Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/AhDMQ2XtjkCjhcUlzS96675I5EA.roa
File: AhDMQ2XtjkCjhcUlzS96675I5EA.roa (raw, json)
Hash identifier: OILGpZHgOyAGc0xJcfdpo/reGYgizY7ShfkMhEVZHJM=
Subject key identifier: 02:10:CC:43:65:ED:8E:40:A3:85:C5:25:CD:2F:7A:EB:BE:48:E4:40
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018CC7946B349DB27FE2629C5B65BA65479B
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/AhDMQ2XtjkCjhcUlzS96675I5EA.roa
Signing time: Tue 02 Jan 2024 00:30:41 +0000
ROA not before: Tue 02 Jan 2024 00:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201128
IP address blocks: 85.153.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6b:34:9d:b2:7f:e2:62:9c:5b:65:ba:65:47:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 2 00:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0210cc4365ed8e40a385c525cd2f7aebbe48e440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5c:c3:6e:46:0a:02:c3:9f:03:99:7d:a9:af:
0c:0c:7b:19:e2:f5:c1:ba:fa:2e:4f:a9:ec:f2:4f:
68:ff:a3:ee:ed:f7:9b:a6:35:d1:66:65:a1:b6:58:
35:87:b5:d9:fd:03:fb:ca:b4:30:ad:a7:d3:10:1a:
4d:d4:dc:f1:db:c8:3d:8e:de:f6:01:99:e2:b3:b2:
01:3d:46:0c:de:e5:91:e8:cf:ac:85:55:e9:ae:fc:
3f:16:92:32:e4:2b:e9:ec:31:97:a7:69:8f:59:85:
15:20:b9:e5:4a:8d:d2:cb:32:a3:11:89:a4:de:9d:
66:95:fa:4a:32:5b:fd:99:34:f5:e6:ea:9e:82:ef:
e5:1c:6d:7a:64:3e:e6:ce:e8:51:01:2b:fc:92:63:
f2:ca:c2:93:42:18:ae:fb:6d:67:f3:c6:ac:1c:90:
18:99:d8:e6:1e:24:a8:be:6c:c8:96:c5:51:c2:56:
25:c9:38:2e:71:51:5c:d0:f3:70:07:5e:5e:97:e5:
fe:be:f4:a2:ee:87:7e:88:77:19:19:01:13:14:26:
c4:3d:6c:16:bd:a3:20:96:21:41:78:7f:89:67:b7:
e0:6d:a1:59:b4:95:38:58:9d:72:ab:ae:c4:d2:61:
2e:a5:9d:cb:3b:86:d4:9a:3f:f5:72:33:0d:2f:af:
43:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:10:CC:43:65:ED:8E:40:A3:85:C5:25:CD:2F:7A:EB:BE:48:E4:40
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/AhDMQ2XtjkCjhcUlzS96675I5EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.64.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a8:85:0f:92:26:03:c9:3d:6c:42:69:c0:ba:02:11:0d:0d:
d1:db:fd:d5:3a:30:d8:15:17:53:b3:f5:1b:0d:4e:18:20:40:
95:87:47:c3:e9:b7:83:37:6e:66:90:3f:cf:24:43:0b:49:ef:
a9:d7:81:13:dc:b2:10:32:44:77:8b:ad:ab:89:cc:68:8e:76:
8d:f5:22:ed:e8:a6:d3:ae:e7:8e:91:94:c1:ff:f2:fa:39:5a:
51:c5:5b:86:b5:c7:60:31:f5:d8:bf:f4:1e:00:40:31:46:53:
56:d7:a8:7a:ba:90:15:00:92:87:47:40:26:67:f2:d0:87:ff:
37:14:b5:93:c4:52:62:91:27:39:52:8b:d1:84:66:94:a4:a3:
83:bd:f4:f9:90:a1:36:3a:ca:ea:4b:08:cb:e6:11:93:42:db:
ca:b6:12:d3:f0:17:10:76:a8:25:c1:bb:89:9e:cf:4a:d4:51:
22:57:9a:10:ad:e2:09:b6:ff:bb:c0:50:98:1e:fa:66:cb:23:
ec:ef:2c:59:14:43:43:54:5f:aa:5e:4a:a6:08:14:37:e0:a2:
da:0e:03:2d:d5:27:ec:94:1b:b1:58:27:7c:21:e2:67:d3:28:
4e:69:cb:3b:a9:68:58:1d:4c:d3:40:df:13:03:98:b5:39:f4:
bf:dc:c9:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlGs0nbJ/4mKcW2W6ZUebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQwMTAyMDAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjEwY2M0MzY1ZWQ4ZTQwYTM4NWM1MjVjZDJmN2FlYmJlNDhlNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVzDbkYKAsOfA5l9qa8MDHsZ4vXB
uvouT6ns8k9o/6Pu7febpjXRZmWhtlg1h7XZ/QP7yrQwrafTEBpN1Nzx28g9jt72
AZnis7IBPUYM3uWR6M+shVXprvw/FpIy5Cvp7DGXp2mPWYUVILnlSo3SyzKjEYmk
3p1mlfpKMlv9mTT15uqegu/lHG16ZD7mzuhRASv8kmPyysKTQhiu+21n88asHJAY
mdjmHiSovmzIlsVRwlYlyTgucVFc0PNwB15el+X+vvSi7od+iHcZGQETFCbEPWwW
vaMgliFBeH+JZ7fgbaFZtJU4WJ1yq67E0mEupZ3LO4bUmj/1cjMNL69DAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIQzENl7Y5Ao4XFJc0veuu+SORAMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvQWhETVEyWHRqa0NqaGNVbHpTOTY2NzVJNUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZlAMA0G
CSqGSIb3DQEBCwUAA4IBAQCRqIUPkiYDyT1sQmnAugIRDQ3R2/3VOjDYFRdTs/Ub
DU4YIECVh0fD6beDN25mkD/PJEMLSe+p14ET3LIQMkR3i62ricxojnaN9SLt6KbT
rueOkZTB//L6OVpRxVuGtcdgMfXYv/QeAEAxRlNW16h6upAVAJKHR0AmZ/LQh/83
FLWTxFJikSc5UovRhGaUpKODvfT5kKE2OsrqSwjL5hGTQtvKthLT8BcQdqglwbuJ
ns9K1FEiV5oQreIJtv+7wFCYHvpmyyPs7yxZFENDVF+qXkqmCBQ34KLaDgMt1Sfs
lBuxWCd8IeJn0yhOacs7qWhYHUzTQN8TA5i1OfS/3Mn5
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:01 2024 by rpki-client on console-ams.rpki-client.org