Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ABFoiYu2ulbSXZOEgPeJpoICeLA.roa
File: ABFoiYu2ulbSXZOEgPeJpoICeLA.roa (raw, json)
Hash identifier: eadnOZQXdEuukLOX/RSPOq/ibB2JxKJTNNP28HxzyHU=
Subject key identifier: 00:11:68:89:8B:B6:BA:56:D2:5D:93:84:80:F7:89:A6:82:02:78:B0
Certificate issuer: /CN=4e167ee5f8d2ac0d9cc0137b41912f181b0489b0
Certificate serial: 018CC8DFB138A0134FC7BF0A778717533226
Authority key identifier: 4E:16:7E:E5:F8:D2:AC:0D:9C:C0:13:7B:41:91:2F:18:1B:04:89:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ABFoiYu2ulbSXZOEgPeJpoICeLA.roa
Signing time: Tue 02 Jan 2024 06:32:32 +0000
ROA not before: Tue 02 Jan 2024 06:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 192.26.231.0/24 maxlen: 24
192.80.20.0/24 maxlen: 24
192.107.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ThZ-5fjSrA2cwBN7QZEvGBsEibA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ThZ-5fjSrA2cwBN7QZEvGBsEibA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:b1:38:a0:13:4f:c7:bf:0a:77:87:17:53:32:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e167ee5f8d2ac0d9cc0137b41912f181b0489b0
Validity
Not Before: Jan 2 06:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=001168898bb6ba56d25d938480f789a6820278b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cc:15:84:1d:f7:4e:b3:23:15:bd:b3:5d:7d:
da:fc:a0:6f:85:8a:a9:55:42:14:6a:a4:09:98:0f:
9c:ee:21:85:6f:24:c8:69:d6:7d:1d:66:f0:4b:73:
68:83:95:c9:15:81:90:9b:ed:39:e3:68:28:eb:a8:
1d:c1:d2:fb:25:fa:ed:55:39:b8:de:79:4a:15:25:
bb:3b:30:04:96:d4:12:56:9e:6b:a5:98:d9:24:8f:
13:b2:4d:f1:b5:22:73:1f:22:8d:f9:3f:a2:34:0e:
07:97:ca:5d:95:04:bb:68:59:b0:be:5e:00:00:f4:
ca:68:ef:0d:9e:f5:bf:8b:a3:94:6d:15:18:44:95:
06:82:e5:eb:f5:a6:59:ea:87:8d:66:af:d9:7d:2d:
dc:d4:40:7a:d3:e5:c9:61:83:7d:1f:be:8f:b8:7c:
1b:69:00:bd:03:ca:67:94:77:4f:27:d1:69:a9:55:
6a:54:77:c6:dc:a8:56:30:14:33:b2:ef:34:b0:ab:
21:1f:52:ec:ea:6c:48:20:0c:05:e7:b2:35:f8:5b:
f6:e0:24:b4:50:8b:e8:b5:c0:24:78:1c:5d:87:23:
5c:ec:61:dd:ed:ee:11:24:62:29:29:1f:6c:6e:4e:
9d:c7:33:e6:89:33:ff:f6:c7:61:97:32:5c:53:b6:
1f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:11:68:89:8B:B6:BA:56:D2:5D:93:84:80:F7:89:A6:82:02:78:B0
X509v3 Authority Key Identifier:
keyid:4E:16:7E:E5:F8:D2:AC:0D:9C:C0:13:7B:41:91:2F:18:1B:04:89:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ABFoiYu2ulbSXZOEgPeJpoICeLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ThZ-5fjSrA2cwBN7QZEvGBsEibA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.26.231.0/24
192.80.20.0/24
192.107.122.0/24
Signature Algorithm: sha256WithRSAEncryption
98:7f:8f:e7:31:23:d8:ff:b8:6f:f8:c9:33:82:a6:a2:a5:ad:
13:9c:bc:47:23:ba:2e:3c:ab:c3:ab:9e:25:c5:2c:a6:14:6a:
9f:ed:70:0c:d1:c2:a1:0b:52:08:27:7e:bf:0f:e3:ff:0e:89:
00:e5:62:16:39:40:d4:e1:10:35:d6:37:b9:a6:e2:60:7f:86:
98:0c:50:52:04:a3:71:5d:47:80:e4:47:24:ba:4b:4d:01:33:
10:20:0e:b9:c8:8c:55:da:5e:77:ed:96:b6:8b:18:db:a2:56:
e2:26:a4:e7:fb:1a:f7:9e:25:66:08:45:a9:aa:d1:6d:21:8e:
6a:65:ed:35:bb:29:99:fc:db:12:ee:0e:a3:f4:af:ed:04:97:
08:64:44:bb:4b:6d:02:c6:70:fe:e1:c4:1b:f2:9a:ea:e6:4c:
6d:f1:ca:53:17:c3:24:02:7f:7c:5a:ef:66:a5:4d:d6:c9:63:
26:ba:b1:5e:85:ce:b3:16:06:bb:5c:7d:6b:53:fd:86:cf:77:
21:a0:77:ce:e1:6b:a4:8c:72:04:4b:4c:25:65:11:a2:6e:ab:
45:50:46:2d:a2:30:f0:63:92:7e:93:ad:d1:0c:e5:a1:df:1c:
3d:8f:a6:01:5d:1b:7a:b7:4d:7d:32:8f:57:44:3f:36:c8:4b:
44:5a:ec:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI37E4oBNPx78Kd4cXUzImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTY3ZWU1ZjhkMmFjMGQ5Y2MwMTM3YjQxOTEyZjE4MWIw
NDg5YjAwHhcNMjQwMTAyMDYzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDExNjg4OThiYjZiYTU2ZDI1ZDkzODQ4MGY3ODlhNjgyMDI3OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcwVhB33TrMjFb2zXX3a/KBvhYqp
VUIUaqQJmA+c7iGFbyTIadZ9HWbwS3Nog5XJFYGQm+0542go66gdwdL7JfrtVTm4
3nlKFSW7OzAEltQSVp5rpZjZJI8Tsk3xtSJzHyKN+T+iNA4Hl8pdlQS7aFmwvl4A
APTKaO8NnvW/i6OUbRUYRJUGguXr9aZZ6oeNZq/ZfS3c1EB60+XJYYN9H76PuHwb
aQC9A8pnlHdPJ9FpqVVqVHfG3KhWMBQzsu80sKshH1Ls6mxIIAwF57I1+Fv24CS0
UIvotcAkeBxdhyNc7GHd7e4RJGIpKR9sbk6dxzPmiTP/9sdhlzJcU7YfRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAARaImLtrpW0l2ThID3iaaCAniwMB8GA1UdIwQY
MBaAFE4WfuX40qwNnMATe0GRLxgbBImwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhaLTVmalNyQTJjd0JON1FaRXZHQnNFaWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82ZTE3OGUtOWNiZi00ODllLWFhM2Et
ZjY2MmIwYTY1ZThlLzEvQUJGb2lZdTJ1bGJTWFpPRWdQZUpwb0lDZUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82ZTE3OGUtOWNiZi00ODllLWFhM2EtZjY2MmIwYTY1ZThl
LzEvVGhaLTVmalNyQTJjd0JON1FaRXZHQnNFaWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwBrnAwQA
wFAUAwQAwGt6MA0GCSqGSIb3DQEBCwUAA4IBAQCYf4/nMSPY/7hv+Mkzgqaipa0T
nLxHI7ouPKvDq54lxSymFGqf7XAM0cKhC1IIJ36/D+P/DokA5WIWOUDU4RA11je5
puJgf4aYDFBSBKNxXUeA5EckuktNATMQIA65yIxV2l537Za2ixjbolbiJqTn+xr3
niVmCEWpqtFtIY5qZe01uymZ/NsS7g6j9K/tBJcIZES7S20CxnD+4cQb8prq5kxt
8cpTF8MkAn98Wu9mpU3WyWMmurFehc6zFga7XH1rU/2Gz3choHfO4WukjHIES0wl
ZRGibqtFUEYtojDwY5J+k63RDOWh3xw9j6YBXRt6t019Mo9XRD82yEtEWux0
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:25 2024 by rpki-client on console-ams.rpki-client.org