Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a66f2d-ca2f-4bca-b27b-d846d106b5f7/1/T-gY9ak4rbVY5Y-DkpzjJTyaxeg.roa
File: T-gY9ak4rbVY5Y-DkpzjJTyaxeg.roa (raw, json)
Hash identifier: 1dzBpMdFrAohllcrhN+4b2vAr04G3zRkvuNc8NYazX0=
Subject key identifier: 4F:E8:18:F5:A9:38:AD:B5:58:E5:8F:83:92:9C:E3:25:3C:9A:C5:E8
Certificate issuer: /CN=8a26f476d608625ad1fe06e52b974a9f66f0141a
Certificate serial: 018CCA99C12FE40E2F2B6B2747B24D985924
Authority key identifier: 8A:26:F4:76:D6:08:62:5A:D1:FE:06:E5:2B:97:4A:9F:66:F0:14:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iib0dtYIYlrR_gblK5dKn2bwFBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/a66f2d-ca2f-4bca-b27b-d846d106b5f7/1/T-gY9ak4rbVY5Y-DkpzjJTyaxeg.roa
Signing time: Tue 02 Jan 2024 14:35:23 +0000
ROA not before: Tue 02 Jan 2024 14:35:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15436
IP address blocks: 193.109.125.0/24 maxlen: 24
193.109.121.0/24 maxlen: 24
81.88.96.0/21 maxlen: 24
193.109.117.0/24 maxlen: 24
193.201.1.0/24 maxlen: 24
193.201.0.0/24 maxlen: 24
193.201.4.0/24 maxlen: 24
193.201.2.0/24 maxlen: 24
193.201.3.0/24 maxlen: 24
193.201.7.0/24 maxlen: 24
193.201.6.0/24 maxlen: 24
193.201.5.0/24 maxlen: 24
2a02:c18::/32 maxlen: 48
2a02:c18::/48 maxlen: 48
2a02:c18:2::/48 maxlen: 48
2a02:c18:6::/48 maxlen: 48
2a02:c18:1::/48 maxlen: 48
2a02:c18:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/a66f2d-ca2f-4bca-b27b-d846d106b5f7/1/iib0dtYIYlrR_gblK5dKn2bwFBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/a66f2d-ca2f-4bca-b27b-d846d106b5f7/1/iib0dtYIYlrR_gblK5dKn2bwFBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iib0dtYIYlrR_gblK5dKn2bwFBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:c1:2f:e4:0e:2f:2b:6b:27:47:b2:4d:98:59:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a26f476d608625ad1fe06e52b974a9f66f0141a
Validity
Not Before: Jan 2 14:35:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe818f5a938adb558e58f83929ce3253c9ac5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:30:c3:da:8c:3f:25:a1:96:b5:72:38:5b:
0f:a6:61:5e:6d:73:6e:88:f4:0a:be:d2:fd:fb:49:
bc:bf:24:a5:d6:0c:a3:2f:73:fe:e5:4f:91:6f:8a:
c6:53:b9:be:fd:f4:25:79:1a:fc:a8:99:f8:a2:64:
33:ba:dc:10:fe:2a:7d:cb:da:84:8f:29:71:f4:ba:
1b:d7:a2:02:c4:cd:17:fa:a9:8f:36:a7:5f:5a:94:
3d:70:b7:0b:f5:af:cb:c1:98:cf:71:24:82:73:cb:
6a:60:ac:85:60:83:de:ea:82:56:0d:69:22:a6:8a:
b9:8c:be:f7:5d:c9:ae:0c:6e:ba:fd:06:8b:36:b8:
2f:61:44:6f:fa:5c:83:2e:8c:5a:43:ed:16:e7:fb:
b5:59:b4:e9:28:59:82:6e:ad:67:7a:bc:10:66:7b:
91:61:29:7f:2d:53:65:5b:d8:bb:91:fb:26:5f:65:
df:10:80:0c:be:ba:ca:bb:cf:ba:50:3a:f9:dd:54:
75:3b:5e:a2:59:c7:10:02:01:0c:1b:fd:45:bb:83:
18:d2:9e:12:fa:1d:df:6c:b9:68:f2:44:08:d2:cd:
17:15:59:e9:99:e3:b9:05:cf:15:db:c2:78:83:29:
19:74:c9:76:e3:4d:db:fa:07:f6:5d:6e:fa:9b:5f:
fd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E8:18:F5:A9:38:AD:B5:58:E5:8F:83:92:9C:E3:25:3C:9A:C5:E8
X509v3 Authority Key Identifier:
keyid:8A:26:F4:76:D6:08:62:5A:D1:FE:06:E5:2B:97:4A:9F:66:F0:14:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iib0dtYIYlrR_gblK5dKn2bwFBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a66f2d-ca2f-4bca-b27b-d846d106b5f7/1/T-gY9ak4rbVY5Y-DkpzjJTyaxeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a66f2d-ca2f-4bca-b27b-d846d106b5f7/1/iib0dtYIYlrR_gblK5dKn2bwFBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.96.0/21
193.109.117.0/24
193.109.121.0/24
193.109.125.0/24
193.201.0.0/21
IPv6:
2a02:c18::/32
Signature Algorithm: sha256WithRSAEncryption
b6:1a:b3:b6:4a:7d:a0:63:6b:32:04:9d:22:59:3a:34:5e:95:
21:c3:56:71:d0:87:eb:91:01:93:ff:9a:0a:f3:29:9a:3c:aa:
74:19:57:93:0d:00:c7:01:3c:0b:ae:99:91:dc:a8:17:b6:63:
c2:90:da:e6:b3:94:e7:6d:01:10:b1:9a:1f:08:a5:d8:84:a8:
33:bc:c9:bd:fa:85:86:40:f2:d1:31:4b:19:b2:de:81:c4:ca:
f1:c8:c1:f0:79:2f:ce:9d:74:1e:70:6c:32:a7:2e:43:6e:e1:
b5:8b:bc:2b:d3:b0:de:62:6c:9d:b9:b3:f4:37:a0:ea:03:e0:
3d:ff:55:e1:f9:a9:b3:b1:67:ed:fa:f6:98:de:84:5d:c8:b5:
46:ca:ac:be:2d:03:d2:c8:2e:4c:73:91:58:47:5b:ab:5c:16:
05:9e:8a:0d:49:1d:6d:a0:3e:05:23:b5:73:15:a9:b1:1c:14:
bf:e0:fc:88:28:7f:6e:79:c6:0b:fb:27:81:91:38:4a:db:4f:
c4:e6:52:d6:fd:e1:27:37:6a:5b:de:26:f0:dc:e3:4c:6c:a5:
19:c1:91:52:34:84:98:a4:6b:09:93:97:42:93:78:03:0b:18:
82:41:04:d5:b3:3a:2a:35:8f:0a:15:ed:55:9d:14:a6:73:db:
09:8a:79:be
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKmcEv5A4vK2snR7JNmFkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMjZmNDc2ZDYwODYyNWFkMWZlMDZlNTJiOTc0YTlmNjZm
MDE0MWEwHhcNMjQwMTAyMTQzNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmU4MThmNWE5MzhhZGI1NThlNThmODM5MjljZTMyNTNjOWFjNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqIww9qMPyWhlrVyOFsPpmFebXNu
iPQKvtL9+0m8vySl1gyjL3P+5U+Rb4rGU7m+/fQleRr8qJn4omQzutwQ/ip9y9qE
jylx9Lob16ICxM0X+qmPNqdfWpQ9cLcL9a/LwZjPcSSCc8tqYKyFYIPe6oJWDWki
poq5jL73XcmuDG66/QaLNrgvYURv+lyDLoxaQ+0W5/u1WbTpKFmCbq1nerwQZnuR
YSl/LVNlW9i7kfsmX2XfEIAMvrrKu8+6UDr53VR1O16iWccQAgEMG/1Fu4MY0p4S
+h3fbLlo8kQI0s0XFVnpmeO5Bc8V28J4gykZdMl2403b+gf2XW76m1/9fQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE/oGPWpOK21WOWPg5Kc4yU8msXoMB8GA1UdIwQY
MBaAFIom9HbWCGJa0f4G5SuXSp9m8BQaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWliMGR0WUlZbHJSX2dibEs1ZEtuMmJ3RkJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hNjZmMmQtY2EyZi00YmNhLWIyN2It
ZDg0NmQxMDZiNWY3LzEvVC1nWTlhazRyYlZZNVktRGtwempKVHlheGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hNjZmMmQtY2EyZi00YmNhLWIyN2ItZDg0NmQxMDZiNWY3
LzEvaWliMGR0WUlZbHJSX2dibEs1ZEtuMmJ3RkJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDUVhgAwQA
wW11AwQAwW15AwQAwW19AwQDwckAMA0EAgACMAcDBQAqAgwYMA0GCSqGSIb3DQEB
CwUAA4IBAQC2GrO2Sn2gY2syBJ0iWTo0XpUhw1Zx0IfrkQGT/5oK8ymaPKp0GVeT
DQDHATwLrpmR3KgXtmPCkNrms5TnbQEQsZofCKXYhKgzvMm9+oWGQPLRMUsZst6B
xMrxyMHweS/OnXQecGwypy5DbuG1i7wr07DeYmydubP0N6DqA+A9/1Xh+amzsWft
+vaY3oRdyLVGyqy+LQPSyC5Mc5FYR1urXBYFnooNSR1toD4FI7VzFamxHBS/4PyI
KH9uecYL+yeBkThK20/E5lLW/eEnN2pb3ibw3ONMbKUZwZFSNISYpGsJk5dCk3gD
CxiCQQTVszoqNY8KFe1VnRSmc9sJinm+
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:54 2024 by rpki-client on console-ams.rpki-client.org