Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/aWbKAnd6AZ1uYSU2Eu4kbliBSCw.roa
File: aWbKAnd6AZ1uYSU2Eu4kbliBSCw.roa (raw, json)
Hash identifier: 1ZSjz+UFxfWR6f+x77OLUkWu+kJXn7/Ve1NAYLRdamw=
Subject key identifier: 69:66:CA:02:77:7A:01:9D:6E:61:25:36:12:EE:24:6E:58:81:48:2C
Certificate issuer: /CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Certificate serial: 018CC424F4DF1E0D2620116E6E5F16F4DDEE
Authority key identifier: 2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/aWbKAnd6AZ1uYSU2Eu4kbliBSCw.roa
Signing time: Mon 01 Jan 2024 08:30:05 +0000
ROA not before: Mon 01 Jan 2024 08:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50326
IP address blocks: 45.158.176.0/22 maxlen: 22
195.191.28.0/23 maxlen: 24
185.101.240.0/22 maxlen: 22
185.227.220.0/22 maxlen: 22
2a0c:ce00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f4:df:1e:0d:26:20:11:6e:6e:5f:16:f4:dd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Validity
Not Before: Jan 1 08:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6966ca02777a019d6e61253612ee246e5881482c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3a:1f:19:53:6e:7f:69:78:b9:4e:d5:c5:ef:
65:3b:55:b6:3c:e2:ab:81:cf:1f:a1:bd:04:a0:95:
53:83:3b:21:02:7f:e0:11:b8:71:85:bb:0c:50:b5:
3a:6a:ef:1f:34:01:bc:47:ab:2e:a0:0a:83:90:4f:
c5:04:50:5b:df:fc:9e:e6:3d:96:6b:e9:7e:26:68:
d6:f6:ff:7b:77:cc:9f:c3:6f:d3:1c:77:6c:5a:3b:
7a:e5:c4:69:1c:99:fe:1b:b0:d5:dd:c9:52:e0:08:
f4:16:7e:83:50:8e:71:b3:6c:98:84:13:aa:33:ee:
2e:d9:40:b7:63:6e:18:1e:55:cb:1c:e3:74:54:6e:
90:5c:73:7e:9c:7f:f0:6f:3e:59:0a:48:f0:ca:8d:
d8:e0:9f:77:ea:54:21:0f:f3:9b:4e:02:f3:ea:49:
90:d9:48:3a:15:79:da:27:fb:d6:27:2e:24:e3:13:
c6:41:c7:e3:2f:e4:6d:0e:f7:8c:02:c6:86:8f:b8:
f2:a7:4d:c1:92:0f:ec:b8:ff:9f:47:97:1e:8b:22:
76:ea:ae:0e:3c:33:2a:a8:ea:89:e5:d3:dd:77:99:
34:c3:4d:af:f2:e4:db:f3:71:be:b2:0f:5c:ab:fd:
87:10:07:b3:70:18:4a:71:47:ca:ed:65:18:db:86:
93:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:66:CA:02:77:7A:01:9D:6E:61:25:36:12:EE:24:6E:58:81:48:2C
X509v3 Authority Key Identifier:
keyid:2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/aWbKAnd6AZ1uYSU2Eu4kbliBSCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.176.0/22
185.101.240.0/22
185.227.220.0/22
195.191.28.0/23
IPv6:
2a0c:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
8d:72:95:8f:f2:b7:8a:f7:18:b2:25:83:ce:85:db:6e:33:cb:
96:53:36:2b:39:c2:05:01:7f:84:9a:5e:ee:0f:df:d4:a4:aa:
c0:bf:c8:ab:d9:48:61:ef:07:e3:d9:e5:54:ab:a7:c1:21:aa:
c6:c8:f6:89:94:3a:5c:c6:dd:f2:46:5b:a2:0f:ac:c6:e7:a9:
1f:78:d8:72:98:5d:e8:8f:23:8f:92:be:5e:62:30:47:de:3b:
40:0e:1e:d2:a4:4c:e8:ef:e3:25:83:48:56:75:e8:71:41:dd:
42:53:b4:27:e4:b3:03:8a:9b:da:e1:d9:15:5b:a5:db:cf:bd:
0e:c3:12:a0:4d:5e:70:52:31:95:de:4b:93:97:fa:d9:3a:b5:
59:f8:78:e4:a8:cd:2d:87:54:be:c4:3e:59:59:1c:4d:41:76:
41:a3:26:22:19:53:c4:72:69:89:5f:f3:9d:a0:7a:e5:1a:b9:
1a:49:fb:c5:f1:55:e3:a4:a3:32:56:ae:a5:19:ed:83:a1:20:
9c:09:e6:98:fb:0b:8a:ae:a3:dc:d4:7e:0a:94:8a:71:6e:35:
5d:98:ad:c5:e5:29:de:4a:10:dc:ad:79:26:7e:99:31:fe:0c:
ee:b0:10:90:45:c0:74:1d:70:ec:ba:a1:b8:8f:90:d8:fb:a5:
49:3f:80:80
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJPTfHg0mIBFubl8W9N3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNmQ2NjEyNDM2Mjg4MGY1ZTRjNTQ4NTJmODM3NmQyYjlk
MTM3ZjQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY2Y2EwMjc3N2EwMTlkNmU2MTI1MzYxMmVlMjQ2ZTU4ODE0ODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjofGVNuf2l4uU7Vxe9lO1W2POKr
gc8fob0EoJVTgzshAn/gEbhxhbsMULU6au8fNAG8R6suoAqDkE/FBFBb3/ye5j2W
a+l+JmjW9v97d8yfw2/THHdsWjt65cRpHJn+G7DV3clS4Aj0Fn6DUI5xs2yYhBOq
M+4u2UC3Y24YHlXLHON0VG6QXHN+nH/wbz5ZCkjwyo3Y4J936lQhD/ObTgLz6kmQ
2Ug6FXnaJ/vWJy4k4xPGQcfjL+RtDveMAsaGj7jyp03Bkg/suP+fR5ceiyJ26q4O
PDMqqOqJ5dPdd5k0w02v8uTb83G+sg9cq/2HEAezcBhKcUfK7WUY24aTAwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGlmygJ3egGdbmElNhLuJG5YgUgsMB8GA1UdIwQY
MBaAFCxtZhJDYogPXkxUhS+DdtK50Tf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMt
ZTQwMzBmYTFiMDRhLzEvYVdiS0FuZDZBWjF1WVNVMkV1NGtibGlCU0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMtZTQwMzBmYTFiMDRh
LzEvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZ6wAwQC
uWXwAwQCuePcAwQBw78cMA0EAgACMAcDBQMqDM4AMA0GCSqGSIb3DQEBCwUAA4IB
AQCNcpWP8reK9xiyJYPOhdtuM8uWUzYrOcIFAX+Eml7uD9/UpKrAv8ir2Uhh7wfj
2eVUq6fBIarGyPaJlDpcxt3yRluiD6zG56kfeNhymF3ojyOPkr5eYjBH3jtADh7S
pEzo7+Mlg0hWdehxQd1CU7Qn5LMDipva4dkVW6Xbz70OwxKgTV5wUjGV3kuTl/rZ
OrVZ+HjkqM0th1S+xD5ZWRxNQXZBoyYiGVPEcmmJX/OdoHrlGrkaSfvF8VXjpKMy
Vq6lGe2DoSCcCeaY+wuKrqPc1H4KlIpxbjVdmK3F5SneShDcrXkmfpkx/gzusBCQ
RcB0HXDsuqG4j5DY+6VJP4CA
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:51 2024 by rpki-client on console-ams.rpki-client.org