Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/aF8xljunAZ5tpumaiY2cJrXcWYs.roa
File: aF8xljunAZ5tpumaiY2cJrXcWYs.roa (raw, json)
Hash identifier: tdrB4h3Zl3focldbONvSLxYXIeYSR3UGsdfQOOAzZxQ=
Subject key identifier: 68:5F:31:96:3B:A7:01:9E:6D:A6:E9:9A:89:8D:9C:26:B5:DC:59:8B
Certificate issuer: /CN=17999e211914a68db83eaf3f7fd384c53e747455
Certificate serial: 018CC5DC431BD152FB8A3F98AAB569750578
Authority key identifier: 17:99:9E:21:19:14:A6:8D:B8:3E:AF:3F:7F:D3:84:C5:3E:74:74:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5meIRkUpo24Pq8_f9OExT50dFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/aF8xljunAZ5tpumaiY2cJrXcWYs.roa
Signing time: Mon 01 Jan 2024 16:29:55 +0000
ROA not before: Mon 01 Jan 2024 16:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211037
IP address blocks: 185.21.134.0/24 maxlen: 24
2a04:4480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/F5meIRkUpo24Pq8_f9OExT50dFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/F5meIRkUpo24Pq8_f9OExT50dFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5meIRkUpo24Pq8_f9OExT50dFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:43:1b:d1:52:fb:8a:3f:98:aa:b5:69:75:05:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17999e211914a68db83eaf3f7fd384c53e747455
Validity
Not Before: Jan 1 16:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685f31963ba7019e6da6e99a898d9c26b5dc598b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d7:33:04:2d:f7:70:22:f9:d5:5e:e0:4f:e8:
52:36:0d:8a:a8:41:db:27:c9:90:ba:cb:4e:7c:9f:
fb:73:42:3d:5e:6d:d9:59:ae:fb:97:ec:ce:8c:69:
9a:25:09:b7:ae:06:4d:d9:f6:11:23:05:c2:d4:24:
a4:e3:0e:ba:08:95:11:7c:59:e0:96:62:d6:a1:fc:
65:14:60:ff:07:43:24:e9:6c:35:c5:3d:bc:e4:e9:
e8:f9:05:63:ba:dd:cd:75:40:46:79:e4:c2:1f:10:
1d:09:76:4c:09:56:89:d0:ec:55:a6:ec:58:2b:cd:
a6:b9:1f:63:23:08:42:27:b7:53:31:ee:e6:19:83:
99:7d:f6:5c:8a:dd:58:01:59:6c:96:2a:a5:94:f5:
f9:df:40:e7:c6:72:a2:e8:36:4f:ae:90:af:58:44:
06:28:8c:d9:d6:fd:27:45:53:e1:20:72:54:6f:66:
02:e0:7d:07:dc:47:7a:48:41:76:0e:68:8e:fd:21:
33:e5:59:78:05:e1:a6:18:40:00:12:8b:b8:8d:51:
76:bc:4b:25:9c:b2:98:22:2c:30:a8:d8:f2:15:ba:
a4:ae:b4:9a:dc:55:1c:99:30:b8:de:89:57:e6:9c:
78:e0:ae:ab:cf:9e:5e:d6:8d:d4:c0:84:1e:bd:53:
8d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5F:31:96:3B:A7:01:9E:6D:A6:E9:9A:89:8D:9C:26:B5:DC:59:8B
X509v3 Authority Key Identifier:
keyid:17:99:9E:21:19:14:A6:8D:B8:3E:AF:3F:7F:D3:84:C5:3E:74:74:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5meIRkUpo24Pq8_f9OExT50dFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/aF8xljunAZ5tpumaiY2cJrXcWYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/F5meIRkUpo24Pq8_f9OExT50dFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.134.0/24
IPv6:
2a04:4480::/32
Signature Algorithm: sha256WithRSAEncryption
a9:6d:c8:b9:d1:d3:c0:e2:ba:1f:97:1f:fb:db:0f:c8:99:c2:
fb:3a:9e:d2:53:82:00:80:72:86:c2:2e:2a:a8:dc:f1:6c:ef:
33:88:35:53:7e:da:e0:d9:d6:de:3b:43:11:69:7e:39:51:35:
67:10:c2:4b:fe:3e:a3:c9:ac:b7:96:c3:cb:6d:a4:43:44:17:
ba:4a:3a:5d:4f:46:30:ae:2d:87:8f:d4:b9:c5:28:2c:e5:be:
a1:f2:ec:7f:62:e9:8d:33:6e:42:5f:66:04:04:94:70:b7:f7:
9e:80:6f:9f:6b:92:91:8d:d1:e9:c7:61:85:2f:38:cd:5b:29:
c4:bf:ac:e7:bb:d8:b5:c4:c6:d5:ce:44:8e:95:b8:af:b0:77:
0f:c1:32:02:51:34:66:56:7a:8b:28:1a:d9:03:5b:ee:89:e7:
1c:61:b4:fd:2e:6b:45:e8:91:9d:f6:8b:b6:55:b6:f5:84:26:
93:e4:af:07:93:24:ab:46:be:1c:10:33:b2:81:fe:6b:39:0e:
aa:1f:d0:83:f4:b9:a2:61:71:e3:68:ce:c5:45:5f:c9:db:b5:
39:13:2a:a6:3b:3e:9a:df:b6:28:0c:e6:42:4f:63:05:72:71:
27:68:8e:d2:97:f0:85:49:d4:87:df:8e:d5:94:7d:51:f5:8f:
d3:8e:c2:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3EMb0VL7ij+YqrVpdQV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTk5ZTIxMTkxNGE2OGRiODNlYWYzZjdmZDM4NGM1M2U3
NDc0NTUwHhcNMjQwMTAxMTYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVmMzE5NjNiYTcwMTllNmRhNmU5OWE4OThkOWMyNmI1ZGM1OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndczBC33cCL51V7gT+hSNg2KqEHb
J8mQustOfJ/7c0I9Xm3ZWa77l+zOjGmaJQm3rgZN2fYRIwXC1CSk4w66CJURfFng
lmLWofxlFGD/B0Mk6Ww1xT285Ono+QVjut3NdUBGeeTCHxAdCXZMCVaJ0OxVpuxY
K82muR9jIwhCJ7dTMe7mGYOZffZcit1YAVlsliqllPX530DnxnKi6DZPrpCvWEQG
KIzZ1v0nRVPhIHJUb2YC4H0H3Ed6SEF2DmiO/SEz5Vl4BeGmGEAAEou4jVF2vEsl
nLKYIiwwqNjyFbqkrrSa3FUcmTC43olX5px44K6rz55e1o3UwIQevVONUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGhfMZY7pwGebabpmomNnCa13FmLMB8GA1UdIwQY
MBaAFBeZniEZFKaNuD6vP3/ThMU+dHRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVtZUlSa1VwbzI0UHE4X2Y5T0V4VDUwZEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lYTExN2EtNDEyYS00OWUyLTg5MGYt
NGJiNDNiYTNjZGUzLzEvYUY4eGxqdW5BWjV0cHVtYWlZMmNKclhjV1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lYTExN2EtNDEyYS00OWUyLTg5MGYtNGJiNDNiYTNjZGUz
LzEvRjVtZUlSa1VwbzI0UHE4X2Y5T0V4VDUwZEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRWGMA0E
AgACMAcDBQAqBESAMA0GCSqGSIb3DQEBCwUAA4IBAQCpbci50dPA4roflx/72w/I
mcL7Op7SU4IAgHKGwi4qqNzxbO8ziDVTftrg2dbeO0MRaX45UTVnEMJL/j6jyay3
lsPLbaRDRBe6SjpdT0Ywri2Hj9S5xSgs5b6h8ux/YumNM25CX2YEBJRwt/eegG+f
a5KRjdHpx2GFLzjNWynEv6znu9i1xMbVzkSOlbivsHcPwTICUTRmVnqLKBrZA1vu
ieccYbT9LmtF6JGd9ou2Vbb1hCaT5K8HkySrRr4cEDOygf5rOQ6qH9CD9LmiYXHj
aM7FRV/J27U5EyqmOz6a37YoDOZCT2MFcnEnaI7Sl/CFSdSH347VlH1R9Y/TjsKv
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:34:19 2024 by rpki-client on console-ams.rpki-client.org