Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/pPsAzWPis3IZ_7RXngccHUrtbgY.roa
File: pPsAzWPis3IZ_7RXngccHUrtbgY.roa (raw, json)
Hash identifier: J30CBLPnrf9IZC7+HUhF4hUSKYzGR71ZDEHxTYO7pRg=
Subject key identifier: A4:FB:00:CD:63:E2:B3:72:19:FF:B4:57:9E:07:1C:1D:4A:ED:6E:06
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E89FE6E0A55A77E653651686878D2
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/pPsAzWPis3IZ_7RXngccHUrtbgY.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40123
IP address blocks: 83.126.56.0/24 maxlen: 24
83.126.16.0/23 maxlen: 24
83.126.17.0/24 maxlen: 24
83.126.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:89:fe:6e:0a:55:a7:7e:65:36:51:68:68:78:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4fb00cd63e2b37219ffb4579e071c1d4aed6e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:32:b0:cd:e6:de:c4:b5:d1:3c:ed:45:ac:
87:5a:23:07:67:95:ca:73:a0:53:79:d4:87:e2:b0:
48:74:fc:95:41:54:95:05:69:1e:64:9b:cd:b6:d9:
b2:f4:de:ed:51:44:f4:bf:51:7c:e5:4a:7c:d5:9e:
44:e6:e8:05:d1:b7:dd:e2:1d:68:98:e4:bd:c1:3e:
eb:f8:9f:18:40:ac:6b:7e:d9:58:a5:31:43:3e:e1:
6d:3b:25:a6:d1:88:1e:44:c1:8a:17:d4:63:22:2b:
89:72:d4:54:06:5e:b3:4a:e8:e6:73:e2:a6:4c:95:
bf:43:27:43:88:f6:34:7d:51:71:1d:cd:43:40:d0:
4d:f2:1a:48:f5:1e:35:8e:0e:4d:16:29:12:f0:ca:
dc:7e:c4:e5:30:71:b2:48:0b:41:7e:68:73:44:1b:
e5:70:68:2b:66:c6:c6:f4:6a:47:61:07:ec:46:5b:
ea:5d:2b:42:55:88:af:f2:be:5e:61:dc:9c:33:14:
f9:91:93:12:7c:76:1d:fc:50:ac:d5:fa:88:d3:2e:
2c:4c:4a:d8:42:25:fa:22:e3:ea:34:1e:6b:c6:6b:
01:90:b3:4d:b3:d5:68:a1:7c:b1:87:44:22:e4:84:
6b:a2:14:6b:04:b1:37:6b:4f:a6:37:7b:a3:e8:94:
ca:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FB:00:CD:63:E2:B3:72:19:FF:B4:57:9E:07:1C:1D:4A:ED:6E:06
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/pPsAzWPis3IZ_7RXngccHUrtbgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.126.16.0/23
83.126.22.0/24
83.126.56.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:68:27:a5:b2:9f:38:05:bd:51:c2:10:2f:1b:5d:40:ab:ba:
2c:34:46:e2:e5:19:7c:be:0f:a4:45:b7:bc:97:29:33:b9:c3:
c7:e3:79:46:ae:46:3b:60:ca:de:12:64:2b:a8:36:57:99:64:
dc:25:98:07:be:5f:34:9a:b7:02:63:f4:d9:6c:b6:a6:98:21:
c8:8d:6c:01:79:84:43:c5:c8:27:ad:64:4f:dd:97:2d:82:5a:
62:3f:1d:0a:af:fb:9a:f1:f4:7b:60:05:81:da:15:d4:16:25:
83:5e:ad:f8:c9:c5:94:22:69:c5:42:2e:b8:40:a6:f8:8d:84:
10:6d:da:97:b9:04:f4:28:30:2c:35:f7:c7:b4:a3:72:7e:2c:
9e:c3:c0:c4:fc:c0:6c:2a:5f:93:0a:d1:21:78:1c:98:7d:a9:
56:4d:5d:ba:59:fc:76:67:7d:1c:ee:70:3f:7d:ba:5e:58:3e:
c8:e3:48:7d:ab:ea:69:a8:49:7c:c6:1c:a3:87:e6:e5:c2:67:
87:30:0c:df:93:19:70:21:83:35:0a:a7:83:a2:4e:ab:55:c9:
1b:31:f9:83:1f:c3:ae:84:f2:08:84:ea:27:02:15:a7:fd:be:
99:80:ce:e7:8d:3f:75:b1:d0:d4:74:60:e8:90:94:54:c3:a0:
30:61:da:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbon+bgpVp35lNlFoaHjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGZiMDBjZDYzZTJiMzcyMTlmZmI0NTc5ZTA3MWMxZDRhZWQ2ZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBgysM3m3sS10TztRayHWiMHZ5XK
c6BTedSH4rBIdPyVQVSVBWkeZJvNttmy9N7tUUT0v1F85Up81Z5E5ugF0bfd4h1o
mOS9wT7r+J8YQKxrftlYpTFDPuFtOyWm0YgeRMGKF9RjIiuJctRUBl6zSujmc+Km
TJW/QydDiPY0fVFxHc1DQNBN8hpI9R41jg5NFikS8MrcfsTlMHGySAtBfmhzRBvl
cGgrZsbG9GpHYQfsRlvqXStCVYiv8r5eYdycMxT5kZMSfHYd/FCs1fqI0y4sTErY
QiX6IuPqNB5rxmsBkLNNs9VooXyxh0Qi5IRrohRrBLE3a0+mN3uj6JTKAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKT7AM1j4rNyGf+0V54HHB1K7W4GMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvcFBzQXpXUGlzM0laXzdSWG5nY2NIVXJ0YmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBU34QAwQA
U34WAwQAU344MA0GCSqGSIb3DQEBCwUAA4IBAQCfaCelsp84Bb1RwhAvG11Aq7os
NEbi5Rl8vg+kRbe8lykzucPH43lGrkY7YMreEmQrqDZXmWTcJZgHvl80mrcCY/TZ
bLammCHIjWwBeYRDxcgnrWRP3ZctglpiPx0Kr/ua8fR7YAWB2hXUFiWDXq34ycWU
ImnFQi64QKb4jYQQbdqXuQT0KDAsNffHtKNyfiyew8DE/MBsKl+TCtEheByYfalW
TV26Wfx2Z30c7nA/fbpeWD7I40h9q+ppqEl8xhyjh+blwmeHMAzfkxlwIYM1CqeD
ok6rVckbMfmDH8OuhPIIhOonAhWn/b6ZgM7njT91sdDUdGDokJRUw6AwYdpP
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:54:26 2024 by rpki-client on console-ams.rpki-client.org