Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/SAJLFV08vrEJaxLB45p7MgucnQM.roa
File: SAJLFV08vrEJaxLB45p7MgucnQM.roa (raw, json)
Hash identifier: at2LpM5YFmu9PYtoyDKsr0Yh2C+nHM+3dhYJTmVhqPk=
Subject key identifier: 48:02:4B:15:5D:3C:BE:B1:09:6B:12:C1:E3:9A:7B:32:0B:9C:9D:03
Certificate issuer: /CN=58dcfb0ff4f28b8ffad6eb0dd29eb2b6af629a68
Certificate serial: 018CF35FADEC59858C40B33942C77451D14C
Authority key identifier: 58:DC:FB:0F:F4:F2:8B:8F:FA:D6:EB:0D:D2:9E:B2:B6:AF:62:9A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/SAJLFV08vrEJaxLB45p7MgucnQM.roa
Signing time: Wed 10 Jan 2024 12:36:23 +0000
ROA not before: Wed 10 Jan 2024 12:36:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12046
IP address blocks: 94.138.224.0/20 maxlen: 20
185.222.78.0/24 maxlen: 24
185.222.76.0/23 maxlen: 24
2001:1a70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.mft
rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:5f:ad:ec:59:85:8c:40:b3:39:42:c7:74:51:d1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dcfb0ff4f28b8ffad6eb0dd29eb2b6af629a68
Validity
Not Before: Jan 10 12:36:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48024b155d3cbeb1096b12c1e39a7b320b9c9d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:d0:6e:9e:94:fd:a5:bb:0e:cb:5f:b1:d6:
39:45:85:5b:b9:04:78:6f:84:63:19:55:41:3b:fd:
74:ed:45:f1:70:58:2c:08:b3:43:7f:3e:20:1e:10:
ea:9c:f6:95:c6:29:84:cd:de:db:5a:42:e3:15:87:
93:b5:2d:a5:03:5e:c2:1b:41:14:c3:55:ac:1c:45:
6c:cb:f5:ad:c7:29:e7:12:81:5f:51:5f:d4:01:59:
18:77:ee:ac:e9:16:f2:30:09:65:73:56:97:37:55:
3d:b5:f2:e8:86:65:58:7d:6b:fe:b2:b5:97:23:45:
b9:f9:69:47:e2:5a:5c:44:62:f8:5e:ed:fa:a3:f7:
81:dd:c6:45:52:95:3b:07:a0:18:4b:2f:82:88:22:
4a:04:87:ce:15:48:be:0c:06:46:cc:89:f3:80:cc:
71:aa:90:09:11:23:4e:2e:17:53:08:62:fa:07:4d:
f0:c7:57:05:3a:1e:3e:5a:81:aa:a0:0d:63:d3:1d:
d6:1c:00:4d:71:46:75:4f:4e:d3:d5:76:07:be:43:
ea:b3:14:70:2f:95:ed:62:eb:b2:eb:78:b8:bf:30:
b6:f7:c8:17:6a:92:25:03:74:cc:9e:67:ec:85:ad:
99:36:4b:cc:bd:1a:fe:d3:3b:45:be:da:e2:52:18:
75:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:02:4B:15:5D:3C:BE:B1:09:6B:12:C1:E3:9A:7B:32:0B:9C:9D:03
X509v3 Authority Key Identifier:
keyid:58:DC:FB:0F:F4:F2:8B:8F:FA:D6:EB:0D:D2:9E:B2:B6:AF:62:9A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/SAJLFV08vrEJaxLB45p7MgucnQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.138.224.0/20
185.222.76.0-185.222.78.255
IPv6:
2001:1a70::/32
Signature Algorithm: sha256WithRSAEncryption
9e:f5:d8:a9:90:1d:d1:5b:bf:b4:ee:bc:f1:04:fc:0a:59:22:
69:68:b4:5f:6f:2c:c0:c6:3e:2f:e4:fd:52:88:9a:e1:7b:7d:
a2:f7:87:e5:13:7e:33:4e:14:3c:6c:55:e8:9f:01:a9:f7:9f:
89:45:aa:df:30:81:1b:20:bc:74:ee:3d:90:3c:bc:33:49:62:
3c:c3:36:32:b3:3a:1e:f0:02:3f:c3:46:97:f1:4a:a5:eb:58:
a0:b2:ff:44:7c:16:12:49:62:0a:f3:f3:6b:4f:c3:96:cc:75:
ac:f3:1c:0c:0f:eb:bd:a3:e8:01:50:a8:26:12:e4:61:e4:62:
a2:7a:8e:96:09:4b:00:80:57:2d:7e:ec:38:c1:47:f4:be:69:
fe:40:f0:6d:66:10:6c:89:99:be:3b:c9:09:21:e8:77:45:aa:
4e:0c:83:d9:87:b8:5b:94:32:ee:bc:e0:c7:3a:73:8d:f5:37:
a8:bf:dd:0b:17:a5:f4:ae:46:c0:bd:54:61:ce:63:f2:3e:08:
08:ff:76:1e:5d:33:93:37:cc:11:14:e4:35:52:29:8d:a9:bf:
af:a8:b8:80:04:2b:97:5d:6d:96:9d:b7:3e:df:12:fb:fd:3f:
d0:90:d2:3a:e0:f1:64:3f:7c:6f:a3:21:c2:b0:b3:34:e9:48:
9d:fa:19:46
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzzX63sWYWMQLM5Qsd0UdFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGNmYjBmZjRmMjhiOGZmYWQ2ZWIwZGQyOWViMmI2YWY2
MjlhNjgwHhcNMjQwMTEwMTIzNjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODAyNGIxNTVkM2NiZWIxMDk2YjEyYzFlMzlhN2IzMjBiOWM5ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1nQbp6U/aW7DstfsdY5RYVbuQR4
b4RjGVVBO/107UXxcFgsCLNDfz4gHhDqnPaVximEzd7bWkLjFYeTtS2lA17CG0EU
w1WsHEVsy/WtxynnEoFfUV/UAVkYd+6s6RbyMAllc1aXN1U9tfLohmVYfWv+srWX
I0W5+WlH4lpcRGL4Xu36o/eB3cZFUpU7B6AYSy+CiCJKBIfOFUi+DAZGzInzgMxx
qpAJESNOLhdTCGL6B03wx1cFOh4+WoGqoA1j0x3WHABNcUZ1T07T1XYHvkPqsxRw
L5XtYuuy63i4vzC298gXapIlA3TMnmfsha2ZNkvMvRr+0ztFvtriUhh1zwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEgCSxVdPL6xCWsSweOaezILnJ0DMB8GA1UdIwQY
MBaAFFjc+w/08ouP+tbrDdKesravYppoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV056N0RfVHlpNF82MXVzTjBwNnl0cTlpbW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNjYzZGYtYWMxYy00NTI5LThjOGIt
NzEyMTM1YTZiNzUwLzEvU0FKTEZWMDh2ckVKYXhMQjQ1cDdNZ3VjblFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNjYzZGYtYWMxYy00NTI5LThjOGItNzEyMTM1YTZiNzUw
LzEvV056N0RfVHlpNF82MXVzTjBwNnl0cTlpbW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEXorgMAwD
BAK53kwDBAC53k4wDQQCAAIwBwMFACABGnAwDQYJKoZIhvcNAQELBQADggEBAJ71
2KmQHdFbv7TuvPEE/ApZImlotF9vLMDGPi/k/VKImuF7faL3h+UTfjNOFDxsVeif
Aan3n4lFqt8wgRsgvHTuPZA8vDNJYjzDNjKzOh7wAj/DRpfxSqXrWKCy/0R8FhJJ
Ygrz82tPw5bMdazzHAwP672j6AFQqCYS5GHkYqJ6jpYJSwCAVy1+7DjBR/S+af5A
8G1mEGyJmb47yQkh6HdFqk4Mg9mHuFuUMu684Mc6c431N6i/3QsXpfSuRsC9VGHO
Y/I+CAj/dh5dM5M3zBEU5DVSKY2pv6+ouIAEK5ddbZadtz7fEvv9P9CQ0jrg8WQ/
fG+jIcKwszTpSJ36GUY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:18:02 2024 by rpki-client on console-fra.rpki-client.org