Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/aGyy1q6RTQGqzii81fL5dCXOn44.roa
File: aGyy1q6RTQGqzii81fL5dCXOn44.roa (raw, json)
Hash identifier: hLjJV/3qHXRvpAG0JNbjeiSSZdXUkbaldo27jd4itZ8=
Subject key identifier: 68:6C:B2:D6:AE:91:4D:01:AA:CE:28:BC:D5:F2:F9:74:25:CE:9F:8E
Certificate issuer: /CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Certificate serial: 018CC72712D6AEB02C21A8F9D312D6C2BE42
Authority key identifier: A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/aGyy1q6RTQGqzii81fL5dCXOn44.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51265
IP address blocks: 176.126.39.0/24 maxlen: 24
193.9.252.0/23 maxlen: 24
178.157.4.0/22 maxlen: 22
185.44.52.0/22 maxlen: 22
185.69.244.0/22 maxlen: 22
62.240.128.0/19 maxlen: 24
83.216.32.0/19 maxlen: 21
2a07:1740::/29 maxlen: 29
2a04:9540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 19:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:12:d6:ae:b0:2c:21:a8:f9:d3:12:d6:c2:be:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=686cb2d6ae914d01aace28bcd5f2f97425ce9f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:db:4e:60:8e:ae:dc:c7:fd:43:60:81:b2:a3:
0c:46:c3:33:e3:6a:f1:d3:d7:70:89:f0:28:8b:79:
51:89:72:d5:5f:0f:7c:e4:ba:1c:d7:80:32:2c:b6:
c0:49:13:48:50:bb:5d:44:e6:ac:32:6e:34:75:f8:
00:30:dd:32:56:24:7e:8c:c1:84:25:05:a2:1c:62:
d2:9e:a1:99:96:d4:9f:8d:8b:64:b6:fc:88:ea:89:
7f:bc:f0:09:eb:07:81:26:47:b9:4e:46:c9:86:f4:
8e:01:e5:41:51:21:e8:b8:13:5b:fa:86:d6:c6:0a:
ae:6c:fc:4b:e1:a2:b9:49:be:c2:7e:78:b2:32:7b:
d4:f1:7e:7e:1d:f6:b6:d1:73:11:9b:1a:36:e8:a7:
f6:5c:6f:86:c4:2c:48:4d:a2:c0:e1:2e:be:05:3e:
b6:05:83:15:86:54:d5:ae:69:55:83:d0:b1:61:e9:
6f:6b:7f:21:e7:ee:d3:48:ce:3b:3f:17:59:a2:dd:
ca:29:08:71:51:fa:08:28:f8:bd:35:2e:d4:82:cf:
60:7b:01:3b:f2:36:64:3b:d4:b3:76:58:16:41:26:
ed:f1:ac:ac:c8:80:e9:fc:7f:10:69:be:d4:2c:fd:
42:fe:6f:36:19:eb:1e:25:1f:df:3f:23:bc:aa:39:
b0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6C:B2:D6:AE:91:4D:01:AA:CE:28:BC:D5:F2:F9:74:25:CE:9F:8E
X509v3 Authority Key Identifier:
keyid:A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/aGyy1q6RTQGqzii81fL5dCXOn44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.128.0/19
83.216.32.0/19
176.126.39.0/24
178.157.4.0/22
185.44.52.0/22
185.69.244.0/22
193.9.252.0/23
IPv6:
2a04:9540::/29
2a07:1740::/29
Signature Algorithm: sha256WithRSAEncryption
c7:9b:16:bc:c3:4c:d3:c1:91:f3:b4:07:15:2e:53:ad:6d:8e:
59:05:d4:cb:52:d5:ef:83:45:37:5b:c4:e1:e3:8f:28:3e:dc:
04:5e:79:37:bb:1b:bd:d4:71:5a:a4:de:6f:19:4f:1c:45:07:
19:0f:e6:16:0d:6f:18:fd:af:38:96:cb:26:85:43:39:dd:92:
9d:cb:2e:ed:18:47:7a:c6:4e:8c:99:11:4f:2d:39:45:38:f2:
46:54:eb:38:8c:47:87:97:f9:1b:d0:4b:c5:96:be:98:0d:3f:
97:ba:6e:20:b6:ec:c6:e4:b0:a9:12:24:0a:0c:ec:7b:e0:ae:
8f:61:c3:58:a5:1a:10:8e:f4:b1:6d:87:51:af:c4:be:ce:10:
ec:48:89:51:39:e1:18:95:d3:30:21:5e:d5:48:be:22:a3:d8:
7e:91:35:4e:48:cd:29:02:55:2b:82:05:fc:d2:f4:55:1e:59:
f5:be:8e:05:86:39:72:c0:02:a8:8f:43:9a:45:f2:7f:2f:9a:
6d:14:00:ce:88:87:08:81:5f:81:1a:a9:9f:73:a7:7b:15:12:
b5:e6:a9:e4:25:15:3e:13:ff:43:aa:b8:60:3d:b4:06:55:27:
56:40:68:e5:c3:b4:b1:36:28:dd:46:14:1b:07:56:e9:71:1c:
55:2f:f9:a0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzHJxLWrrAsIaj50xLWwr5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYmZkMDZjZTg1NWI2MmQ5YjY4OGNkOGM1MzVkNWY0OTRj
ZDM5MzIwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZjYjJkNmFlOTE0ZDAxYWFjZTI4YmNkNWYyZjk3NDI1Y2U5ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NtOYI6u3Mf9Q2CBsqMMRsMz42rx
09dwifAoi3lRiXLVXw985Loc14AyLLbASRNIULtdROasMm40dfgAMN0yViR+jMGE
JQWiHGLSnqGZltSfjYtktvyI6ol/vPAJ6weBJke5TkbJhvSOAeVBUSHouBNb+obW
xgqubPxL4aK5Sb7CfniyMnvU8X5+Hfa20XMRmxo26Kf2XG+GxCxITaLA4S6+BT62
BYMVhlTVrmlVg9CxYelva38h5+7TSM47PxdZot3KKQhxUfoIKPi9NS7Ugs9gewE7
8jZkO9SzdlgWQSbt8aysyIDp/H8Qab7ULP1C/m82GeseJR/fPyO8qjmwYQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGhsstaukU0Bqs4ovNXy+XQlzp+OMB8GA1UdIwQY
MBaAFKC/0GzoVbYtm2iM2MU11fSUzTkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wMzMxNmQtMDRlMC00NjYwLWE2M2Ut
NjcxODM5MjAwNjA0LzEvYUd5eTFxNlJUUUdxemlpODFmTDVkQ1hPbjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wMzMxNmQtMDRlMC00NjYwLWE2M2UtNjcxODM5MjAwNjA0
LzEvb0xfUWJPaFZ0aTJiYUl6WXhUWFY5SlROT1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQFPvCAAwQF
U9ggAwQAsH4nAwQCsp0EAwQCuSw0AwQCuUX0AwQBwQn8MBQEAgACMA4DBQMqBJVA
AwUDKgcXQDANBgkqhkiG9w0BAQsFAAOCAQEAx5sWvMNM08GR87QHFS5TrW2OWQXU
y1LV74NFN1vE4eOPKD7cBF55N7sbvdRxWqTebxlPHEUHGQ/mFg1vGP2vOJbLJoVD
Od2Sncsu7RhHesZOjJkRTy05RTjyRlTrOIxHh5f5G9BLxZa+mA0/l7puILbsxuSw
qRIkCgzse+Cuj2HDWKUaEI70sW2HUa/Evs4Q7EiJUTnhGJXTMCFe1Ui+IqPYfpE1
TkjNKQJVK4IF/NL0VR5Z9b6OBYY5csACqI9DmkXyfy+abRQAzoiHCIFfgRqpn3On
exUSteap5CUVPhP/Q6q4YD20BlUnVkBo5cO0sTYo3UYUGwdW6XEcVS/5oA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:26:47 2024 by rpki-client on console-ams.rpki-client.org