Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/aoDX9LH9DpIoUIZNA9RGH3s4uUs.roa
File: aoDX9LH9DpIoUIZNA9RGH3s4uUs.roa (raw, json)
Hash identifier: 15yVOXa8UpFhjhw4UFmQpYXcolR2sU+92/XVfTQK78Q=
Subject key identifier: 6A:80:D7:F4:B1:FD:0E:92:28:50:86:4D:03:D4:46:1F:7B:38:B9:4B
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018CC56EFF00CAE554444ECE6B0DBD047621
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/aoDX9LH9DpIoUIZNA9RGH3s4uUs.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39483
IP address blocks: 82.119.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft
rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ff:00:ca:e5:54:44:4e:ce:6b:0d:bd:04:76:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a80d7f4b1fd0e922850864d03d4461f7b38b94b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8c:ee:d7:fd:07:da:b2:dd:04:3e:e3:77:1d:
cd:cd:5d:8c:ff:83:76:47:82:2c:b9:23:2e:f6:8d:
79:f1:89:39:7e:1d:a3:6c:e2:25:13:87:76:6d:e0:
02:bf:f3:ee:a4:47:3b:7c:0f:89:63:db:b5:b2:68:
0e:f9:a0:d4:81:b1:00:d0:53:0d:0e:fd:ab:1d:72:
a1:03:fd:79:fa:e2:92:b1:2c:6c:98:bb:7f:17:34:
a2:cd:e5:ce:70:54:3f:96:2c:c5:51:8a:86:1a:93:
0c:4f:05:79:48:b4:6e:3d:bf:73:cd:51:2c:54:d5:
4a:35:85:9f:40:94:3c:c4:3b:02:10:fd:cd:bb:50:
f1:69:c9:8d:a9:14:84:bd:71:88:6f:97:c2:4d:6c:
46:34:2d:42:ad:eb:2f:36:d8:d8:bd:18:00:b6:da:
85:cf:b1:be:31:bb:42:7e:8b:60:bf:63:31:f5:09:
9a:98:31:09:d1:d8:a9:77:e9:75:4d:68:8c:8d:9a:
84:9c:1d:98:b1:7e:06:96:86:4a:65:39:53:0c:0f:
42:ac:ee:a3:32:bf:0d:a0:c5:9c:f6:b0:dc:89:d8:
92:ed:3a:ef:b9:2d:a4:dc:e3:aa:dc:2a:4c:e5:d2:
46:21:3d:5f:01:d0:2d:32:46:01:89:ba:18:92:92:
78:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:80:D7:F4:B1:FD:0E:92:28:50:86:4D:03:D4:46:1F:7B:38:B9:4B
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/aoDX9LH9DpIoUIZNA9RGH3s4uUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.82.0/24
Signature Algorithm: sha256WithRSAEncryption
67:70:7e:17:f3:c0:58:44:13:11:81:92:8a:75:2a:fc:5d:be:
fa:58:fa:f6:a2:77:38:ce:de:55:f4:a0:b5:31:c6:4c:f1:1f:
f4:bf:35:f6:e0:91:7d:18:23:b0:09:4e:f3:35:71:98:5c:be:
ff:2c:ee:bc:4e:72:43:60:26:c3:8e:5c:60:0f:75:14:5d:db:
75:ce:4d:03:f0:ec:b6:c8:ec:89:aa:41:c7:5b:2b:f7:98:5a:
2b:c0:45:d9:0a:60:b5:27:12:50:32:51:64:0a:06:79:ee:4c:
80:48:43:1d:32:d6:fa:9e:35:19:a9:c9:96:25:58:3c:b2:55:
7f:c4:50:34:fe:53:2a:78:d1:15:58:ea:f2:31:7c:7d:fd:86:
47:cb:ee:d7:d6:26:67:29:67:7e:1e:09:91:8c:a8:60:41:82:
88:7d:14:15:8f:06:97:89:9a:a2:e1:5f:6b:07:2d:34:22:74:
a2:5c:41:c3:a1:48:9a:a6:5c:d8:b5:cd:c6:90:87:de:a5:10:
d1:fa:dc:22:7c:85:4a:3f:49:29:0a:20:8d:fd:5f:12:c2:bc:
3c:81:a3:53:f2:f4:da:a9:ee:a3:bd:b4:5e:ba:45:bb:b3:8f:
09:60:ab:ef:86:af:b9:10:fb:61:ad:ee:17:7f:e3:1b:be:49:
93:a8:43:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbv8AyuVURE7Oaw29BHYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgwZDdmNGIxZmQwZTkyMjg1MDg2NGQwM2Q0NDYxZjdiMzhiOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhozu1/0H2rLdBD7jdx3NzV2M/4N2
R4IsuSMu9o158Yk5fh2jbOIlE4d2beACv/PupEc7fA+JY9u1smgO+aDUgbEA0FMN
Dv2rHXKhA/15+uKSsSxsmLt/FzSizeXOcFQ/lizFUYqGGpMMTwV5SLRuPb9zzVEs
VNVKNYWfQJQ8xDsCEP3Nu1DxacmNqRSEvXGIb5fCTWxGNC1CresvNtjYvRgAttqF
z7G+MbtCfotgv2Mx9QmamDEJ0dipd+l1TWiMjZqEnB2YsX4GloZKZTlTDA9CrO6j
Mr8NoMWc9rDcidiS7TrvuS2k3OOq3CpM5dJGIT1fAdAtMkYBiboYkpJ4VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqA1/Sx/Q6SKFCGTQPURh97OLlLMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvYW9EWDlMSDlEcElvVUlaTkE5UkdIM3M0dVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUndSMA0G
CSqGSIb3DQEBCwUAA4IBAQBncH4X88BYRBMRgZKKdSr8Xb76WPr2onc4zt5V9KC1
McZM8R/0vzX24JF9GCOwCU7zNXGYXL7/LO68TnJDYCbDjlxgD3UUXdt1zk0D8Oy2
yOyJqkHHWyv3mForwEXZCmC1JxJQMlFkCgZ57kyASEMdMtb6njUZqcmWJVg8slV/
xFA0/lMqeNEVWOryMXx9/YZHy+7X1iZnKWd+HgmRjKhgQYKIfRQVjwaXiZqi4V9r
By00InSiXEHDoUiaplzYtc3GkIfepRDR+twifIVKP0kpCiCN/V8Swrw8gaNT8vTa
qe6jvbReukW7s48JYKvvhq+5EPthre4Xf+MbvkmTqEPC
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:46 2024 by rpki-client on console-ams.rpki-client.org