Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/dr3FvpX0zsC5u26y8bl6QOFyXy4.roa
File: dr3FvpX0zsC5u26y8bl6QOFyXy4.roa (raw, json)
Hash identifier: jzgJElxmelriLlO3cJzAYs/rPlTKtYsrKy8LQ5ADQEM=
Subject key identifier: 76:BD:C5:BE:95:F4:CE:C0:B9:BB:6E:B2:F1:B9:7A:40:E1:72:5F:2E
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018CC5DD375AAF7393359719BE7EE3FD78C1
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/dr3FvpX0zsC5u26y8bl6QOFyXy4.roa
Signing time: Mon 01 Jan 2024 16:30:58 +0000
ROA not before: Mon 01 Jan 2024 16:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12395
IP address blocks: 178.249.167.0/24 maxlen: 24
2a01:728:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:37:5a:af:73:93:35:97:19:be:7e:e3:fd:78:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 16:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76bdc5be95f4cec0b9bb6eb2f1b97a40e1725f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:6b:1b:7c:ff:42:63:0f:00:ab:10:72:91:
3e:53:36:11:67:68:87:90:09:92:73:b9:55:f2:91:
7f:6b:f5:a6:ad:46:5c:13:e3:5b:d7:7f:42:a5:f4:
f5:ca:b7:c6:f5:1b:fc:5e:be:23:fb:dc:13:78:6c:
8f:d4:88:a9:b6:94:95:5e:31:d1:d5:43:13:c0:4e:
b7:78:1b:b9:cb:62:47:a0:1b:a2:b4:a7:c5:6e:46:
2a:a0:71:36:29:95:ba:0c:58:a1:79:c4:f2:1e:5f:
06:83:49:ef:6b:b0:b2:77:22:b1:fd:93:be:b8:47:
f7:af:a4:79:81:e7:c0:04:66:7d:77:62:42:6b:4a:
ac:cf:42:6e:c2:5d:dd:cf:51:7c:f3:d6:b5:b7:3f:
a7:84:73:32:c8:f2:5c:dc:fc:de:e0:66:08:ed:cd:
83:b4:17:4d:a8:49:84:b1:ca:7f:9e:59:55:13:d5:
8e:a4:16:b8:aa:f1:0e:59:e8:d6:a0:43:3b:14:0f:
68:5e:a1:4b:9e:17:71:e2:cd:b3:3f:3b:75:45:4e:
55:ab:4f:6d:ae:d1:1c:a6:5a:95:c8:b3:0c:e7:2d:
98:5b:35:ea:72:ac:05:ec:ff:40:cd:23:88:c3:3f:
73:06:73:65:61:c9:39:15:c1:74:d8:04:90:13:c2:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BD:C5:BE:95:F4:CE:C0:B9:BB:6E:B2:F1:B9:7A:40:E1:72:5F:2E
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/dr3FvpX0zsC5u26y8bl6QOFyXy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.249.167.0/24
IPv6:
2a01:728:108::/48
Signature Algorithm: sha256WithRSAEncryption
1f:10:89:c0:40:91:5a:2f:3c:71:0a:81:7e:6f:44:d4:e8:fa:
4e:43:a0:bf:6d:d4:d3:95:ed:30:cb:31:ad:c3:34:fb:96:c8:
a1:d1:fc:dc:a3:0d:a0:28:26:30:ae:07:c9:d0:7f:69:cd:72:
44:5e:f9:c0:e4:6f:75:a9:43:23:0c:d9:e0:71:b5:52:67:85:
d6:40:8b:df:a8:2a:37:00:cc:1d:d1:83:1d:7d:eb:a9:76:db:
3d:8c:eb:c8:af:21:5b:49:c4:a7:05:9c:63:82:59:55:ea:b7:
4d:8d:ed:bf:be:8a:02:2a:40:47:eb:ea:27:e1:a5:67:04:8f:
3c:5c:56:10:d0:9a:40:22:0e:ce:f0:be:dc:c4:4d:10:11:ab:
f2:1b:f3:2c:48:55:a3:bd:e9:b8:94:56:d9:ad:c4:61:40:df:
e8:f9:f3:08:47:2b:b5:98:8e:91:d6:3e:61:6b:32:29:10:66:
10:b7:1c:b6:7f:43:82:92:64:aa:07:0a:e3:a6:08:74:ea:e2:
f6:be:64:b3:a8:d3:30:9a:cf:8c:fe:5f:0e:cf:26:62:68:2f:
db:70:c4:07:b5:c9:e4:d1:3c:cf:72:36:93:2a:e6:f3:3e:de:
d2:af:d1:7f:16:6b:58:c6:74:37:8f:92:d5:54:bf:7d:16:4c:
59:ae:4a:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3Tdar3OTNZcZvn7j/XjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwMTAxMTYzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmJkYzViZTk1ZjRjZWMwYjliYjZlYjJmMWI5N2E0MGUxNzI1ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWlrG3z/QmMPAKsQcpE+UzYRZ2iH
kAmSc7lV8pF/a/WmrUZcE+Nb139CpfT1yrfG9Rv8Xr4j+9wTeGyP1IiptpSVXjHR
1UMTwE63eBu5y2JHoBuitKfFbkYqoHE2KZW6DFihecTyHl8Gg0nva7CydyKx/ZO+
uEf3r6R5gefABGZ9d2JCa0qsz0Juwl3dz1F889a1tz+nhHMyyPJc3Pze4GYI7c2D
tBdNqEmEscp/nllVE9WOpBa4qvEOWejWoEM7FA9oXqFLnhdx4s2zPzt1RU5Vq09t
rtEcplqVyLMM5y2YWzXqcqwF7P9AzSOIwz9zBnNlYck5FcF02ASQE8JaswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHa9xb6V9M7AubtusvG5ekDhcl8uMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvZHIzRnZwWDB6c0M1dTI2eThibDZRT0Z5WHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsvmnMA8E
AgACMAkDBwAqAQcoAQgwDQYJKoZIhvcNAQELBQADggEBAB8QicBAkVovPHEKgX5v
RNTo+k5DoL9t1NOV7TDLMa3DNPuWyKHR/NyjDaAoJjCuB8nQf2nNckRe+cDkb3Wp
QyMM2eBxtVJnhdZAi9+oKjcAzB3Rgx1966l22z2M68ivIVtJxKcFnGOCWVXqt02N
7b++igIqQEfr6ifhpWcEjzxcVhDQmkAiDs7wvtzETRARq/Ib8yxIVaO96biUVtmt
xGFA3+j58whHK7WYjpHWPmFrMikQZhC3HLZ/Q4KSZKoHCuOmCHTq4va+ZLOo0zCa
z4z+Xw7PJmJoL9twxAe1yeTRPM9yNpMq5vM+3tKv0X8Wa1jGdDePktVUv30WTFmu
SrU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:12 2024 by rpki-client on console-ams.rpki-client.org