Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/AkWcdnWbQxO-O4mWtRy35eIKrqA.roa
File: AkWcdnWbQxO-O4mWtRy35eIKrqA.roa (raw, json)
Hash identifier: 8gQeg1qZD+aMYR+/EcE6l6V8kepbSJEm4q1MsFJm1ss=
Subject key identifier: 02:45:9C:76:75:9B:43:13:BE:3B:89:96:B5:1C:B7:E5:E2:0A:AE:A0
Certificate issuer: /CN=c587b9cda75603eb0d9e377167bf7e0c8e440403
Certificate serial: 0191692D00B8D86D1C0227FCCEAC3988C839
Authority key identifier: C5:87:B9:CD:A7:56:03:EB:0D:9E:37:71:67:BF:7E:0C:8E:44:04:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/AkWcdnWbQxO-O4mWtRy35eIKrqA.roa
Signing time: Mon 19 Aug 2024 05:47:22 +0000
ROA not before: Mon 19 Aug 2024 05:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35673
IP address blocks: 82.115.36.0/24 maxlen: 24
194.187.244.0/24 maxlen: 24
194.187.245.0/24 maxlen: 24
194.187.246.0/24 maxlen: 24
194.187.247.0/24 maxlen: 24
2a11:aa80::/48 maxlen: 48
2a11:aa80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/xYe5zadWA-sNnjdxZ79-DI5EBAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/xYe5zadWA-sNnjdxZ79-DI5EBAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:2d:00:b8:d8:6d:1c:02:27:fc:ce:ac:39:88:c8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c587b9cda75603eb0d9e377167bf7e0c8e440403
Validity
Not Before: Aug 19 05:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02459c76759b4313be3b8996b51cb7e5e20aaea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:28:5d:6f:41:6e:54:5c:f7:5f:08:9b:5f:fd:
bc:cd:89:08:21:ae:e8:87:a2:13:66:09:3b:7b:71:
59:67:e6:b8:7d:35:f9:71:96:a5:78:30:4b:a1:e4:
13:b8:7d:1c:cf:87:25:92:a4:52:a3:21:3e:81:f9:
f5:06:da:0c:99:52:b0:f2:3b:4c:66:3b:ae:df:f2:
fc:c7:6e:93:4a:d2:39:7e:9e:e1:5d:59:ee:45:df:
b4:fb:af:8d:fc:44:b5:37:9b:7a:8f:91:e9:6e:d7:
20:e2:a8:87:ed:18:bd:a4:7c:9a:11:c2:28:0e:91:
08:6e:e1:e2:b7:ab:ca:2c:42:7d:62:1d:cd:e5:2c:
61:23:db:5b:40:3e:54:7b:90:18:ba:82:f1:13:83:
e3:6a:e5:27:57:5d:31:6a:28:d4:ef:65:aa:04:a3:
5b:f5:1f:95:6a:1f:77:27:80:e9:8f:a3:27:83:73:
91:c3:99:96:fe:96:ae:ae:f3:82:21:a3:f3:40:9e:
95:85:df:eb:a4:d6:40:94:c5:df:59:82:b1:9a:b6:
50:9a:cd:1e:bb:19:9f:45:fc:61:2c:d8:5f:93:7b:
78:03:85:ad:e8:3a:f9:3b:8d:68:e8:7d:90:2d:1f:
4b:e5:59:ba:5b:d4:1a:27:49:c7:ea:dc:f8:dc:b5:
80:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:45:9C:76:75:9B:43:13:BE:3B:89:96:B5:1C:B7:E5:E2:0A:AE:A0
X509v3 Authority Key Identifier:
keyid:C5:87:B9:CD:A7:56:03:EB:0D:9E:37:71:67:BF:7E:0C:8E:44:04:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYe5zadWA-sNnjdxZ79-DI5EBAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/AkWcdnWbQxO-O4mWtRy35eIKrqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/50d48e-494f-4d14-9f05-e753cf768c14/1/xYe5zadWA-sNnjdxZ79-DI5EBAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.36.0/24
194.187.244.0/22
IPv6:
2a11:aa80::/47
Signature Algorithm: sha256WithRSAEncryption
4b:f3:ca:54:34:b4:88:0b:11:2c:67:39:3e:2e:4d:5e:93:a8:
4c:09:3d:af:36:5c:d2:60:9f:55:9b:8b:6b:4f:a6:c8:8e:ff:
34:f9:f5:b1:8e:87:18:78:19:ee:12:53:f4:05:19:df:39:fd:
9b:d7:98:63:6e:f6:59:f4:c8:a2:6e:6e:ae:46:a5:97:78:af:
a2:d6:1f:84:23:f6:ec:0e:41:41:8b:54:a3:de:88:80:ab:f2:
7f:ea:3a:40:6e:94:08:29:a4:5f:d7:73:df:3c:de:d8:a5:68:
a4:66:67:7c:fd:d3:70:45:77:9e:59:45:25:93:86:20:bc:69:
bc:a4:2d:a9:ce:aa:e8:bf:fd:72:61:14:11:e0:85:67:fc:07:
f0:e5:e0:38:35:4d:6b:42:97:0e:4c:26:ec:34:f1:5a:ef:36:
fa:af:77:74:e5:6d:91:b9:39:7c:4b:12:09:3a:a1:b9:35:fd:
b3:90:a3:25:65:74:e5:78:f5:a1:e2:a3:0a:a7:a5:fe:e5:40:
87:e2:17:b6:d2:21:f5:d9:de:b8:1e:19:c8:2b:85:65:96:02:
78:22:ed:1f:d2:fb:2f:fc:20:ef:0d:65:bd:5c:35:34:b8:8b:
ab:ac:1c:81:19:52:af:c5:1c:2c:b4:7f:f7:5d:72:1f:7a:f1:
82:57:8a:b3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZFpLQC42G0cAif8zqw5iMg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODdiOWNkYTc1NjAzZWIwZDllMzc3MTY3YmY3ZTBjOGU0
NDA0MDMwHhcNMjQwODE5MDU0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ1OWM3Njc1OWI0MzEzYmUzYjg5OTZiNTFjYjdlNWUyMGFhZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApShdb0FuVFz3XwibX/28zYkIIa7o
h6ITZgk7e3FZZ+a4fTX5cZaleDBLoeQTuH0cz4clkqRSoyE+gfn1BtoMmVKw8jtM
Zjuu3/L8x26TStI5fp7hXVnuRd+0+6+N/ES1N5t6j5Hpbtcg4qiH7Ri9pHyaEcIo
DpEIbuHit6vKLEJ9Yh3N5SxhI9tbQD5Ue5AYuoLxE4PjauUnV10xaijU72WqBKNb
9R+Vah93J4Dpj6Mng3ORw5mW/paurvOCIaPzQJ6Vhd/rpNZAlMXfWYKxmrZQms0e
uxmfRfxhLNhfk3t4A4Wt6Dr5O41o6H2QLR9L5Vm6W9QaJ0nH6tz43LWAzQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAJFnHZ1m0MTvjuJlrUct+XiCq6gMB8GA1UdIwQY
MBaAFMWHuc2nVgPrDZ43cWe/fgyORAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFllNXphZFdBLXNObmpkeFo3OS1ESTVFQkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81MGQ0OGUtNDk0Zi00ZDE0LTlmMDUt
ZTc1M2NmNzY4YzE0LzEvQWtXY2RuV2JReE8tTzRtV3RSeTM1ZUlLcnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi81MGQ0OGUtNDk0Zi00ZDE0LTlmMDUtZTc1M2NmNzY4YzE0
LzEveFllNXphZFdBLXNObmpkeFo3OS1ESTVFQkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAUnMkAwQC
wrv0MA8EAgACMAkDBwEqEaqAAAAwDQYJKoZIhvcNAQELBQADggEBAEvzylQ0tIgL
ESxnOT4uTV6TqEwJPa82XNJgn1Wbi2tPpsiO/zT59bGOhxh4Ge4SU/QFGd85/ZvX
mGNu9ln0yKJubq5GpZd4r6LWH4Qj9uwOQUGLVKPeiICr8n/qOkBulAgppF/Xc988
3tilaKRmZ3z903BFd55ZRSWThiC8abykLanOqui//XJhFBHghWf8B/Dl4Dg1TWtC
lw5MJuw08VrvNvqvd3TlbZG5OXxLEgk6obk1/bOQoyVldOV49aHiowqnpf7lQIfi
F7bSIfXZ3rgeGcgrhWWWAngi7R/S+y/8IO8NZb1cNTS4i6usHIEZUq/FHCy0f/dd
ch968YJXirM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:59 2024 by rpki-client on console-ams.rpki-client.org