Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/8p4m40RjEEBKt_9L5DN5oCjIiac.roa
File: 8p4m40RjEEBKt_9L5DN5oCjIiac.roa (raw, json)
Hash identifier: Al2NCe+Yyy/mQ/rEwrK2ErQKuyy4RN5pzhL1/BqHB1Q=
Subject key identifier: F2:9E:26:E3:44:63:10:40:4A:B7:FF:4B:E4:33:79:A0:28:C8:89:A7
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 018CC49251DC32BBDC6DDC17FFE4FD3DFDE7
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/8p4m40RjEEBKt_9L5DN5oCjIiac.roa
Signing time: Mon 01 Jan 2024 10:29:32 +0000
ROA not before: Mon 01 Jan 2024 10:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203833
IP address blocks: 159.100.24.0/22 maxlen: 24
79.133.32.0/23 maxlen: 23
79.133.43.0/24 maxlen: 24
2a01:7e1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:51:dc:32:bb:dc:6d:dc:17:ff:e4:fd:3d:fd:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 10:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f29e26e3446310404ab7ff4be43379a028c889a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f1:00:0d:23:08:98:4c:75:dd:c6:8d:b6:39:
32:f9:0e:83:b8:c8:b8:83:a1:0f:4c:91:b0:fc:bf:
46:25:ba:6f:ab:36:db:e8:e9:57:e0:07:59:50:bb:
6c:35:62:fe:4d:a7:a0:3b:b4:3d:a2:2e:b7:a4:e0:
40:2a:d6:52:a1:55:1a:5a:d6:cb:d1:98:5e:29:a8:
39:2f:cd:c2:0e:38:2c:d1:b5:c4:ce:12:5e:8b:8b:
fb:d6:2e:35:d6:19:c0:36:e5:de:38:dc:39:09:86:
a9:e9:82:48:38:4b:c6:07:d5:8a:fa:01:c4:90:02:
3f:4a:09:f0:bb:c8:0d:e6:d8:b5:4d:58:84:ed:f7:
df:ee:07:1f:31:09:47:3c:20:ea:ee:d9:a4:80:9f:
ce:34:f8:e7:0f:85:04:66:6b:b0:34:02:2f:f5:13:
42:5c:09:11:04:65:57:44:ea:23:09:02:cf:94:cc:
3e:bb:a6:e9:c2:cc:9d:37:21:3f:13:17:07:bd:0c:
1d:a8:30:fd:5d:4d:ce:ab:c6:3f:fe:c9:97:ae:51:
57:e1:6c:42:5f:ff:df:37:9d:2f:e6:7d:0c:d7:33:
69:95:e7:c0:0d:18:cc:bb:61:86:f6:83:03:1b:84:
79:bc:93:a4:a4:db:15:d3:aa:ef:7d:d8:ac:28:f8:
d1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9E:26:E3:44:63:10:40:4A:B7:FF:4B:E4:33:79:A0:28:C8:89:A7
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/8p4m40RjEEBKt_9L5DN5oCjIiac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.32.0/23
79.133.43.0/24
159.100.24.0/22
IPv6:
2a01:7e1::/32
Signature Algorithm: sha256WithRSAEncryption
b3:fb:55:ea:2c:5b:09:ef:81:d7:37:fd:d9:07:57:12:0b:17:
cb:c7:42:3c:c4:ea:b1:db:6c:41:63:12:14:76:51:6d:a0:f4:
eb:5c:cb:fb:03:5f:80:67:b4:65:be:d5:03:e7:ea:94:9d:d8:
7f:37:32:7e:d4:b5:b1:1a:9f:aa:5b:d2:51:eb:53:96:0d:38:
76:2c:a8:d1:e6:6e:c8:a5:ff:3e:8e:fb:36:ce:ee:18:23:9d:
ea:b1:36:5e:a4:3b:f5:50:42:e9:bb:dc:dc:0f:11:53:d1:02:
ff:71:c1:68:a7:52:3c:32:00:8f:8b:0a:cc:84:e4:4b:31:0c:
b9:59:72:ee:be:5c:68:e9:d3:b8:87:af:c3:3c:ba:3a:5f:2e:
39:ed:51:d2:a0:7d:a5:13:cb:00:0f:d8:91:57:66:2f:8b:11:
83:0c:f1:8c:cf:0e:33:5e:b9:f7:25:a8:b1:b3:46:fe:92:13:
b2:7b:f0:a2:f0:6c:15:4e:8f:a3:7a:42:e6:40:fa:a1:3f:e2:
8a:79:9b:cc:39:3c:4b:9e:25:46:46:15:dd:78:18:60:45:8b:
a8:84:7d:88:ce:e1:ad:d9:43:8f:fb:da:26:37:79:5a:7e:47:
b0:81:76:d5:18:39:e2:b3:8d:12:9d:85:49:f3:ec:65:7f:fb:
c9:21:da:fa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEklHcMrvcbdwX/+T9Pf3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjQwMTAxMTAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjllMjZlMzQ0NjMxMDQwNGFiN2ZmNGJlNDMzNzlhMDI4Yzg4OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfEADSMImEx13caNtjky+Q6DuMi4
g6EPTJGw/L9GJbpvqzbb6OlX4AdZULtsNWL+TaegO7Q9oi63pOBAKtZSoVUaWtbL
0ZheKag5L83CDjgs0bXEzhJei4v71i411hnANuXeONw5CYap6YJIOEvGB9WK+gHE
kAI/Sgnwu8gN5ti1TViE7fff7gcfMQlHPCDq7tmkgJ/ONPjnD4UEZmuwNAIv9RNC
XAkRBGVXROojCQLPlMw+u6bpwsydNyE/ExcHvQwdqDD9XU3Oq8Y//smXrlFX4WxC
X//fN50v5n0M1zNplefADRjMu2GG9oMDG4R5vJOkpNsV06rvfdisKPjR5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPKeJuNEYxBASrf/S+QzeaAoyImnMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvOHA0bTQwUmpFRUJLdF85TDVETjVvQ2pJaWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBT4UgAwQA
T4UrAwQCn2QYMA0EAgACMAcDBQAqAQfhMA0GCSqGSIb3DQEBCwUAA4IBAQCz+1Xq
LFsJ74HXN/3ZB1cSCxfLx0I8xOqx22xBYxIUdlFtoPTrXMv7A1+AZ7RlvtUD5+qU
ndh/NzJ+1LWxGp+qW9JR61OWDTh2LKjR5m7Ipf8+jvs2zu4YI53qsTZepDv1UELp
u9zcDxFT0QL/ccFop1I8MgCPiwrMhORLMQy5WXLuvlxo6dO4h6/DPLo6Xy457VHS
oH2lE8sAD9iRV2YvixGDDPGMzw4zXrn3Jaixs0b+khOye/Ci8GwVTo+jekLmQPqh
P+KKeZvMOTxLniVGRhXdeBhgRYuohH2IzuGt2UOP+9omN3lafkewgXbVGDnis40S
nYVJ8+xlf/vJIdr6
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:20:18 2024 by rpki-client on console-ams.rpki-client.org