Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AumCpqAMK8mUwZbyhM6ehl0AmhE.roa
File: AumCpqAMK8mUwZbyhM6ehl0AmhE.roa (raw, json)
Hash identifier: Q5wQATcZrWmRsnc/8ynAZotYViSIsPXU0FMbV5cbvWc=
Subject key identifier: 02:E9:82:A6:A0:0C:2B:C9:94:C1:96:F2:84:CE:9E:86:5D:00:9A:11
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC5ED6B25094EEE8C290555B10529
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AumCpqAMK8mUwZbyhM6ehl0AmhE.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60397
IP address blocks: 45.149.116.0/22 maxlen: 24
151.237.130.0/24 maxlen: 24
151.237.132.0/23 maxlen: 24
79.170.148.0/22 maxlen: 24
2.59.112.0/22 maxlen: 24
151.237.134.0/23 maxlen: 24
185.158.8.0/22 maxlen: 24
151.237.58.0/23 maxlen: 24
151.237.56.0/23 maxlen: 24
151.237.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c5:ed:6b:25:09:4e:ee:8c:29:05:55:b1:05:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02e982a6a00c2bc994c196f284ce9e865d009a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fa:40:5c:9b:73:b5:e2:68:49:59:f1:77:e0:
6d:06:c8:ed:68:75:09:5f:c7:47:c8:a9:75:0c:34:
05:c4:5e:5a:c0:52:31:47:24:d3:e2:5f:1d:23:5f:
d3:14:bf:93:86:44:03:5e:b5:58:ec:41:b2:11:1c:
24:1c:e4:2a:2e:84:22:25:1a:9b:f6:39:89:aa:f9:
9d:19:da:d6:8f:d2:95:22:80:0e:37:b4:4e:f5:aa:
4a:78:5a:18:ce:e1:78:af:45:d1:db:85:6c:00:12:
24:55:b9:42:6c:49:07:7f:45:0a:08:76:a0:ac:f3:
db:7e:3d:cf:0d:7a:91:29:64:3d:35:ea:19:7c:42:
11:5c:18:0f:a3:34:12:08:59:f5:22:e1:42:19:55:
29:c8:a3:7d:3a:9f:23:84:32:58:c1:3b:b7:da:09:
4a:c6:a3:47:41:92:87:df:8e:03:10:13:e7:ae:12:
0d:51:75:95:73:40:f4:34:3f:ca:c4:2c:67:72:54:
b3:00:38:27:ff:d8:ae:80:54:8e:74:b4:8b:12:2b:
70:83:dd:00:3a:7e:15:ba:b2:4d:b4:86:9f:86:0e:
9a:08:16:06:02:5d:09:c4:37:d3:f1:e3:84:b3:10:
04:73:a5:11:68:bc:8e:96:89:79:6e:88:70:36:99:
0d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E9:82:A6:A0:0C:2B:C9:94:C1:96:F2:84:CE:9E:86:5D:00:9A:11
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AumCpqAMK8mUwZbyhM6ehl0AmhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.112.0/22
45.149.116.0/22
79.170.148.0/22
151.237.56.0/22
151.237.64.0/23
151.237.130.0/24
151.237.132.0/22
185.158.8.0/22
Signature Algorithm: sha256WithRSAEncryption
36:33:3d:8e:2f:2d:e6:4f:3f:cd:28:da:66:ef:c6:b3:e2:42:
8e:c9:51:61:af:af:d4:ab:b0:ed:8a:92:aa:ba:80:ec:1c:7e:
5b:4f:ab:14:b1:14:5c:d0:14:df:0e:98:aa:44:03:3d:8b:ac:
db:74:79:2e:1b:95:06:2d:7c:55:f6:72:09:ff:ed:6a:0e:f4:
d2:40:e3:df:48:67:ee:51:b0:19:ec:e8:c1:dc:6c:a8:e8:f6:
7f:74:46:90:cd:5c:40:44:bc:c6:9b:f8:e6:1e:55:cd:61:24:
34:a5:b3:ed:11:a5:a6:28:b0:44:2c:1f:fe:6a:33:fc:9b:b5:
40:66:93:b1:dc:db:9c:e8:9a:95:0a:b7:7f:18:c7:59:90:bd:
7c:b1:49:7a:55:84:9d:a9:fb:f0:77:4a:fe:6e:9f:89:07:d9:
a2:c7:d3:e7:63:c3:84:cd:fa:34:3e:ba:4e:6b:3f:3e:63:ac:
38:53:af:85:5f:ca:07:40:19:76:87:3b:3c:cf:43:34:f5:c9:
67:dc:8a:50:1d:15:ab:99:ea:cc:07:09:0c:d7:95:bb:7d:bb:
9c:e2:75:9b:82:9a:ee:e4:91:30:82:dd:d4:c9:17:40:15:55:
33:6a:4f:6c:c6:5e:68:bf:1c:bc:25:49:a3:6a:74:fb:42:54:
c2:99:b8:09
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzC2sXtayUJTu6MKQVVsQUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU5ODJhNmEwMGMyYmM5OTRjMTk2ZjI4NGNlOWU4NjVkMDA5YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPpAXJtzteJoSVnxd+BtBsjtaHUJ
X8dHyKl1DDQFxF5awFIxRyTT4l8dI1/TFL+ThkQDXrVY7EGyERwkHOQqLoQiJRqb
9jmJqvmdGdrWj9KVIoAON7RO9apKeFoYzuF4r0XR24VsABIkVblCbEkHf0UKCHag
rPPbfj3PDXqRKWQ9NeoZfEIRXBgPozQSCFn1IuFCGVUpyKN9Op8jhDJYwTu32glK
xqNHQZKH344DEBPnrhINUXWVc0D0ND/KxCxnclSzADgn/9iugFSOdLSLEitwg90A
On4VurJNtIafhg6aCBYGAl0JxDfT8eOEsxAEc6URaLyOlol5bohwNpkNnwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFALpgqagDCvJlMGW8oTOnoZdAJoRMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvQXVtQ3BxQU1LOG1Vd1pieWhNNmVobDBBbWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjtwAwQC
LZV0AwQCT6qUAwQCl+04AwQBl+1AAwQAl+2CAwQCl+2EAwQCuZ4IMA0GCSqGSIb3
DQEBCwUAA4IBAQA2Mz2OLy3mTz/NKNpm78az4kKOyVFhr6/Uq7DtipKquoDsHH5b
T6sUsRRc0BTfDpiqRAM9i6zbdHkuG5UGLXxV9nIJ/+1qDvTSQOPfSGfuUbAZ7OjB
3Gyo6PZ/dEaQzVxARLzGm/jmHlXNYSQ0pbPtEaWmKLBELB/+ajP8m7VAZpOx3Nuc
6JqVCrd/GMdZkL18sUl6VYSdqfvwd0r+bp+JB9mix9PnY8OEzfo0PrpOaz8+Y6w4
U6+FX8oHQBl2hzs8z0M09cln3IpQHRWrmerMBwkM15W7fbuc4nWbgpru5JEwgt3U
yRdAFVUzak9sxl5ovxy8JUmjanT7QlTCmbgJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:08 2024 by rpki-client on console-ams.rpki-client.org