Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/AYrvL5VLvZfDYQDOZxuCZf9U2PU.roa
File: AYrvL5VLvZfDYQDOZxuCZf9U2PU.roa (raw, json)
Hash identifier: rJIT9IKJ0A7A5MAq7rRoqCYIDdsWjzqvjdUwbAQ7ZmU=
Subject key identifier: 01:8A:EF:2F:95:4B:BD:97:C3:61:00:CE:67:1B:82:65:FF:54:D8:F5
Certificate issuer: /CN=fa307821230e7ba81a4d471a591e78ea759c6934
Certificate serial: 018CC64AD657F2B05887CF4B89EB45C2AB73
Authority key identifier: FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/AYrvL5VLvZfDYQDOZxuCZf9U2PU.roa
Signing time: Mon 01 Jan 2024 18:30:42 +0000
ROA not before: Mon 01 Jan 2024 18:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203034
IP address blocks: 185.147.20.0/22 maxlen: 22
2a07:5480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/1-jB4ISMOe6gaTUcaWR546nWcaTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/1-jB4ISMOe6gaTUcaWR546nWcaTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d6:57:f2:b0:58:87:cf:4b:89:eb:45:c2:ab:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa307821230e7ba81a4d471a591e78ea759c6934
Validity
Not Before: Jan 1 18:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=018aef2f954bbd97c36100ce671b8265ff54d8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1a:3b:8d:a8:54:86:6c:2a:2e:d3:ab:ae:28:
aa:bf:e8:ce:6b:b7:fd:b8:ce:f8:9b:36:42:29:43:
ba:5f:4f:99:7e:7b:8f:c5:7a:ff:c7:f5:c5:f3:7d:
e1:44:9c:d0:a9:09:b9:db:4d:ad:c5:2b:82:ab:44:
0c:19:79:47:96:0a:a4:71:fa:b5:80:11:fe:0c:3a:
c7:42:fe:42:1f:87:05:b7:73:f4:1c:a4:2f:6e:34:
fd:08:0b:8a:f5:a7:e7:0a:89:9b:9e:ca:2f:c9:6a:
b0:17:93:05:52:61:50:8d:bd:c0:c4:71:a2:0b:6b:
6a:5e:44:01:c4:ae:e4:2a:81:a2:e1:fd:0d:44:f5:
43:1c:a3:ce:cc:2a:f7:bc:58:82:cd:c9:35:26:69:
c6:ef:92:39:17:c9:d2:f6:5a:53:48:61:2b:32:87:
f0:b2:18:3e:1e:55:15:9d:a8:ae:5e:6a:85:bd:08:
ba:0a:7a:f0:fe:37:c6:77:63:e9:30:8f:e5:ee:4e:
37:f5:44:8f:b6:95:b0:99:4e:53:d7:ac:11:0c:55:
f2:a5:8f:72:18:b5:fc:b0:e9:77:6c:b3:52:14:81:
f2:ff:4a:ed:7e:ec:a1:c2:f9:e7:40:ea:78:b3:48:
45:f2:f7:1c:d2:b2:eb:cb:61:3f:8c:a5:7e:78:d2:
3d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8A:EF:2F:95:4B:BD:97:C3:61:00:CE:67:1B:82:65:FF:54:D8:F5
X509v3 Authority Key Identifier:
keyid:FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/AYrvL5VLvZfDYQDOZxuCZf9U2PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/1-jB4ISMOe6gaTUcaWR546nWcaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.20.0/22
IPv6:
2a07:5480::/29
Signature Algorithm: sha256WithRSAEncryption
69:22:46:05:b3:df:07:de:34:44:25:f8:d8:ca:7d:07:39:45:
cc:b1:ff:e5:b9:56:ba:04:f9:af:c4:1a:75:b2:f3:b5:8e:bd:
de:02:91:15:14:fe:cd:40:38:56:cc:d8:b0:93:29:cb:fc:e0:
aa:42:95:13:c7:4a:8c:17:a8:b6:88:1d:f7:14:7a:82:ae:5f:
ce:3e:94:9d:05:70:69:40:6a:b8:f0:34:35:2a:83:84:ea:e1:
32:e9:f5:72:90:53:3b:a1:a4:ec:71:33:73:86:22:38:e6:87:
3d:9f:19:2a:1e:19:e5:d4:2c:75:75:57:83:59:53:ef:48:91:
57:ee:f0:b2:28:ff:4b:d5:37:ac:89:44:d1:1c:a7:ab:91:99:
82:1a:d1:50:49:80:23:2f:10:31:69:9b:e7:3d:f4:0f:6c:60:
b9:0c:d4:44:08:d1:0a:80:ea:a0:e8:bb:be:07:55:99:d7:8f:
6c:96:b7:cf:2b:da:49:55:40:9a:17:6e:85:19:fa:c7:c2:e4:
b0:e3:c7:5f:72:9c:01:75:40:13:6a:10:5b:b9:c6:9c:bd:a7:
c0:49:ab:d0:c2:ff:8e:81:d3:5d:eb:58:22:18:62:7d:0f:73:
e5:af:90:4d:ca:a0:30:ac:f3:56:08:9b:af:08:5a:b8:e2:6c:
e4:0a:71:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGStZX8rBYh89LietFwqtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMzA3ODIxMjMwZTdiYTgxYTRkNDcxYTU5MWU3OGVhNzU5
YzY5MzQwHhcNMjQwMTAxMTgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMThhZWYyZjk1NGJiZDk3YzM2MTAwY2U2NzFiODI2NWZmNTRkOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkho7jahUhmwqLtOrriiqv+jOa7f9
uM74mzZCKUO6X0+ZfnuPxXr/x/XF833hRJzQqQm5202txSuCq0QMGXlHlgqkcfq1
gBH+DDrHQv5CH4cFt3P0HKQvbjT9CAuK9afnCombnsovyWqwF5MFUmFQjb3AxHGi
C2tqXkQBxK7kKoGi4f0NRPVDHKPOzCr3vFiCzck1JmnG75I5F8nS9lpTSGErMofw
shg+HlUVnaiuXmqFvQi6Cnrw/jfGd2PpMI/l7k439USPtpWwmU5T16wRDFXypY9y
GLX8sOl3bLNSFIHy/0rtfuyhwvnnQOp4s0hF8vcc0rLry2E/jKV+eNI94QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAGK7y+VS72Xw2EAzmcbgmX/VNj1MB8GA1UdIwQY
MBaAFPoweCEjDnuoGk1HGlkeeOp1nGk0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qQjRJU01PZTZnYVRVY2FXUjU0Nm5XY2FUUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2UvOTEwZjY3LTFmZmMtNDFjNC1hMmVh
LWYxZTY1Zjk3Yzg5YS8xL0FZcnZMNVZMdlpmRFlRRE9aeHVDWmY5VTJQVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2UvOTEwZjY3LTFmZmMtNDFjNC1hMmVhLWYxZTY1Zjk3Yzg5
YS8xLzEtakI0SVNNT2U2Z2FUVWNhV1I1NDZuV2NhVFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5kxQw
DQQCAAIwBwMFAyoHVIAwDQYJKoZIhvcNAQELBQADggEBAGkiRgWz3wfeNEQl+NjK
fQc5Rcyx/+W5VroE+a/EGnWy87WOvd4CkRUU/s1AOFbM2LCTKcv84KpClRPHSowX
qLaIHfcUeoKuX84+lJ0FcGlAarjwNDUqg4Tq4TLp9XKQUzuhpOxxM3OGIjjmhz2f
GSoeGeXULHV1V4NZU+9IkVfu8LIo/0vVN6yJRNEcp6uRmYIa0VBJgCMvEDFpm+c9
9A9sYLkM1EQI0QqA6qDou74HVZnXj2yWt88r2klVQJoXboUZ+sfC5LDjx19ynAF1
QBNqEFu5xpy9p8BJq9DC/46B013rWCIYYn0Pc+WvkE3KoDCs81YIm68IWrjibOQK
cQw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:05 2024 by rpki-client on console-ams.rpki-client.org