Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/jlA0frueZsS5WUPiFL7R5Z3LhPg.roa
File: jlA0frueZsS5WUPiFL7R5Z3LhPg.roa (raw, json)
Hash identifier: FiC2OH7wf0FeDsiUYUDXKCbyzOW1EW8FXktGMfCoN+4=
Subject key identifier: 8E:50:34:7E:BB:9E:66:C4:B9:59:43:E2:14:BE:D1:E5:9D:CB:84:F8
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 018CC348E7639A5CBDBB86783EF260BBEE69
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/jlA0frueZsS5WUPiFL7R5Z3LhPg.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 185.97.101.0/24 maxlen: 24
185.97.103.0/24 maxlen: 24
185.97.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e7:63:9a:5c:bd:bb:86:78:3e:f2:60:bb:ee:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e50347ebb9e66c4b95943e214bed1e59dcb84f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:57:18:db:f7:2c:2a:90:ca:17:39:dd:06:cc:
24:de:57:a9:2d:91:19:86:1e:35:67:6d:0b:3d:1c:
d6:db:ee:c7:96:ca:f2:ea:b0:b2:2b:fe:c5:a3:a8:
70:75:22:fd:2f:c0:9c:65:28:6f:99:2b:57:7f:03:
4d:4b:e1:72:9c:fa:a4:b9:87:dc:7c:f8:6f:97:04:
b0:a0:0d:b8:fb:89:ab:d3:95:78:0e:74:7d:33:a7:
b4:6a:f1:95:7e:55:b0:76:c4:a0:a7:4b:1d:ff:06:
16:75:47:b5:5a:64:75:49:b2:3f:d6:ab:12:2b:31:
1b:1c:4d:01:5d:98:97:d6:c8:84:7b:d1:26:35:4d:
ff:1f:d7:08:f3:c0:9c:53:7b:3c:1b:e4:b6:5e:24:
bd:e8:ff:27:8b:d0:f1:e5:ec:e5:47:2e:09:11:ca:
d9:8f:97:d4:b3:6e:83:4b:6e:12:e5:25:0d:4b:be:
89:f9:dc:bc:23:04:f3:e4:7c:74:99:00:e6:5d:e0:
c5:75:28:0c:61:d1:64:35:53:80:19:e7:90:36:81:
e9:4b:0d:78:14:39:1c:3f:cb:79:c2:8d:69:d8:be:
2b:9f:50:87:4e:aa:0e:6d:e6:c8:6a:13:09:fd:84:
15:11:6c:3d:50:ee:73:50:f8:77:3e:b7:b9:1a:9b:
04:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:50:34:7E:BB:9E:66:C4:B9:59:43:E2:14:BE:D1:E5:9D:CB:84:F8
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/jlA0frueZsS5WUPiFL7R5Z3LhPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.101.0-185.97.103.255
Signature Algorithm: sha256WithRSAEncryption
b4:4e:65:8e:8d:17:6c:48:29:03:75:71:c1:8a:f4:5d:b9:7c:
f2:a7:fa:af:47:f9:7e:9a:d5:75:1b:e2:b9:53:10:eb:90:6f:
9e:68:1b:7e:a2:28:a5:82:62:a2:4a:e9:52:b3:ae:e1:57:c7:
90:06:49:9c:fb:87:cb:26:cc:e6:1f:ad:8b:8b:bf:d7:d3:c4:
fc:6c:7d:03:42:35:92:63:ae:99:ca:d3:8a:ae:cb:ec:18:cc:
97:68:16:91:cb:d4:8f:8e:7e:42:bc:d5:9b:89:a2:2f:b1:dc:
5e:43:de:7e:72:94:91:19:20:b9:4a:53:86:b4:3d:95:4b:55:
0b:ed:e4:6c:de:3f:06:42:4b:92:ab:4e:32:40:a3:d0:bb:a0:
b0:cc:8c:ed:f5:a0:c3:71:dd:d9:32:d6:54:90:02:6c:a9:25:
1a:7b:8b:31:df:37:03:4b:3a:ce:cc:09:c0:cb:45:e0:6b:39:
37:f0:53:ab:fd:c2:70:67:42:1a:ab:c7:6b:05:3a:9c:d6:6a:
cb:46:b1:5b:dc:58:de:c7:ed:16:43:91:cf:77:4e:b9:17:f7:
37:74:4d:89:91:60:aa:e8:39:f1:a0:ae:bf:0a:7c:bf:59:75:
5c:3b:6e:27:7a:15:f3:00:80:fd:5c:7a:5b:a6:3d:da:29:56:
b1:18:49:20
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSOdjmly9u4Z4PvJgu+5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUwMzQ3ZWJiOWU2NmM0Yjk1OTQzZTIxNGJlZDFlNTlkY2I4NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVcY2/csKpDKFzndBswk3lepLZEZ
hh41Z20LPRzW2+7Hlsry6rCyK/7Fo6hwdSL9L8CcZShvmStXfwNNS+FynPqkuYfc
fPhvlwSwoA24+4mr05V4DnR9M6e0avGVflWwdsSgp0sd/wYWdUe1WmR1SbI/1qsS
KzEbHE0BXZiX1siEe9EmNU3/H9cI88CcU3s8G+S2XiS96P8ni9Dx5ezlRy4JEcrZ
j5fUs26DS24S5SUNS76J+dy8IwTz5Hx0mQDmXeDFdSgMYdFkNVOAGeeQNoHpSw14
FDkcP8t5wo1p2L4rn1CHTqoObebIahMJ/YQVEWw9UO5zUPh3Pre5GpsEiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFI5QNH67nmbEuVlD4hS+0eWdy4T4MB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvamxBMGZydWVac1M1V1VQaUZMN1I1WjNMaFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5YWUD
BAO5YWAwDQYJKoZIhvcNAQELBQADggEBALROZY6NF2xIKQN1ccGK9F25fPKn+q9H
+X6a1XUb4rlTEOuQb55oG36iKKWCYqJK6VKzruFXx5AGSZz7h8smzOYfrYuLv9fT
xPxsfQNCNZJjrpnK04quy+wYzJdoFpHL1I+OfkK81ZuJoi+x3F5D3n5ylJEZILlK
U4a0PZVLVQvt5GzePwZCS5KrTjJAo9C7oLDMjO31oMNx3dky1lSQAmypJRp7izHf
NwNLOs7MCcDLReBrOTfwU6v9wnBnQhqrx2sFOpzWastGsVvcWN7H7RZDkc93TrkX
9zd0TYmRYKroOfGgrr8KfL9ZdVw7bid6FfMAgP1celumPdopVrEYSSA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:43 2024 by rpki-client on console-ams.rpki-client.org