Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/aG4mP6U0zIcJHtB1fyacKSJPtfg.roa
File: aG4mP6U0zIcJHtB1fyacKSJPtfg.roa (raw, json)
Hash identifier: 9W7FX+ymN0EOdBTGXU8AfRbc/P8pPVuwDhlV8ig62ao=
Subject key identifier: 68:6E:26:3F:A5:34:CC:87:09:1E:D0:75:7F:26:9C:29:22:4F:B5:F8
Certificate issuer: /CN=13440366007eb56f10e9f99e95204d330508b9b0
Certificate serial: 018CC500D1A92FBC19F0DAD60AA30F786649
Authority key identifier: 13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/aG4mP6U0zIcJHtB1fyacKSJPtfg.roa
Signing time: Mon 01 Jan 2024 12:30:14 +0000
ROA not before: Mon 01 Jan 2024 12:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4755
IP address blocks: 89.31.192.0/24 maxlen: 24
89.31.192.0/21 maxlen: 21
89.31.193.0/24 maxlen: 24
89.31.194.0/24 maxlen: 24
89.31.195.0/24 maxlen: 24
89.31.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.mft
rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 00:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d1:a9:2f:bc:19:f0:da:d6:0a:a3:0f:78:66:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13440366007eb56f10e9f99e95204d330508b9b0
Validity
Not Before: Jan 1 12:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=686e263fa534cc87091ed0757f269c29224fb5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:2d:54:ea:9d:c0:20:c8:1d:5a:5a:3e:24:
6b:80:04:b1:00:54:41:db:9e:58:54:d6:81:c3:c9:
9c:a7:96:e4:ec:e7:e8:27:46:80:24:81:b9:e5:bd:
cc:70:a2:15:13:8e:1f:9d:f2:51:1c:4f:06:30:5b:
60:2f:10:bd:53:47:35:93:59:93:54:2f:e7:9b:ab:
58:f7:5b:bb:61:dd:e7:04:15:5e:79:9a:4c:ab:2f:
cf:42:a8:5f:3a:10:41:3f:6e:2c:40:1f:61:6f:14:
12:92:e8:74:5a:e6:76:9f:1d:f9:df:64:f6:03:79:
ff:7e:13:31:1f:36:0b:4e:3f:bb:92:cb:f2:d5:cc:
7e:86:c0:6f:d1:48:99:87:ea:65:5c:9e:dd:64:93:
62:d5:e3:e8:8d:a3:ec:84:d8:79:88:7d:35:83:f1:
36:b2:b9:f3:1c:4c:85:9f:62:1d:66:c4:ed:59:c2:
e9:d0:45:ce:30:e6:00:fc:6b:91:c3:82:0d:18:ce:
db:27:d3:e2:a8:a0:97:71:82:19:36:3a:6d:65:c8:
30:88:5b:79:c7:1e:09:44:7a:6f:78:e6:ed:f6:5f:
cb:29:d4:c9:05:b0:49:0f:d1:a6:03:88:de:9e:ae:
3b:61:c1:ea:ea:74:17:0f:96:9f:e4:95:37:44:85:
94:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6E:26:3F:A5:34:CC:87:09:1E:D0:75:7F:26:9C:29:22:4F:B5:F8
X509v3 Authority Key Identifier:
keyid:13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/aG4mP6U0zIcJHtB1fyacKSJPtfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.192.0/21
Signature Algorithm: sha256WithRSAEncryption
45:aa:68:e1:62:2d:1d:1c:4e:7f:89:4c:73:9e:c3:4b:2d:27:
f8:5c:38:ea:79:0e:d5:56:ed:8d:e9:50:58:be:eb:7c:b2:85:
9c:e1:e4:68:7c:a2:97:21:2b:05:ed:bf:bb:03:ad:9a:5c:e6:
40:3e:2b:59:aa:50:c4:72:05:92:b4:f6:d7:0a:ae:26:24:1e:
19:d3:3d:31:d6:45:92:8b:76:97:df:8e:b2:5e:08:d8:d5:e9:
57:8d:2f:b8:27:c9:92:53:34:b7:5f:3e:a7:08:7f:b1:a8:7c:
38:a7:24:16:1e:be:50:30:c6:d4:82:a5:9a:82:49:a7:a7:62:
50:4b:1c:db:e3:55:15:e6:6b:bb:45:bf:76:c6:a7:48:aa:aa:
2a:f8:ab:e4:17:00:52:ef:d5:e8:2e:62:1e:fa:99:18:df:7e:
e8:c3:7b:01:03:07:90:e2:5a:f1:85:cc:00:c5:15:a8:36:81:
83:8d:17:3a:b3:4d:e3:ee:5a:04:bb:a2:ab:cb:ba:7c:ad:e0:
73:23:65:0e:cf:b3:8c:f7:b7:75:b3:6d:1b:fc:28:14:ed:5f:
3b:72:7d:aa:de:53:fe:9b:66:02:77:47:87:99:d8:d2:9c:35:
9a:cd:c0:d7:50:76:a1:27:18:77:a9:a8:4a:f0:18:59:b1:5c:
0a:5f:99:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFANGpL7wZ8NrWCqMPeGZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDQwMzY2MDA3ZWI1NmYxMGU5Zjk5ZTk1MjA0ZDMzMDUw
OGI5YjAwHhcNMjQwMTAxMTIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZlMjYzZmE1MzRjYzg3MDkxZWQwNzU3ZjI2OWMyOTIyNGZiNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZktVOqdwCDIHVpaPiRrgASxAFRB
255YVNaBw8mcp5bk7OfoJ0aAJIG55b3McKIVE44fnfJRHE8GMFtgLxC9U0c1k1mT
VC/nm6tY91u7Yd3nBBVeeZpMqy/PQqhfOhBBP24sQB9hbxQSkuh0WuZ2nx3532T2
A3n/fhMxHzYLTj+7ksvy1cx+hsBv0UiZh+plXJ7dZJNi1ePojaPshNh5iH01g/E2
srnzHEyFn2IdZsTtWcLp0EXOMOYA/GuRw4INGM7bJ9PiqKCXcYIZNjptZcgwiFt5
xx4JRHpveObt9l/LKdTJBbBJD9GmA4jenq47YcHq6nQXD5af5JU3RIWU4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhuJj+lNMyHCR7QdX8mnCkiT7X4MB8GA1UdIwQY
MBaAFBNEA2YAfrVvEOn5npUgTTMFCLmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYt
NDRjMWE0ZWI5NjljLzEvYUc0bVA2VTB6SWNKSHRCMWZ5YWNLU0pQdGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYtNDRjMWE0ZWI5Njlj
LzEvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWR/AMA0G
CSqGSIb3DQEBCwUAA4IBAQBFqmjhYi0dHE5/iUxznsNLLSf4XDjqeQ7VVu2N6VBY
vut8soWc4eRofKKXISsF7b+7A62aXOZAPitZqlDEcgWStPbXCq4mJB4Z0z0x1kWS
i3aX346yXgjY1elXjS+4J8mSUzS3Xz6nCH+xqHw4pyQWHr5QMMbUgqWagkmnp2JQ
Sxzb41UV5mu7Rb92xqdIqqoq+KvkFwBS79XoLmIe+pkY337ow3sBAweQ4lrxhcwA
xRWoNoGDjRc6s03j7loEu6Kry7p8reBzI2UOz7OM97d1s20b/CgU7V87cn2q3lP+
m2YCd0eHmdjSnDWazcDXUHahJxh3qahK8BhZsVwKX5ld
-----END CERTIFICATE-----
Generated at Fri May 17 09:48:47 2024 by rpki-client on console-ams.rpki-client.org