQqFM.roa (raw, json)
Hash identifier: BjvK2XzA+gHug/cCegHGD4n1HbPXwXs/xADjI4SWplY=
Subject key identifier: F7:27:46:5C:A1:43:4A:AB:B8:F1:E3:48:A5:8E:07:60:C0:10:A8:53
Certificate issuer: /CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Certificate serial: 018CC56EFC489EC0CD11DEE7576D6FAC285B
Authority key identifier: 9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/9ydGXKFDSqu48eNIpY4HYMAQqFM.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39232
IP address blocks: 134.19.210.0/23 maxlen: 23
134.19.208.0/23 maxlen: 23
134.19.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 02:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fc:48:9e:c0:cd:11:de:e7:57:6d:6f:ac:28:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f727465ca1434aabb8f1e348a58e0760c010a853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2e:bc:9d:0f:92:d1:f1:c5:1f:1f:af:1a:0c:
a8:72:23:94:26:33:ba:47:83:a1:25:dc:9d:a6:40:
af:d7:8e:a3:07:c4:cc:bb:fd:e4:ba:90:7e:29:49:
80:5d:0a:49:0d:05:dd:a4:dc:00:0b:bf:52:1d:d7:
01:df:14:5f:26:79:ef:f0:bc:4a:3a:07:e2:6b:be:
9a:ce:b5:7f:8d:b2:99:05:8a:96:4a:65:3a:b2:ae:
47:9b:f9:04:e5:4d:e3:47:b9:46:af:28:a1:8d:d7:
64:13:be:43:69:c6:d3:2e:bf:84:ee:07:6d:c8:f8:
01:c0:cc:fc:93:bb:e5:09:0e:90:91:9b:18:65:78:
a5:58:85:37:e0:63:e6:ce:32:7f:b1:6e:10:38:f9:
8a:2d:f8:a5:b3:7c:a6:2d:e7:09:29:12:4d:c3:fe:
05:b2:16:bc:21:aa:99:cb:79:da:23:56:fa:24:7b:
25:7a:6d:f4:ed:7e:33:e8:42:e6:fc:dd:6c:a3:73:
19:e3:1d:d8:9f:73:e7:c0:00:a6:fd:2c:b3:8c:51:
54:30:e0:a5:eb:cb:1b:0a:80:eb:3a:e0:77:2e:af:
91:82:dd:f0:58:b6:54:4f:ca:10:32:da:ec:70:32:
a1:88:ee:53:41:35:a5:cd:b8:40:33:7b:20:ae:5b:
a0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:27:46:5C:A1:43:4A:AB:B8:F1:E3:48:A5:8E:07:60:C0:10:A8:53
X509v3 Authority Key Identifier:
keyid:9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/9ydGXKFDSqu48eNIpY4HYMAQqFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.208.0/22
Signature Algorithm: sha256WithRSAEncryption
57:44:bc:28:b6:9e:14:11:4c:04:59:d5:64:49:d4:c1:a1:35:
79:f8:49:8a:2f:36:15:b4:85:61:83:8c:6d:94:33:b0:0f:6b:
05:87:83:cb:09:2d:65:26:48:0a:64:e0:f2:7f:88:1f:0f:b4:
ca:53:1d:c7:7f:f0:31:e9:28:d9:a1:f2:b9:9e:f0:74:f8:ba:
e2:60:a2:0d:97:7f:53:d4:6c:a3:54:13:96:e1:fb:bc:12:7f:
e8:27:2d:2d:4e:0a:e5:4f:2f:b0:b2:fa:ed:ea:e3:8a:23:16:
4d:92:ab:84:f8:fc:06:28:c6:b8:9c:7f:f2:62:06:c9:b3:a6:
cf:e4:78:c6:32:6d:27:f1:f4:b1:78:ff:3b:1a:fa:bf:7e:6f:
63:a1:61:4c:f6:9e:2d:09:43:57:44:7e:8b:f2:42:9f:47:3d:
11:84:fa:ca:4e:55:6e:63:a5:6e:0c:25:b2:44:7d:e9:36:4e:
39:60:f9:1a:9c:83:1b:89:d0:8a:9b:9a:5a:1b:2f:06:fa:c8:
19:7e:31:6d:48:85:1f:55:87:27:a7:65:ae:80:14:4a:3d:91:
07:e6:f2:ca:86:e0:c0:0c:64:60:b7:c1:23:a5:bd:88:23:05:
de:ac:ad:54:a0:d5:13:9f:a0:be:c8:b6:54:4c:10:e0:60:ae:
01:e4:9d:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvxInsDNEd7nV21vrChbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWQzNmFmMTNkYTQ4MmZkZjc5ZmI1NDAzZTUwNzQ4NjBl
ZWNkMGQwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI3NDY1Y2ExNDM0YWFiYjhmMWUzNDhhNThlMDc2MGMwMTBhODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS68nQ+S0fHFHx+vGgyociOUJjO6
R4OhJdydpkCv146jB8TMu/3kupB+KUmAXQpJDQXdpNwAC79SHdcB3xRfJnnv8LxK
Ogfia76azrV/jbKZBYqWSmU6sq5Hm/kE5U3jR7lGryihjddkE75DacbTLr+E7gdt
yPgBwMz8k7vlCQ6QkZsYZXilWIU34GPmzjJ/sW4QOPmKLfils3ymLecJKRJNw/4F
sha8IaqZy3naI1b6JHslem307X4z6ELm/N1so3MZ4x3Yn3PnwACm/SyzjFFUMOCl
68sbCoDrOuB3Lq+Rgt3wWLZUT8oQMtrscDKhiO5TQTWlzbhAM3sgrlugpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcnRlyhQ0qruPHjSKWOB2DAEKhTMB8GA1UdIwQY
MBaAFJvtNq8T2kgv33n7VAPlB0hg7s0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS0wMnJ4UGFTQ19mZWZ0VUEtVUhTR0R1elEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80YjAyODMtYTkwYy00ZDY0LTgzMDEt
ZDIyMWViZDA4MThkLzEvOXlkR1hLRkRTcXU0OGVOSXBZNEhZTUFRcUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80YjAyODMtYTkwYy00ZDY0LTgzMDEtZDIyMWViZDA4MThk
LzEvbS0wMnJ4UGFTQ19mZWZ0VUEtVUhTR0R1elEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQChhPQMA0G
CSqGSIb3DQEBCwUAA4IBAQBXRLwotp4UEUwEWdVkSdTBoTV5+EmKLzYVtIVhg4xt
lDOwD2sFh4PLCS1lJkgKZODyf4gfD7TKUx3Hf/Ax6SjZofK5nvB0+LriYKINl39T
1GyjVBOW4fu8En/oJy0tTgrlTy+wsvrt6uOKIxZNkquE+PwGKMa4nH/yYgbJs6bP
5HjGMm0n8fSxeP87Gvq/fm9joWFM9p4tCUNXRH6L8kKfRz0RhPrKTlVuY6VuDCWy
RH3pNk45YPkanIMbidCKm5paGy8G+sgZfjFtSIUfVYcnp2WugBRKPZEH5vLKhuDA
DGRgt8Ejpb2IIwXerK1UoNUTn6C+yLZUTBDgYK4B5J0d
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:38:14 2024 by rpki-client on console-ams.rpki-client.org