Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/AY41g7jENdTv0omzcJALsXBpNwE.roa
File: AY41g7jENdTv0omzcJALsXBpNwE.roa (raw, json)
Hash identifier: XMyqwhRbZbeMaD60q9yaz7nIgcEpPS5v6OUjJDYtXFs=
Subject key identifier: 01:8E:35:83:B8:C4:35:D4:EF:D2:89:B3:70:90:0B:B1:70:69:37:01
Certificate issuer: /CN=a86e257c32d9dbb819d517d55054f767d7161d2c
Certificate serial: 018CC50146EC531E27A6AC0C20D10FD9480E
Authority key identifier: A8:6E:25:7C:32:D9:DB:B8:19:D5:17:D5:50:54:F7:67:D7:16:1D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/AY41g7jENdTv0omzcJALsXBpNwE.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57381
IP address blocks: 193.150.22.0/24 maxlen: 24
193.150.22.0/23 maxlen: 23
193.150.23.0/24 maxlen: 24
2001:67c:24e4::/48 maxlen: 48
2001:67c:2a00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:46:ec:53:1e:27:a6:ac:0c:20:d1:0f:d9:48:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86e257c32d9dbb819d517d55054f767d7161d2c
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=018e3583b8c435d4efd289b370900bb170693701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:25:31:1b:c2:26:62:9f:dc:db:90:32:a1:12:
2e:03:e7:3f:d3:58:47:c4:f2:6b:88:60:f7:12:32:
11:69:35:1a:b9:c1:2d:02:86:ef:c7:37:e9:83:b6:
da:07:2d:e5:ef:5b:76:35:be:28:4b:aa:8f:5c:6f:
90:01:98:17:1b:87:e4:84:a2:83:5e:c1:48:e0:93:
44:c2:10:10:3f:af:eb:d9:2a:d6:7d:75:c8:90:b6:
78:f8:12:3b:cc:2f:56:3a:f6:68:28:ad:6d:29:cc:
a4:16:97:73:a1:c4:bf:f1:69:57:46:c5:7b:8b:04:
57:c0:14:41:66:03:7c:f0:88:8b:68:d7:6d:a9:f9:
98:06:9c:fe:b0:65:a8:ad:db:35:15:9c:0a:34:69:
08:60:2e:20:c7:71:59:0e:e7:62:cb:40:34:4f:19:
8e:e6:55:67:19:d2:ea:4c:24:da:45:fc:c2:0b:c6:
bb:ea:ba:ca:11:70:21:c8:31:b5:a7:73:49:36:33:
67:91:18:aa:4f:bc:a0:6b:b9:65:bc:ff:3e:1d:a1:
55:91:d6:d9:8d:6e:39:4e:54:33:f1:14:0d:e2:23:
be:aa:03:e8:0b:b7:f6:29:40:8f:db:0e:a9:a7:d8:
54:b0:84:d4:46:12:30:c3:d0:d9:4a:03:82:74:9b:
85:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8E:35:83:B8:C4:35:D4:EF:D2:89:B3:70:90:0B:B1:70:69:37:01
X509v3 Authority Key Identifier:
keyid:A8:6E:25:7C:32:D9:DB:B8:19:D5:17:D5:50:54:F7:67:D7:16:1D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/AY41g7jENdTv0omzcJALsXBpNwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/596fd5-6e44-486e-82c2-487f034c4727/1/qG4lfDLZ27gZ1RfVUFT3Z9cWHSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.22.0/23
IPv6:
2001:67c:24e4::/48
2001:67c:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
2c:3c:9f:46:40:fe:f7:94:5f:0e:3e:94:98:5e:f7:38:8c:c2:
13:ef:58:c4:76:28:dc:b6:af:34:96:4b:3f:a1:e3:16:68:52:
1f:ff:17:c5:cb:4a:b6:94:6e:7a:be:13:70:67:ee:33:36:c1:
7f:1b:b6:40:e2:f1:66:37:27:b1:3a:a9:16:27:a0:a7:05:04:
58:c2:97:df:c6:df:26:c5:2b:01:3a:64:74:4b:31:a0:de:01:
07:ab:65:d7:d1:79:4d:e1:a6:b0:d9:53:5d:fd:0d:38:0e:69:
23:7b:2e:41:d7:30:09:57:d0:8e:41:13:5d:b6:7b:6d:cc:64:
38:48:d7:9e:9f:8b:cc:e4:9e:46:04:99:70:fe:4a:26:be:00:
1c:4e:22:4d:01:49:8f:0c:23:55:ce:3b:e7:b0:1c:76:1c:1d:
57:9c:1a:c5:0d:29:b5:67:57:65:7d:c9:b9:fe:f3:65:e1:e8:
58:ab:e0:6b:39:33:40:15:0b:a3:ac:68:0b:36:db:d7:49:a0:
41:bf:52:b4:0d:bd:c4:36:3b:a9:0d:0e:20:2c:ad:83:5c:f7:
1a:92:09:12:b4:3f:9d:9d:7d:73:87:1d:22:f6:8a:5a:b8:60:
e6:cd:3b:40:82:1d:38:67:ce:0a:f0:90:19:9e:9b:5d:e2:e4:
3b:53:34:74
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFAUbsUx4npqwMINEP2UgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NmUyNTdjMzJkOWRiYjgxOWQ1MTdkNTUwNTRmNzY3ZDcx
NjFkMmMwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMThlMzU4M2I4YzQzNWQ0ZWZkMjg5YjM3MDkwMGJiMTcwNjkzNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCUxG8ImYp/c25AyoRIuA+c/01hH
xPJriGD3EjIRaTUaucEtAobvxzfpg7baBy3l71t2Nb4oS6qPXG+QAZgXG4fkhKKD
XsFI4JNEwhAQP6/r2SrWfXXIkLZ4+BI7zC9WOvZoKK1tKcykFpdzocS/8WlXRsV7
iwRXwBRBZgN88IiLaNdtqfmYBpz+sGWords1FZwKNGkIYC4gx3FZDudiy0A0TxmO
5lVnGdLqTCTaRfzCC8a76rrKEXAhyDG1p3NJNjNnkRiqT7yga7llvP8+HaFVkdbZ
jW45TlQz8RQN4iO+qgPoC7f2KUCP2w6pp9hUsITURhIww9DZSgOCdJuF6QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAGONYO4xDXU79KJs3CQC7FwaTcBMB8GA1UdIwQY
MBaAFKhuJXwy2du4GdUX1VBU92fXFh0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUc0bGZETFoyN2daMVJmVlVGVDNaOWNXSFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81OTZmZDUtNmU0NC00ODZlLTgyYzIt
NDg3ZjAzNGM0NzI3LzEvQVk0MWc3akVOZFR2MG9temNKQUxzWEJwTndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81OTZmZDUtNmU0NC00ODZlLTgyYzItNDg3ZjAzNGM0NzI3
LzEvcUc0bGZETFoyN2daMVJmVlVGVDNaOWNXSFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwZYWMBgE
AgACMBIDBwAgAQZ8JOQDBwAgAQZ8KgAwDQYJKoZIhvcNAQELBQADggEBACw8n0ZA
/veUXw4+lJhe9ziMwhPvWMR2KNy2rzSWSz+h4xZoUh//F8XLSraUbnq+E3Bn7jM2
wX8btkDi8WY3J7E6qRYnoKcFBFjCl9/G3ybFKwE6ZHRLMaDeAQerZdfReU3hprDZ
U139DTgOaSN7LkHXMAlX0I5BE122e23MZDhI156fi8zknkYEmXD+Sia+ABxOIk0B
SY8MI1XOO+ewHHYcHVecGsUNKbVnV2V9ybn+82Xh6Fir4Gs5M0AVC6OsaAs229dJ
oEG/UrQNvcQ2O6kNDiAsrYNc9xqSCRK0P52dfXOHHSL2ilq4YObNO0CCHThnzgrw
kBmem13i5DtTNHQ=
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:55:54 2024 by rpki-client on console-ams.rpki-client.org