Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/l68uui-ZT9IAy1Nk-pK0EHkR_7s.roa
File: l68uui-ZT9IAy1Nk-pK0EHkR_7s.roa (raw, json)
Hash identifier: gQ71nzJQ6Pt0LeMsW+CikhMTHvRB63oKtWhHT1zNxc4=
Subject key identifier: 97:AF:2E:BA:2F:99:4F:D2:00:CB:53:64:FA:92:B4:10:79:11:FF:BB
Certificate issuer: /CN=179eb87bdc32793dbfed184a6ffbc14ed15d32a4
Certificate serial: 0192539111D8980B6EC7524CE50E225536CC
Authority key identifier: 17:9E:B8:7B:DC:32:79:3D:BF:ED:18:4A:6F:FB:C1:4E:D1:5D:32:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F564e9wyeT2_7RhKb_vBTtFdMqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/l68uui-ZT9IAy1Nk-pK0EHkR_7s.roa
Signing time: Thu 03 Oct 2024 18:07:49 +0000
ROA not before: Thu 03 Oct 2024 18:07:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60273
IP address blocks: 81.25.32.0/21 maxlen: 21
81.25.40.0/21 maxlen: 21
91.187.0.0/20 maxlen: 20
91.187.16.0/20 maxlen: 20
109.232.112.0/22 maxlen: 22
109.232.116.0/22 maxlen: 22
185.10.80.0/24 maxlen: 24
185.10.81.0/24 maxlen: 24
185.10.82.0/24 maxlen: 24
185.10.83.0/24 maxlen: 24
185.50.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/F564e9wyeT2_7RhKb_vBTtFdMqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/F564e9wyeT2_7RhKb_vBTtFdMqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/F564e9wyeT2_7RhKb_vBTtFdMqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:91:11:d8:98:0b:6e:c7:52:4c:e5:0e:22:55:36:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179eb87bdc32793dbfed184a6ffbc14ed15d32a4
Validity
Not Before: Oct 3 18:07:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97af2eba2f994fd200cb5364fa92b4107911ffbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d9:10:d2:1d:77:8f:2e:0e:cd:b7:e7:bf:83:
fc:4e:2c:ed:13:92:d3:c5:37:ad:2f:c3:69:24:43:
c5:40:b3:40:63:6d:b0:a8:61:21:40:08:a4:84:ab:
3c:57:35:b4:58:16:e2:05:99:f6:b4:17:69:32:10:
b7:9e:52:71:9c:b3:69:4b:b2:08:17:cf:2b:63:d5:
27:38:76:fe:a7:ef:3e:ec:e3:dd:61:90:cf:66:f3:
ca:55:ba:b8:67:4e:15:e7:72:5e:b9:90:0f:ec:bf:
d5:7f:ee:a6:61:2d:ea:bd:9d:39:4b:46:7f:df:e6:
56:cf:3f:0a:22:58:d4:1a:b1:37:dd:b4:ec:0d:6e:
40:0e:fe:4e:7f:5f:6b:26:b0:38:3d:af:5f:44:22:
eb:79:31:fa:64:a5:fe:1e:83:d7:c5:61:85:e0:e6:
c1:c3:b8:fb:36:a1:cf:fc:f7:13:7a:d1:a1:ce:14:
19:d2:15:66:f6:7f:ce:fe:de:e6:60:e8:bd:5a:02:
fa:55:1d:ec:c5:fe:f9:fd:d2:26:8e:55:bf:22:83:
ef:75:21:34:8d:32:18:40:8b:cd:7b:4e:0d:d8:9c:
28:f3:df:2b:fb:1f:b6:1b:fe:68:2f:07:28:af:dc:
30:89:e1:a6:c8:ee:b1:9c:0e:6d:8e:40:db:5d:d7:
50:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AF:2E:BA:2F:99:4F:D2:00:CB:53:64:FA:92:B4:10:79:11:FF:BB
X509v3 Authority Key Identifier:
keyid:17:9E:B8:7B:DC:32:79:3D:BF:ED:18:4A:6F:FB:C1:4E:D1:5D:32:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F564e9wyeT2_7RhKb_vBTtFdMqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/l68uui-ZT9IAy1Nk-pK0EHkR_7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8c0aa8-ad94-47a5-8eee-ef1591afaa86/1/F564e9wyeT2_7RhKb_vBTtFdMqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.32.0/20
91.187.0.0/19
109.232.112.0/21
185.10.80.0/22
185.50.0.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:7c:27:c3:54:2c:a4:a6:e3:5d:61:58:73:ad:ae:41:be:5c:
fd:96:46:f8:b4:f9:ab:f2:20:f6:18:2d:20:72:aa:16:b4:3e:
5b:80:67:c5:b9:76:2f:2c:c8:f4:81:cc:3c:05:3b:8b:a9:9f:
1b:56:9e:e7:b9:4e:0e:43:6e:aa:17:34:c5:15:4a:ea:10:39:
dd:9c:db:8a:5c:49:c5:6a:27:96:c1:04:f2:34:68:3b:81:81:
7f:aa:00:7a:a4:80:39:69:c0:18:18:a2:9f:e3:ae:0f:2f:31:
1b:b4:83:63:4a:90:a3:fb:20:38:da:f9:7e:7a:1b:96:c8:22:
e8:ef:37:c4:2f:57:9d:16:74:66:7c:19:4f:84:eb:64:a1:9d:
f8:32:c0:33:c4:ef:1a:46:2e:1d:08:a0:62:18:d8:ea:cd:0e:
08:13:89:1b:ee:af:be:63:60:20:a2:62:2b:a9:74:bc:32:ae:
74:49:51:8f:d3:83:2d:e9:64:8b:ca:97:a1:da:b2:b7:c9:2b:
6f:b9:34:40:cc:86:0e:72:17:7c:6d:d8:a4:24:73:76:ef:e8:
3a:02:19:40:6c:f3:5b:a9:1f:e1:3f:f5:54:7b:86:ef:97:9b:
fb:03:5a:59:04:90:70:69:5c:17:0d:ee:5f:6b:67:5b:8c:82:
1a:96:b1:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJTkRHYmAtux1JM5Q4iVTbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OWViODdiZGMzMjc5M2RiZmVkMTg0YTZmZmJjMTRlZDE1
ZDMyYTQwHhcNMjQxMDAzMTgwNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FmMmViYTJmOTk0ZmQyMDBjYjUzNjRmYTkyYjQxMDc5MTFmZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NkQ0h13jy4Ozbfnv4P8TiztE5LT
xTetL8NpJEPFQLNAY22wqGEhQAikhKs8VzW0WBbiBZn2tBdpMhC3nlJxnLNpS7II
F88rY9UnOHb+p+8+7OPdYZDPZvPKVbq4Z04V53JeuZAP7L/Vf+6mYS3qvZ05S0Z/
3+ZWzz8KIljUGrE33bTsDW5ADv5Of19rJrA4Pa9fRCLreTH6ZKX+HoPXxWGF4ObB
w7j7NqHP/PcTetGhzhQZ0hVm9n/O/t7mYOi9WgL6VR3sxf75/dImjlW/IoPvdSE0
jTIYQIvNe04N2Jwo898r+x+2G/5oLwcor9wwieGmyO6xnA5tjkDbXddQ0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJevLrovmU/SAMtTZPqStBB5Ef+7MB8GA1UdIwQY
MBaAFBeeuHvcMnk9v+0YSm/7wU7RXTKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjU2NGU5d3llVDJfN1JoS2JfdkJUdEZkTXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84YzBhYTgtYWQ5NC00N2E1LThlZWUt
ZWYxNTkxYWZhYTg2LzEvbDY4dXVpLVpUOUlBeTFOay1wSzBFSGtSXzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84YzBhYTgtYWQ5NC00N2E1LThlZWUtZWYxNTkxYWZhYTg2
LzEvRjU2NGU5d3llVDJfN1JoS2JfdkJUdEZkTXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEURkgAwQF
W7sAAwQDbehwAwQCuQpQAwQCuTIAMA0GCSqGSIb3DQEBCwUAA4IBAQBOfCfDVCyk
puNdYVhzra5Bvlz9lkb4tPmr8iD2GC0gcqoWtD5bgGfFuXYvLMj0gcw8BTuLqZ8b
Vp7nuU4OQ26qFzTFFUrqEDndnNuKXEnFaieWwQTyNGg7gYF/qgB6pIA5acAYGKKf
464PLzEbtINjSpCj+yA42vl+ehuWyCLo7zfEL1edFnRmfBlPhOtkoZ34MsAzxO8a
Ri4dCKBiGNjqzQ4IE4kb7q++Y2AgomIrqXS8Mq50SVGP04Mt6WSLypeh2rK3yStv
uTRAzIYOchd8bdikJHN27+g6AhlAbPNbqR/hP/VUe4bvl5v7A1pZBJBwaVwXDe5f
a2dbjIIalrEN
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:40 2024 by rpki-client on console-ams.rpki-client.org