Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/Af1AYd4MSUXZ52QilDpdUKTnv6A.roa
File: Af1AYd4MSUXZ52QilDpdUKTnv6A.roa (raw, json)
Hash identifier: 9ANtmrWDKR1U/SaejZuOykgFxw7pLMoisV6PUzAKhAY=
Subject key identifier: 01:FD:40:61:DE:0C:49:45:D9:E7:64:22:94:3A:5D:50:A4:E7:BF:A0
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 018CC794E06D0AB63B665B05318BD83CF405
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/Af1AYd4MSUXZ52QilDpdUKTnv6A.roa
Signing time: Tue 02 Jan 2024 00:31:11 +0000
ROA not before: Tue 02 Jan 2024 00:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27176
IP address blocks: 185.73.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:e0:6d:0a:b6:3b:66:5b:05:31:8b:d8:3c:f4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 2 00:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01fd4061de0c4945d9e76422943a5d50a4e7bfa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c6:40:7f:55:01:a5:81:bf:a5:83:6c:3c:c2:
2c:c2:8e:c0:a9:29:fd:8c:d7:23:a8:42:45:6b:6c:
60:57:e7:7e:6f:ff:12:4e:34:be:5f:8e:d5:bf:47:
0c:15:ec:5a:3b:24:e0:4f:00:6d:15:2e:e8:05:a9:
ae:e0:1c:4c:10:c4:f9:da:0e:0c:4f:cb:9a:6c:bd:
17:70:f6:71:bf:e2:fe:6a:7c:96:26:e0:8a:94:d0:
e3:2c:2f:03:f4:7f:9e:8e:94:7e:9b:7b:cb:d3:bc:
ee:cf:10:b6:cf:80:da:79:34:af:71:2d:36:d6:07:
f7:13:f4:b7:d5:74:75:80:00:bd:5f:63:d1:73:01:
eb:1b:58:c2:e1:e9:61:b9:a5:98:dd:6c:03:da:f5:
ac:92:9d:cc:a9:10:af:ca:b6:c8:2a:52:f9:14:2e:
60:84:42:2b:9f:04:80:c9:a4:1b:53:3c:a3:1c:c8:
16:d3:6e:c3:01:c3:7b:11:36:08:e4:1a:a0:0f:f9:
92:a6:37:d3:5b:1a:c0:e0:1a:70:6a:84:b9:d6:8d:
f0:f0:54:af:f7:a1:cf:eb:60:e0:f6:1c:d7:1f:06:
d5:b4:39:db:b5:a9:10:e5:7a:b5:44:a2:34:2d:a8:
49:22:a7:1a:e1:fa:bc:3e:96:98:88:6f:40:06:41:
3d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FD:40:61:DE:0C:49:45:D9:E7:64:22:94:3A:5D:50:A4:E7:BF:A0
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/Af1AYd4MSUXZ52QilDpdUKTnv6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.243.0/24
Signature Algorithm: sha256WithRSAEncryption
45:17:68:dd:c9:6d:ca:64:1e:fd:91:b7:f0:07:3f:b9:a5:3d:
5e:5d:d8:c2:73:d7:22:e7:bf:e6:ed:7d:1e:ae:e8:03:46:69:
c2:b1:be:32:f3:0e:cb:04:dc:f5:4e:8b:4a:fa:a3:3e:07:6a:
31:12:3c:f2:29:e7:c0:3e:9c:0c:fe:f7:f6:52:f1:a0:58:19:
6f:c7:cc:ad:2a:9e:fd:b1:21:89:b1:70:2d:de:2b:4f:59:b0:
4f:fb:1b:2f:3c:8a:99:06:d1:19:20:6e:29:2f:eb:68:fd:80:
21:8f:3d:6e:c7:92:c7:58:4a:08:85:79:c4:8c:32:1c:4e:88:
2a:a3:8d:e8:06:8a:39:ae:32:24:4e:e8:2d:ba:0d:53:ab:c8:
e0:ec:07:9c:2f:82:1a:b3:10:ba:90:e2:e0:8b:86:51:93:3f:
c2:4a:da:3d:4c:42:f2:90:2f:dc:2e:e2:19:15:2b:e9:7a:9b:
fa:ee:40:ba:d5:0f:60:32:01:05:93:10:cd:d9:28:d3:9a:a3:
c4:d2:cf:8e:51:28:99:1f:78:62:9a:36:61:28:f1:38:df:6a:
70:33:36:23:00:e8:fd:f3:d2:70:3e:48:47:ad:d6:98:c2:05:
5c:16:36:2c:ca:70:b3:8e:20:1d:ba:9c:1d:61:11:27:12:cb:
e2:70:99:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlOBtCrY7ZlsFMYvYPPQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjQwMTAyMDAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZkNDA2MWRlMGM0OTQ1ZDllNzY0MjI5NDNhNWQ1MGE0ZTdiZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsZAf1UBpYG/pYNsPMIswo7AqSn9
jNcjqEJFa2xgV+d+b/8STjS+X47Vv0cMFexaOyTgTwBtFS7oBamu4BxMEMT52g4M
T8uabL0XcPZxv+L+anyWJuCKlNDjLC8D9H+ejpR+m3vL07zuzxC2z4DaeTSvcS02
1gf3E/S31XR1gAC9X2PRcwHrG1jC4elhuaWY3WwD2vWskp3MqRCvyrbIKlL5FC5g
hEIrnwSAyaQbUzyjHMgW027DAcN7ETYI5BqgD/mSpjfTWxrA4BpwaoS51o3w8FSv
96HP62Dg9hzXHwbVtDnbtakQ5Xq1RKI0LahJIqca4fq8PpaYiG9ABkE9WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAH9QGHeDElF2edkIpQ6XVCk57+gMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvQWYxQVlkNE1TVVhaNTJRaWxEcGRVS1RudjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUnzMA0G
CSqGSIb3DQEBCwUAA4IBAQBFF2jdyW3KZB79kbfwBz+5pT1eXdjCc9ci57/m7X0e
rugDRmnCsb4y8w7LBNz1TotK+qM+B2oxEjzyKefAPpwM/vf2UvGgWBlvx8ytKp79
sSGJsXAt3itPWbBP+xsvPIqZBtEZIG4pL+to/YAhjz1ux5LHWEoIhXnEjDIcTogq
o43oBoo5rjIkTugtug1Tq8jg7AecL4IasxC6kOLgi4ZRkz/CSto9TELykC/cLuIZ
FSvpepv67kC61Q9gMgEFkxDN2SjTmqPE0s+OUSiZH3himjZhKPE432pwMzYjAOj9
89JwPkhHrdaYwgVcFjYsynCzjiAdupwdYREnEsvicJlV
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:13 2024 by rpki-client on console-ams.rpki-client.org