Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/4bwae-a8pxGF-v2rsIP2Sf9eobU.roa
File: 4bwae-a8pxGF-v2rsIP2Sf9eobU.roa (raw, json)
Hash identifier: 0MqE+Zw2rq/15VaGxS2lp0EHS/XMzWsUyLwconT/Up8=
Subject key identifier: E1:BC:1A:7B:E6:BC:A7:11:85:FA:FD:AB:B0:83:F6:49:FF:5E:A1:B5
Certificate issuer: /CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
Certificate serial: 01926C8B7602A87436FEA39248228CA6ABA3
Authority key identifier: 6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/4bwae-a8pxGF-v2rsIP2Sf9eobU.roa
Signing time: Tue 08 Oct 2024 14:32:11 +0000
ROA not before: Tue 08 Oct 2024 14:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 185.157.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/aqb54-JiKngVolnljVUkOcJVoxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/aqb54-JiKngVolnljVUkOcJVoxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:8b:76:02:a8:74:36:fe:a3:92:48:22:8c:a6:ab:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
Validity
Not Before: Oct 8 14:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1bc1a7be6bca71185fafdabb083f649ff5ea1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:33:06:76:82:d6:51:c2:46:62:ac:22:87:
fc:28:50:f6:fd:3a:36:23:e3:f0:95:10:b3:1d:f6:
69:76:11:5a:55:85:07:49:ff:b2:aa:30:79:03:39:
d2:33:d6:cd:1f:e5:dd:a0:7a:99:6e:ee:cd:9a:db:
e4:33:7c:80:01:ea:f4:6c:77:ab:18:7c:fd:69:0b:
27:76:c6:ff:23:62:c6:c2:55:49:28:c0:33:6a:d2:
d0:bd:2c:09:6f:e4:1f:4b:92:11:9b:18:ed:c0:b8:
92:cb:94:c1:ea:1e:bd:9c:2f:a0:a7:94:51:af:18:
d4:94:ef:db:8c:c3:d3:2f:b9:0d:2c:03:28:3c:d2:
45:4b:8d:38:85:12:df:78:db:2e:06:ee:0e:85:95:
ec:cb:3a:9f:25:fd:10:68:eb:a7:d8:7d:33:68:10:
f9:25:7d:24:bb:77:f4:de:b9:8d:19:08:a0:a1:db:
32:e4:5c:81:98:83:96:e0:f3:d5:8f:f3:9f:ed:40:
61:41:37:2a:5d:7e:22:1a:68:9c:5c:c6:4f:f3:c2:
07:d8:17:07:2e:38:05:b7:ca:88:37:45:5b:75:66:
cd:9a:b8:bd:b1:f5:64:73:ff:53:67:89:7c:27:40:
8b:85:88:8e:56:c8:ba:50:e8:fb:84:ea:87:df:02:
64:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:1A:7B:E6:BC:A7:11:85:FA:FD:AB:B0:83:F6:49:FF:5E:A1:B5
X509v3 Authority Key Identifier:
keyid:6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/4bwae-a8pxGF-v2rsIP2Sf9eobU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/aqb54-JiKngVolnljVUkOcJVoxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.204.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f7:bd:9d:fb:21:d9:05:9a:54:8f:10:b7:a3:8a:b8:05:fe:
8b:e1:07:f9:37:b1:e5:6f:fa:34:6f:4c:1d:ba:cb:24:73:e8:
06:8d:96:b7:fe:0d:35:08:dd:21:bd:28:45:24:5e:86:ad:c9:
fe:b0:99:e3:e4:8f:2a:8e:e2:fe:06:2d:91:18:30:d7:7c:00:
1a:1c:b4:f5:63:ac:0f:fc:15:c2:38:a5:a3:6d:40:f3:62:61:
bd:64:28:4c:95:f7:6b:7c:56:14:71:2e:3a:2d:9c:b5:9a:13:
eb:02:21:d1:c8:04:69:02:bc:92:d8:3e:d1:ab:2b:c6:43:95:
e1:fd:4f:bc:2f:89:e8:25:e6:af:64:0e:99:b4:ed:17:8b:c5:
a0:7b:92:c4:de:47:3e:1d:58:0b:2b:c4:74:93:ae:f7:39:60:
7a:0d:49:85:be:24:8f:92:bc:63:b5:2b:b4:75:5c:98:00:d8:
8a:1e:25:b8:86:0b:a2:3e:99:7c:69:cf:32:f6:4d:ee:45:9c:
f8:ab:d8:f3:78:49:c8:f2:f0:00:c6:1a:64:d8:7f:8e:38:b4:
a0:e4:f0:6d:b3:2e:17:c0:2f:dd:4c:5e:f6:42:69:bc:67:20:
63:58:ce:ee:a7:0f:d8:59:19:8d:1b:51:2d:86:ad:7f:9a:8c:
0e:56:5c:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJsi3YCqHQ2/qOSSCKMpqujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYTZmOWUzZTI2MjJhNzgxNWEyNTllNThkNTUyNDM5YzI1
NWEzMWIwHhcNMjQxMDA4MTQzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJjMWE3YmU2YmNhNzExODVmYWZkYWJiMDgzZjY0OWZmNWVhMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcEzBnaC1lHCRmKsIof8KFD2/To2
I+PwlRCzHfZpdhFaVYUHSf+yqjB5AznSM9bNH+XdoHqZbu7NmtvkM3yAAer0bHer
GHz9aQsndsb/I2LGwlVJKMAzatLQvSwJb+QfS5IRmxjtwLiSy5TB6h69nC+gp5RR
rxjUlO/bjMPTL7kNLAMoPNJFS404hRLfeNsuBu4OhZXsyzqfJf0QaOun2H0zaBD5
JX0ku3f03rmNGQigodsy5FyBmIOW4PPVj/Of7UBhQTcqXX4iGmicXMZP88IH2BcH
LjgFt8qIN0VbdWbNmri9sfVkc/9TZ4l8J0CLhYiOVsi6UOj7hOqH3wJkawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOG8GnvmvKcRhfr9q7CD9kn/XqG1MB8GA1UdIwQY
MBaAFGqm+ePiYip4FaJZ5Y1VJDnCVaMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFiNTQtSmlLbmdWb2xubGpWVWtPY0pWb3hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MzY4MDYtYmI2ZC00NWYzLTg4Mzct
YzUwNzM0ZDAyMGYwLzEvNGJ3YWUtYThweEdGLXYycnNJUDJTZjllb2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MzY4MDYtYmI2ZC00NWYzLTg4MzctYzUwNzM0ZDAyMGYw
LzEvYXFiNTQtSmlLbmdWb2xubGpWVWtPY0pWb3hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ3MMA0G
CSqGSIb3DQEBCwUAA4IBAQCO972d+yHZBZpUjxC3o4q4Bf6L4Qf5N7Hlb/o0b0wd
usskc+gGjZa3/g01CN0hvShFJF6Grcn+sJnj5I8qjuL+Bi2RGDDXfAAaHLT1Y6wP
/BXCOKWjbUDzYmG9ZChMlfdrfFYUcS46LZy1mhPrAiHRyARpAryS2D7RqyvGQ5Xh
/U+8L4noJeavZA6ZtO0Xi8Wge5LE3kc+HVgLK8R0k673OWB6DUmFviSPkrxjtSu0
dVyYANiKHiW4hguiPpl8ac8y9k3uRZz4q9jzeEnI8vAAxhpk2H+OOLSg5PBtsy4X
wC/dTF72Qmm8ZyBjWM7upw/YWRmNG1Ethq1/mowOVlwq
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:11:13 2024 by rpki-client on console-ams.rpki-client.org