Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/A0-rI9JIPT7usOkJyiCyUTLqZy0.roa
File: A0-rI9JIPT7usOkJyiCyUTLqZy0.roa (raw, json)
Hash identifier: g+LA9VcQvsTWrceFQC07z9XvTPhLrC6ySYUcL68f8dc=
Subject key identifier: 03:4F:AB:23:D2:48:3D:3E:EE:B0:E9:09:CA:20:B2:51:32:EA:67:2D
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E87BB1D0760CA95079B392E4F13BE
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/A0-rI9JIPT7usOkJyiCyUTLqZy0.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22005
IP address blocks: 84.207.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:87:bb:1d:07:60:ca:95:07:9b:39:2e:4f:13:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=034fab23d2483d3eeeb0e909ca20b25132ea672d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:29:af:bd:e4:b1:a5:98:d0:ee:48:37:47:1a:
89:77:0b:10:37:2c:fa:f7:44:58:df:a4:35:9a:91:
b0:99:ed:a7:d0:b8:2a:f9:1d:5b:34:83:18:41:c3:
56:2d:c9:87:f0:0a:89:d3:06:ec:4c:d6:a5:1d:c4:
42:58:21:bd:4e:c9:bf:4f:47:50:61:b8:30:52:58:
73:ff:ab:1e:f5:54:3f:15:8f:61:05:9d:2b:72:4a:
18:84:66:30:c4:75:7d:3b:ed:5c:d0:f5:34:86:02:
f1:3e:be:08:f8:d0:e5:55:b2:f9:13:96:6a:c3:cb:
b2:73:93:16:a7:cd:4e:27:53:61:74:2e:92:db:81:
68:38:1b:26:aa:8a:aa:bb:fd:71:29:2f:fe:b5:5d:
4e:96:ab:23:72:09:60:ec:93:ae:39:f3:76:31:4f:
b8:de:01:c2:1a:1d:84:28:0a:7b:e6:72:6a:59:26:
76:30:7d:1f:12:56:d0:f6:84:90:9b:90:b4:a4:2d:
dd:10:14:8b:74:50:02:a4:1e:15:41:ce:f8:99:6c:
a5:4b:4b:26:56:62:18:d2:01:e0:24:b1:8c:4f:4a:
55:9b:53:58:40:f3:98:cd:d7:88:b7:14:67:d3:04:
2d:7e:fe:16:79:bf:8e:ad:50:71:23:07:69:35:9e:
fa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4F:AB:23:D2:48:3D:3E:EE:B0:E9:09:CA:20:B2:51:32:EA:67:2D
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/A0-rI9JIPT7usOkJyiCyUTLqZy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.207.217.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2a:01:d3:2e:1c:9e:17:72:44:db:3f:5b:80:3d:cb:bc:16:
80:60:55:07:a0:37:9f:f6:17:68:2c:98:16:23:25:d0:84:e9:
06:bc:3c:e6:47:6b:f8:3c:03:8a:48:23:b9:e9:2d:c8:73:73:
ff:b3:ff:82:4d:a6:c6:56:9c:b8:1d:5f:8e:97:3b:c1:4c:44:
a3:bf:3c:f8:0b:1d:47:2a:d9:0a:62:27:b2:40:ea:9e:ec:9a:
d3:94:d1:9c:b3:42:61:de:b3:8f:60:84:56:81:e7:b6:d7:a2:
12:99:5c:f4:49:a3:f2:19:ef:97:5e:de:4b:8e:e9:70:ac:b6:
6e:aa:6f:f3:52:ca:5d:ce:ad:2c:e5:09:8d:0f:e6:a7:50:6d:
2f:82:58:2b:7b:78:bf:3c:a8:6f:39:f9:99:98:4a:7f:d2:c5:
6e:1a:d5:57:b6:30:3d:ef:8e:9a:a1:6e:47:4b:99:11:38:1c:
95:f2:e2:52:f2:56:d4:2a:a7:50:a1:19:ed:8e:7a:43:9b:45:
5a:f1:76:d1:99:5d:fc:2b:45:4f:d9:0c:7d:ce:1f:be:b3:2b:
25:b1:26:9a:d8:48:b4:da:da:4e:a5:b0:81:c1:74:c3:82:14:
d4:e6:36:d4:94:01:0f:a4:84:dd:6c:bc:5d:a3:b1:4b:b7:a7:
f1:2f:a8:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFboe7HQdgypUHmzkuTxO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRmYWIyM2QyNDgzZDNlZWViMGU5MDljYTIwYjI1MTMyZWE2NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSmvveSxpZjQ7kg3RxqJdwsQNyz6
90RY36Q1mpGwme2n0Lgq+R1bNIMYQcNWLcmH8AqJ0wbsTNalHcRCWCG9Tsm/T0dQ
YbgwUlhz/6se9VQ/FY9hBZ0rckoYhGYwxHV9O+1c0PU0hgLxPr4I+NDlVbL5E5Zq
w8uyc5MWp81OJ1NhdC6S24FoOBsmqoqqu/1xKS/+tV1Olqsjcglg7JOuOfN2MU+4
3gHCGh2EKAp75nJqWSZ2MH0fElbQ9oSQm5C0pC3dEBSLdFACpB4VQc74mWylS0sm
VmIY0gHgJLGMT0pVm1NYQPOYzdeItxRn0wQtfv4Web+OrVBxIwdpNZ76vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANPqyPSSD0+7rDpCcogslEy6mctMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvQTAtckk5SklQVDd1c09rSnlpQ3lVVExxWnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVM/ZMA0G
CSqGSIb3DQEBCwUAA4IBAQCMKgHTLhyeF3JE2z9bgD3LvBaAYFUHoDef9hdoLJgW
IyXQhOkGvDzmR2v4PAOKSCO56S3Ic3P/s/+CTabGVpy4HV+OlzvBTESjvzz4Cx1H
KtkKYieyQOqe7JrTlNGcs0Jh3rOPYIRWgee216ISmVz0SaPyGe+XXt5LjulwrLZu
qm/zUspdzq0s5QmND+anUG0vglgre3i/PKhvOfmZmEp/0sVuGtVXtjA9746aoW5H
S5kROByV8uJS8lbUKqdQoRntjnpDm0Va8XbRmV38K0VP2Qx9zh++syslsSaa2Ei0
2tpOpbCBwXTDghTU5jbUlAEPpITdbLxdo7FLt6fxL6jJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:04 2024 by rpki-client on console-fra.rpki-client.org