Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/m4nmKNZYLDFsaIsMUFcuK1bXueY.roa
File: m4nmKNZYLDFsaIsMUFcuK1bXueY.roa (raw, json)
Hash identifier: W6cYXtqEYJM7oE8yioONLyhHj50qL/RQILjA6Q2Tiz8=
Subject key identifier: 9B:89:E6:28:D6:58:2C:31:6C:68:8B:0C:50:57:2E:2B:56:D7:B9:E6
Certificate issuer: /CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Certificate serial: 0191E5362CCC83E083BD94A665C48A2B4917
Authority key identifier: E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/m4nmKNZYLDFsaIsMUFcuK1bXueY.roa
Signing time: Thu 12 Sep 2024 07:50:18 +0000
ROA not before: Thu 12 Sep 2024 07:50:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15738
IP address blocks: 80.84.176.0/20 maxlen: 20
80.254.0.0/20 maxlen: 20
89.21.88.0/22 maxlen: 22
89.21.93.0/24 maxlen: 24
89.21.94.0/24 maxlen: 24
2a06:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:36:2c:cc:83:e0:83:bd:94:a6:65:c4:8a:2b:49:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Validity
Not Before: Sep 12 07:50:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b89e628d6582c316c688b0c50572e2b56d7b9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:f7:b4:9e:7e:18:83:7f:f5:80:65:6f:41:
7b:4b:2c:d4:4d:d8:e6:a9:e4:ec:00:7d:e8:99:27:
d3:69:0b:32:3a:84:00:3a:d7:93:3f:cf:85:45:6e:
0d:50:1e:3b:ab:0b:ef:1f:b8:e1:5a:23:91:d5:2e:
5f:97:84:e1:13:87:3b:ea:3d:91:c5:2b:4e:8b:b6:
54:02:b3:3c:77:ae:12:c5:e7:57:7a:67:28:07:60:
eb:d5:0c:29:d1:db:41:5d:fd:fc:95:73:72:4f:2f:
07:e5:7c:6f:c0:63:0a:8f:7d:1f:88:64:e4:53:13:
16:47:94:b4:63:49:d1:28:4c:d7:95:1a:55:02:41:
c6:99:8d:c4:09:39:fc:1e:3f:76:ee:4a:8e:2d:1b:
47:3c:2e:a2:03:cb:4b:b3:78:ea:f3:81:56:84:27:
e2:94:f5:45:01:9e:d1:ee:ef:9c:e0:12:72:e9:06:
ae:f7:51:9e:48:ac:ab:d5:2f:2c:ef:90:2e:a1:15:
fd:83:7b:a3:a0:7e:2f:f9:bc:f8:23:f1:57:62:77:
b0:ee:88:7f:6f:42:8d:77:73:13:a7:77:85:21:ba:
37:4c:94:e4:7b:df:e8:77:d6:81:2e:6a:05:8e:3b:
65:02:60:d9:28:df:96:c3:a0:7f:d4:fc:10:cc:21:
a3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:89:E6:28:D6:58:2C:31:6C:68:8B:0C:50:57:2E:2B:56:D7:B9:E6
X509v3 Authority Key Identifier:
keyid:E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/m4nmKNZYLDFsaIsMUFcuK1bXueY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.176.0/20
80.254.0.0/20
89.21.88.0/22
89.21.93.0-89.21.94.255
IPv6:
2a06:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
15:0e:6b:13:ca:7e:37:49:ae:bc:c9:d6:e0:f8:13:cb:68:02:
6f:e4:50:33:54:0a:d0:de:48:50:2b:b0:ff:76:76:2a:e3:34:
4b:3a:c2:94:95:b4:63:56:e4:9e:17:12:21:f0:48:e4:bf:3a:
0c:4f:b3:b2:3e:a6:e0:14:66:dd:da:1e:51:ba:d6:3b:42:7f:
f9:a2:13:c6:93:5b:32:df:e8:48:9b:21:0a:3b:c8:b4:94:6d:
53:91:72:b8:a2:22:46:3d:14:f6:81:de:84:e4:d0:c8:52:3e:
58:b5:3b:8e:59:38:68:2e:c4:7f:da:ce:1d:c7:90:f3:3b:67:
19:73:5c:95:df:0d:6f:be:59:e5:91:85:96:eb:d6:99:c8:bc:
fc:5a:16:c0:0b:ec:7f:f5:a7:a4:af:40:f3:66:64:dc:07:08:
08:5a:a2:b1:bc:97:0b:6c:3b:ba:83:f8:01:11:0e:0e:0c:61:
ab:5d:f6:e6:50:fa:af:50:75:6a:e8:dc:e5:db:c4:57:76:32:
a2:6b:70:d9:5a:27:d1:36:4a:57:4f:6e:b0:5b:ed:e0:a1:45:
f9:b3:8c:3d:3f:59:2f:42:15:a7:30:8f:24:69:07:cf:81:45:
a5:35:a8:e9:6e:15:cb:93:e1:31:70:f4:8f:32:1d:c1:65:e0:
4f:87:fb:eb
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZHlNizMg+CDvZSmZcSKK0kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MjA2YWEzMjUyZTNlYThkNjg0ZWFlYzdhMjk5MzUxM2I1
ZDIzMDcwHhcNMjQwOTEyMDc1MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg5ZTYyOGQ2NTgyYzMxNmM2ODhiMGM1MDU3MmUyYjU2ZDdiOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx/3tJ5+GIN/9YBlb0F7SyzUTdjm
qeTsAH3omSfTaQsyOoQAOteTP8+FRW4NUB47qwvvH7jhWiOR1S5fl4ThE4c76j2R
xStOi7ZUArM8d64SxedXemcoB2Dr1Qwp0dtBXf38lXNyTy8H5XxvwGMKj30fiGTk
UxMWR5S0Y0nRKEzXlRpVAkHGmY3ECTn8Hj927kqOLRtHPC6iA8tLs3jq84FWhCfi
lPVFAZ7R7u+c4BJy6Qau91GeSKyr1S8s75AuoRX9g3ujoH4v+bz4I/FXYnew7oh/
b0KNd3MTp3eFIbo3TJTke9/od9aBLmoFjjtlAmDZKN+Ww6B/1PwQzCGjxQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJuJ5ijWWCwxbGiLDFBXLitW17nmMB8GA1UdIwQY
MBaAFOggaqMlLj6o1oTq7Hopk1E7XSMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkNCcW95VXVQcWpXaE9yc2VpbVRVVHRkSXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80N2FjY2ItNmYzYy00YzZjLTlmZDAt
NTg1ZWI4NDU1OGY5LzEvbTRubUtOWllMREZzYUlzTVVGY3VLMWJYdWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80N2FjY2ItNmYzYy00YzZjLTlmZDAtNTg1ZWI4NDU1OGY5
LzEvNkNCcW95VXVQcWpXaE9yc2VpbVRVVHRkSXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQEUFSwAwQE
UP4AAwQCWRVYMAwDBABZFV0DBABZFV4wDQQCAAIwBwMFAyoG/0AwDQYJKoZIhvcN
AQELBQADggEBABUOaxPKfjdJrrzJ1uD4E8toAm/kUDNUCtDeSFArsP92dirjNEs6
wpSVtGNW5J4XEiHwSOS/OgxPs7I+puAUZt3aHlG61jtCf/miE8aTWzLf6EibIQo7
yLSUbVORcriiIkY9FPaB3oTk0MhSPli1O45ZOGguxH/azh3HkPM7ZxlzXJXfDW++
WeWRhZbr1pnIvPxaFsAL7H/1p6SvQPNmZNwHCAhaorG8lwtsO7qD+AERDg4MYatd
9uZQ+q9QdWro3OXbxFd2MqJrcNlaJ9E2SldPbrBb7eChRfmzjD0/WS9CFacwjyRp
B8+BRaU1qOluFcuT4TFw9I8yHcFl4E+H++s=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:18 2024 by rpki-client on console-ams.rpki-client.org