Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/IA9GwldjOw9-FDcL1Z5NvDRoV8o.roa
File: IA9GwldjOw9-FDcL1Z5NvDRoV8o.roa (raw, json)
Hash identifier: JGnnbwxvv3umQt0hUMu33+qEaGb7aQqm27F1r7RRSvg=
Subject key identifier: 20:0F:46:C2:57:63:3B:0F:7E:14:37:0B:D5:9E:4D:BC:34:68:57:CA
Certificate issuer: /CN=69d731fa4dd292c0c0532eea6967cec0790745aa
Certificate serial: 018CC8DF1A18458227BCE9702060781CBE48
Authority key identifier: 69:D7:31:FA:4D:D2:92:C0:C0:53:2E:EA:69:67:CE:C0:79:07:45:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/adcx-k3SksDAUy7qaWfOwHkHRao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/IA9GwldjOw9-FDcL1Z5NvDRoV8o.roa
Signing time: Tue 02 Jan 2024 06:31:53 +0000
ROA not before: Tue 02 Jan 2024 06:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50919
IP address blocks: 185.96.34.0/24 maxlen: 24
2a13:eb00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/adcx-k3SksDAUy7qaWfOwHkHRao.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/adcx-k3SksDAUy7qaWfOwHkHRao.mft
rsync://rpki.ripe.net/repository/DEFAULT/adcx-k3SksDAUy7qaWfOwHkHRao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1a:18:45:82:27:bc:e9:70:20:60:78:1c:be:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69d731fa4dd292c0c0532eea6967cec0790745aa
Validity
Not Before: Jan 2 06:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=200f46c257633b0f7e14370bd59e4dbc346857ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0e:2b:d4:6c:03:9a:61:fe:b6:75:42:52:bc:
3d:50:40:11:9c:e3:18:2f:12:c8:2e:53:a5:29:bb:
f0:39:e1:78:29:ed:f9:d7:28:2e:74:0d:d0:6b:07:
06:92:22:c9:0e:76:b9:12:a7:44:5e:9c:79:01:1b:
c6:a6:ae:6d:8d:96:31:d2:5c:a1:f8:b5:8d:b5:24:
3f:94:d1:03:3d:27:d6:fe:17:f0:de:c2:37:e3:c1:
75:99:48:72:81:4c:69:d7:e7:77:74:39:df:20:31:
ff:15:99:ec:10:c1:17:7c:3b:96:7e:aa:8d:46:c7:
1c:24:f5:74:61:e6:8b:66:bb:19:c5:f5:cd:d3:bc:
f4:70:cc:70:54:81:4d:62:4f:99:1b:56:7e:48:ec:
a2:83:3f:02:b2:ec:9a:10:b7:50:34:60:bd:4a:94:
43:86:52:7b:e4:db:76:d4:c6:96:4d:d4:99:46:e5:
cf:1f:7c:4e:cf:27:20:a0:38:2b:d7:3b:6a:d3:1a:
40:47:12:d1:c2:bc:7b:68:f0:a3:36:7d:97:43:ab:
b6:4b:b7:32:3f:29:c7:1c:8c:d1:2e:0d:2d:01:e6:
4e:3c:48:d5:18:da:b2:14:20:ca:46:71:65:7e:13:
7f:6f:ad:02:8f:f8:66:ca:60:c0:f1:ce:09:92:e7:
3c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0F:46:C2:57:63:3B:0F:7E:14:37:0B:D5:9E:4D:BC:34:68:57:CA
X509v3 Authority Key Identifier:
keyid:69:D7:31:FA:4D:D2:92:C0:C0:53:2E:EA:69:67:CE:C0:79:07:45:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adcx-k3SksDAUy7qaWfOwHkHRao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/IA9GwldjOw9-FDcL1Z5NvDRoV8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/adcx-k3SksDAUy7qaWfOwHkHRao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.34.0/24
IPv6:
2a13:eb00::/48
Signature Algorithm: sha256WithRSAEncryption
6b:95:22:b5:33:e7:ff:de:3c:63:db:ce:e7:bb:3a:d8:95:91:
7e:2f:74:09:04:de:af:16:58:d4:d2:3c:f9:c0:66:e5:12:50:
c7:80:e0:dc:8c:4d:ec:ff:0f:b1:11:4f:6b:d6:17:c0:8a:48:
5e:c0:bf:a4:5a:1d:cd:4d:91:8a:e3:6b:e5:29:dd:fc:dd:55:
b9:13:c4:23:b3:35:17:2c:9f:59:56:38:03:43:a0:47:c2:c6:
45:32:a9:f3:2b:52:83:35:73:74:10:66:31:4d:9b:9e:09:94:
55:c3:85:e7:4f:20:d4:13:dc:4c:28:cb:74:a1:76:7e:f1:84:
40:44:44:5c:7d:b8:6f:9f:6e:0d:e5:01:b7:44:73:f2:33:56:
42:b4:1a:fe:14:ca:fe:c1:c1:d0:18:af:de:33:54:29:32:51:
d8:fb:0f:ae:25:eb:f5:92:80:e1:30:57:37:94:1a:bb:f7:32:
a5:b2:ee:fd:08:01:fb:04:b6:30:80:a3:cd:18:c2:cc:ff:eb:
a1:f1:69:2c:07:2a:29:1a:cc:c8:1a:09:83:7e:10:9c:19:90:
92:10:71:c3:37:29:ad:9e:c7:31:dc:c1:64:05:52:fc:51:55:
1c:f8:ab:4d:24:07:b8:76:dd:e9:a0:a6:40:91:86:de:d9:fe:
cf:a0:bb:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3xoYRYInvOlwIGB4HL5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDczMWZhNGRkMjkyYzBjMDUzMmVlYTY5NjdjZWMwNzkw
NzQ1YWEwHhcNMjQwMTAyMDYzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBmNDZjMjU3NjMzYjBmN2UxNDM3MGJkNTllNGRiYzM0Njg1N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A4r1GwDmmH+tnVCUrw9UEARnOMY
LxLILlOlKbvwOeF4Ke351ygudA3QawcGkiLJDna5EqdEXpx5ARvGpq5tjZYx0lyh
+LWNtSQ/lNEDPSfW/hfw3sI348F1mUhygUxp1+d3dDnfIDH/FZnsEMEXfDuWfqqN
RsccJPV0YeaLZrsZxfXN07z0cMxwVIFNYk+ZG1Z+SOyigz8CsuyaELdQNGC9SpRD
hlJ75Nt21MaWTdSZRuXPH3xOzycgoDgr1ztq0xpARxLRwrx7aPCjNn2XQ6u2S7cy
PynHHIzRLg0tAeZOPEjVGNqyFCDKRnFlfhN/b60Cj/hmymDA8c4Jkuc8aQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAPRsJXYzsPfhQ3C9WeTbw0aFfKMB8GA1UdIwQY
MBaAFGnXMfpN0pLAwFMu6mlnzsB5B0WqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRjeC1rM1Nrc0RBVXk3cWFXZk93SGtIUmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85ZmI1ZTAtNTUwOC00OWY0LTlmOWUt
MzQzNjI0MTUxODJhLzEvSUE5R3dsZGpPdzktRkRjTDFaNU52RFJvVjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85ZmI1ZTAtNTUwOC00OWY0LTlmOWUtMzQzNjI0MTUxODJh
LzEvYWRjeC1rM1Nrc0RBVXk3cWFXZk93SGtIUmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWAiMA8E
AgACMAkDBwAqE+sAAAAwDQYJKoZIhvcNAQELBQADggEBAGuVIrUz5//ePGPbzue7
OtiVkX4vdAkE3q8WWNTSPPnAZuUSUMeA4NyMTez/D7ERT2vWF8CKSF7Av6RaHc1N
kYrja+Up3fzdVbkTxCOzNRcsn1lWOANDoEfCxkUyqfMrUoM1c3QQZjFNm54JlFXD
hedPINQT3Ewoy3Shdn7xhEBERFx9uG+fbg3lAbdEc/IzVkK0Gv4Uyv7BwdAYr94z
VCkyUdj7D64l6/WSgOEwVzeUGrv3MqWy7v0IAfsEtjCAo80Ywsz/66HxaSwHKika
zMgaCYN+EJwZkJIQccM3Ka2exzHcwWQFUvxRVRz4q00kB7h23emgpkCRht7Z/s+g
u5Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:12 2024 by rpki-client on console-ams.rpki-client.org