Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/aZ5QN69UTK-YRQdCBnxkEZX85M8.roa
File: aZ5QN69UTK-YRQdCBnxkEZX85M8.roa (raw, json)
Hash identifier: kBS3TdsTUg9hzY7/hagVWIHV2mPHKjmyVaHJX7UIdCg=
Subject key identifier: 69:9E:50:37:AF:54:4C:AF:98:45:07:42:06:7C:64:11:95:FC:E4:CF
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112456A2382D6FF92D4319D440E1A5A58
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/aZ5QN69UTK-YRQdCBnxkEZX85M8.roa
Signing time: Fri 02 Aug 2024 08:47:04 +0000
ROA not before: Fri 02 Aug 2024 08:47:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400040
IP address blocks: 86.104.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:45:6a:23:82:d6:ff:92:d4:31:9d:44:0e:1a:5a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:47:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=699e5037af544caf98450742067c641195fce4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:65:09:11:06:1e:86:e7:99:ce:33:51:1f:
0b:67:75:4a:be:1a:b8:75:4e:7e:ee:04:bd:5a:62:
17:44:b6:6e:98:9c:37:60:9a:4f:cb:b6:69:9e:cc:
13:25:06:f0:a0:f2:28:03:5f:a2:67:95:81:a7:eb:
b6:e5:20:b5:4b:4c:be:d0:1e:c0:e5:82:81:4c:36:
00:52:73:c4:55:04:07:8a:26:70:55:03:7c:1b:8d:
ac:d9:29:7c:3f:96:74:8f:34:f9:56:f6:9b:6a:9e:
eb:70:d2:58:39:83:36:90:e2:7b:af:3c:5f:a1:49:
3a:60:32:c6:d5:4d:12:ca:d0:35:b5:a8:6c:5d:8c:
e9:54:9e:4d:a4:e2:13:bc:52:91:4d:d2:f6:3e:f3:
c0:21:53:93:de:c8:00:c7:10:d0:d8:0e:46:f5:c1:
3a:14:83:f4:78:a4:bb:d5:84:9b:d2:6b:e3:52:a8:
ef:76:1e:2d:93:ee:40:15:12:c3:56:b3:2e:95:b2:
fe:e7:b9:5e:a8:df:77:9f:5c:77:41:b3:e8:3b:b7:
74:28:d0:35:3a:15:3d:b2:96:f8:5a:dc:77:29:53:
fe:b8:84:3a:61:71:7b:d6:6c:47:d3:25:c7:96:52:
f4:a2:6c:48:14:55:0d:83:55:af:1f:51:ea:8b:39:
30:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9E:50:37:AF:54:4C:AF:98:45:07:42:06:7C:64:11:95:FC:E4:CF
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/aZ5QN69UTK-YRQdCBnxkEZX85M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.209.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e1:4c:f7:86:f8:f1:42:b7:5c:a1:82:76:e5:b2:2b:f2:9c:
c6:2e:fd:2a:d0:38:fa:e9:d9:91:a6:13:ac:be:cc:21:e5:b0:
26:d7:23:e4:bf:e5:04:3a:2e:41:42:42:e6:36:de:7a:76:3f:
64:9f:89:96:0d:68:a2:cd:de:80:3c:4c:90:09:57:9c:a6:29:
35:71:e1:10:10:83:1b:80:d6:b6:fa:aa:22:93:2f:fd:46:ac:
21:30:b6:67:06:85:1b:f9:6d:cf:3f:9c:3f:31:0c:8b:6c:b1:
b3:1d:86:8c:92:35:95:70:64:6a:55:c8:19:82:11:6e:ac:d3:
94:8a:7a:0c:ea:57:99:36:3b:43:a0:29:4b:e9:f1:7a:f8:e6:
4f:f6:1e:d9:18:2d:72:ac:78:c6:46:0f:72:b9:2a:d6:71:f2:
dd:ee:66:c2:d9:1a:0d:f2:f2:fe:9b:30:79:d3:63:33:c9:af:
bc:05:14:76:5d:10:18:e4:4c:ee:77:c4:44:7d:6d:eb:51:6c:
29:c9:9e:f6:19:e7:f8:29:87:70:f1:ba:60:e5:0d:d0:2c:5a:
89:39:e6:2f:93:95:84:ce:8d:b8:46:64:52:37:f7:ac:a2:92:
03:e0:76:af:13:f0:e8:44:6f:0c:dd:59:ab:28:19:25:c9:2d:
6c:ed:7f:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESRWojgtb/ktQxnUQOGlpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg0NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTllNTAzN2FmNTQ0Y2FmOTg0NTA3NDIwNjdjNjQxMTk1ZmNlNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1xlCREGHobnmc4zUR8LZ3VKvhq4
dU5+7gS9WmIXRLZumJw3YJpPy7ZpnswTJQbwoPIoA1+iZ5WBp+u25SC1S0y+0B7A
5YKBTDYAUnPEVQQHiiZwVQN8G42s2Sl8P5Z0jzT5Vvabap7rcNJYOYM2kOJ7rzxf
oUk6YDLG1U0SytA1tahsXYzpVJ5NpOITvFKRTdL2PvPAIVOT3sgAxxDQ2A5G9cE6
FIP0eKS71YSb0mvjUqjvdh4tk+5AFRLDVrMulbL+57leqN93n1x3QbPoO7d0KNA1
OhU9spb4Wtx3KVP+uIQ6YXF71mxH0yXHllL0omxIFFUNg1WvH1HqizkwZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmeUDevVEyvmEUHQgZ8ZBGV/OTPMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvYVo1UU42OVVUSy1ZUlFkQ0JueGtFWlg4NU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmjRMA0G
CSqGSIb3DQEBCwUAA4IBAQBP4Uz3hvjxQrdcoYJ25bIr8pzGLv0q0Dj66dmRphOs
vswh5bAm1yPkv+UEOi5BQkLmNt56dj9kn4mWDWiizd6APEyQCVecpik1ceEQEIMb
gNa2+qoiky/9RqwhMLZnBoUb+W3PP5w/MQyLbLGzHYaMkjWVcGRqVcgZghFurNOU
inoM6leZNjtDoClL6fF6+OZP9h7ZGC1yrHjGRg9yuSrWcfLd7mbC2RoN8vL+mzB5
02Mzya+8BRR2XRAY5Ezud8REfW3rUWwpyZ72Gef4KYdw8bpg5Q3QLFqJOeYvk5WE
zo24RmRSN/esopID4HavE/DoRG8M3VmrKBklyS1s7X/E
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:55 2024 by rpki-client on console-ams.rpki-client.org