Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/AOUsCduJrxObGqw-qXb3vUwUBp8.roa
File: AOUsCduJrxObGqw-qXb3vUwUBp8.roa (raw, json)
Hash identifier: TwVi1wQhW8A8BjjE6/TM8dFuYRUR6DJeAKXAjsTaVdk=
Subject key identifier: 00:E5:2C:09:DB:89:AF:13:9B:1A:AC:3E:A9:76:F7:BD:4C:14:06:9F
Certificate issuer: /CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Certificate serial: 018CC9BCB2803DA4AA64965E473C77EB7BF1
Authority key identifier: A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/AOUsCduJrxObGqw-qXb3vUwUBp8.roa
Signing time: Tue 02 Jan 2024 10:33:55 +0000
ROA not before: Tue 02 Jan 2024 10:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29070
IP address blocks: 185.103.21.0/24 maxlen: 24
185.103.23.0/24 maxlen: 24
185.103.20.0/24 maxlen: 24
185.103.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b2:80:3d:a4:aa:64:96:5e:47:3c:77:eb:7b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Validity
Not Before: Jan 2 10:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00e52c09db89af139b1aac3ea976f7bd4c14069f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:6c:e7:67:8c:e8:cd:d0:75:03:dd:3b:fe:
09:75:a9:7c:2d:43:ee:6b:45:54:6d:40:7f:d0:b7:
50:40:37:86:e2:55:de:fd:c1:12:cc:bd:4d:cb:fb:
00:42:2d:5a:f7:f0:38:48:24:c3:ec:02:6c:59:98:
18:46:01:bb:b8:44:4b:70:b9:44:5d:71:b2:0e:c0:
a9:c4:1c:9c:fd:65:ee:2e:9f:3e:d2:0c:89:c5:29:
51:12:3b:17:d0:26:dc:71:8b:48:ac:3e:2e:e9:ad:
56:04:f3:d9:57:39:04:e0:24:90:0c:bc:ce:92:3c:
37:de:71:31:6c:79:8d:93:d4:52:83:bc:6b:8e:c4:
be:f2:bd:cc:8f:19:e6:c1:98:2d:af:c3:d8:fc:0c:
4c:70:06:0d:c2:29:16:8b:d6:09:3f:cf:02:8e:c1:
59:1b:25:65:40:89:4e:2e:1d:92:60:59:55:50:e6:
f5:a6:88:25:74:2c:c1:07:35:07:66:27:1a:6b:31:
64:f4:43:6b:4b:6d:22:94:8b:d9:90:21:3e:de:0e:
e1:58:e8:1b:e6:71:dd:74:b5:f2:f5:46:d0:93:ed:
59:91:31:a6:28:a3:08:04:fe:42:6e:41:24:aa:40:
13:2e:13:30:70:3b:62:d4:e4:58:23:76:55:75:e3:
15:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E5:2C:09:DB:89:AF:13:9B:1A:AC:3E:A9:76:F7:BD:4C:14:06:9F
X509v3 Authority Key Identifier:
keyid:A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/AOUsCduJrxObGqw-qXb3vUwUBp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.20.0/22
Signature Algorithm: sha256WithRSAEncryption
16:03:47:8c:5c:53:ff:46:51:5a:40:2b:69:3a:40:e7:72:2d:
4b:6b:01:7d:7f:99:9c:55:5d:3e:2c:c0:dc:60:da:5c:36:e2:
5c:dc:87:06:23:65:87:94:c6:2c:cb:3f:5a:43:db:3e:64:e1:
d4:7f:e4:ce:97:66:e8:6f:95:36:b8:61:cf:bd:40:88:0b:8b:
5b:23:eb:21:19:50:48:79:e5:9b:09:24:b9:70:cb:11:10:11:
76:55:e9:41:b7:fd:b8:cd:16:2a:4f:ba:1c:e1:dd:e1:c4:73:
0b:f6:1b:52:19:a7:2d:e4:fd:13:9f:c9:70:d0:e5:6c:fe:d7:
2a:7b:71:f9:fc:f0:47:11:30:ec:07:37:9d:73:ab:60:a4:2d:
c1:e8:b3:3e:a6:96:d9:a5:b6:78:ab:c3:db:a7:af:3a:3b:fb:
69:b3:f2:9f:8f:60:4d:62:d0:39:20:ab:77:5c:2a:0e:b5:7f:
42:6d:42:ff:24:8f:c1:65:ba:e6:dc:7e:07:e7:59:52:29:dc:
21:5f:f8:0e:2a:1e:00:f0:ce:da:9e:c5:26:53:15:4f:7e:53:
64:74:ba:94:2f:ac:49:8a:df:03:2e:0e:77:2c:4e:e8:20:e1:
b3:af:71:a2:9e:05:89:a7:54:f0:40:34:aa:43:b1:f7:05:f2:
39:ad:8f:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLKAPaSqZJZeRzx363vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZThhMjVhOTM3OTJhNThiM2EyZDgwZmIxYWFkOTU5ZTY1
YWVkZGYwHhcNMjQwMTAyMTAzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU1MmMwOWRiODlhZjEzOWIxYWFjM2VhOTc2ZjdiZDRjMTQwNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/Zs52eM6M3QdQPdO/4Jdal8LUPu
a0VUbUB/0LdQQDeG4lXe/cESzL1Ny/sAQi1a9/A4SCTD7AJsWZgYRgG7uERLcLlE
XXGyDsCpxByc/WXuLp8+0gyJxSlREjsX0CbccYtIrD4u6a1WBPPZVzkE4CSQDLzO
kjw33nExbHmNk9RSg7xrjsS+8r3MjxnmwZgtr8PY/AxMcAYNwikWi9YJP88CjsFZ
GyVlQIlOLh2SYFlVUOb1pogldCzBBzUHZicaazFk9ENrS20ilIvZkCE+3g7hWOgb
5nHddLXy9UbQk+1ZkTGmKKMIBP5CbkEkqkATLhMwcDti1ORYI3ZVdeMVawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADlLAnbia8TmxqsPql2971MFAafMB8GA1UdIwQY
MBaAFKboolqTeSpYs6LYD7Gq2VnmWu3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzct
NGVhZWIyYTIzYjI3LzEvQU9Vc0NkdUpyeE9iR3F3LXFYYjN2VXdVQnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzctNGVhZWIyYTIzYjI3
LzEvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcUMA0G
CSqGSIb3DQEBCwUAA4IBAQAWA0eMXFP/RlFaQCtpOkDnci1LawF9f5mcVV0+LMDc
YNpcNuJc3IcGI2WHlMYsyz9aQ9s+ZOHUf+TOl2bob5U2uGHPvUCIC4tbI+shGVBI
eeWbCSS5cMsREBF2VelBt/24zRYqT7oc4d3hxHML9htSGact5P0Tn8lw0OVs/tcq
e3H5/PBHETDsBzedc6tgpC3B6LM+ppbZpbZ4q8Pbp686O/tps/Kfj2BNYtA5IKt3
XCoOtX9CbUL/JI/BZbrm3H4H51lSKdwhX/gOKh4A8M7ansUmUxVPflNkdLqUL6xJ
it8DLg53LE7oIOGzr3GingWJp1TwQDSqQ7H3BfI5rY+T
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:52 2024 by rpki-client on console-fra.rpki-client.org