Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/1-pmA2Z6hQ__PPJ4UmZr7W_ECufQ.roa
File: 1-pmA2Z6hQ__PPJ4UmZr7W_ECufQ.roa (raw, json)
Hash identifier: b9o+0Ot2P51iVuYsYLDckr3AeuXFx4IrSbV3O5WiCio=
Subject key identifier: FA:99:80:D9:9E:A1:43:FF:CF:3C:9E:14:99:9A:FB:5B:F1:02:B9:F4
Certificate issuer: /CN=c04ede1e7bf67199e7ab6f5ed0049e9608317362
Certificate serial: 018CC5012EF3DFD0871AD5909BDA126E764F
Authority key identifier: C0:4E:DE:1E:7B:F6:71:99:E7:AB:6F:5E:D0:04:9E:96:08:31:73:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE7eHnv2cZnnq29e0ASelggxc2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/1-pmA2Z6hQ__PPJ4UmZr7W_ECufQ.roa
Signing time: Mon 01 Jan 2024 12:30:38 +0000
ROA not before: Mon 01 Jan 2024 12:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3274
IP address blocks: 81.20.224.0/20 maxlen: 24
2001:67c:110::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/wE7eHnv2cZnnq29e0ASelggxc2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/wE7eHnv2cZnnq29e0ASelggxc2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/wE7eHnv2cZnnq29e0ASelggxc2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 12:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2e:f3:df:d0:87:1a:d5:90:9b:da:12:6e:76:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04ede1e7bf67199e7ab6f5ed0049e9608317362
Validity
Not Before: Jan 1 12:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa9980d99ea143ffcf3c9e14999afb5bf102b9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fa:5f:98:1d:a7:7b:26:c4:46:f8:c5:02:e7:
80:36:94:74:c7:21:06:da:73:dc:d2:ee:2f:53:ab:
04:ef:98:10:e2:4c:f3:5b:93:9c:7a:db:d5:aa:2c:
f9:be:96:21:50:e2:07:8e:49:6a:0c:b8:26:c9:ce:
17:3a:8a:2c:fd:be:88:17:9a:47:56:46:c4:87:55:
1e:98:1d:0d:67:cb:70:cc:ec:d8:05:8f:25:51:70:
5c:a6:28:f9:ea:82:cf:ca:e1:2d:39:9e:96:d9:bd:
1d:cb:fe:52:2a:34:18:de:a6:af:0b:2b:d2:78:92:
58:93:43:dc:bf:d5:bf:d1:a7:e7:be:73:06:8d:ee:
9f:15:4c:1d:e5:2c:cc:e7:a7:0b:7a:a9:61:a7:a2:
e8:b7:0f:94:18:05:5e:35:34:bc:c8:11:3d:6e:08:
ce:27:80:ea:f0:a7:0b:92:91:a8:08:ae:51:2d:69:
86:23:4c:3c:e6:09:78:62:ef:e6:d1:42:5e:6e:a4:
ad:b3:39:65:92:1c:10:0d:ce:cc:62:73:e0:50:b0:
71:38:f7:91:88:53:c9:49:fd:c3:22:e2:30:2e:10:
e7:cf:1b:eb:29:33:90:57:5a:2e:da:3b:c1:88:30:
fe:a7:7c:f5:09:95:48:ef:32:67:c3:8a:cf:07:5e:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:99:80:D9:9E:A1:43:FF:CF:3C:9E:14:99:9A:FB:5B:F1:02:B9:F4
X509v3 Authority Key Identifier:
keyid:C0:4E:DE:1E:7B:F6:71:99:E7:AB:6F:5E:D0:04:9E:96:08:31:73:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE7eHnv2cZnnq29e0ASelggxc2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/1-pmA2Z6hQ__PPJ4UmZr7W_ECufQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/wE7eHnv2cZnnq29e0ASelggxc2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.224.0/20
IPv6:
2001:67c:110::/48
Signature Algorithm: sha256WithRSAEncryption
63:72:c2:ed:d3:5c:11:49:1e:ce:b4:60:2b:53:e7:a1:47:b2:
44:aa:5a:21:88:09:1b:69:8b:de:ca:0c:d1:fe:00:ee:ef:c4:
79:9d:91:6b:0d:89:7d:30:3f:17:84:97:9c:52:6d:65:9b:4c:
f2:a5:00:f9:47:72:68:40:01:8f:09:97:23:2b:5f:8d:d5:43:
21:a5:9a:b9:20:ce:66:4a:58:b5:b9:68:ec:ed:b9:74:ae:50:
c8:21:88:2c:9a:36:19:1d:ea:98:5f:0f:b7:b7:de:ad:b8:b3:
ba:69:37:4a:56:52:37:46:f3:a1:97:79:5a:37:ae:78:12:1c:
37:ab:e9:6c:9d:09:49:69:de:f5:13:67:7b:13:ae:97:9a:c6:
6f:1e:4a:35:06:47:3c:cd:d9:66:42:8d:f9:4a:0f:41:01:1e:
29:fa:84:f1:ae:62:65:51:a9:b6:f4:55:2c:e3:6f:2b:ca:2c:
0c:19:97:d0:96:8e:5e:66:c9:59:08:92:bd:5c:50:c8:d3:f2:
28:22:5e:d8:7b:75:5d:b0:1b:5a:13:0f:9a:14:06:29:30:77:
8f:30:53:66:dc:6e:11:a3:f6:7f:f4:65:4c:78:4d:b0:e3:30:
7c:07:73:70:92:56:26:44:e1:c6:4f:a8:21:ce:de:03:84:60:
d0:aa:d7:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAS7z39CHGtWQm9oSbnZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGVkZTFlN2JmNjcxOTllN2FiNmY1ZWQwMDQ5ZTk2MDgz
MTczNjIwHhcNMjQwMTAxMTIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTk5ODBkOTllYTE0M2ZmY2YzYzllMTQ5OTlhZmI1YmYxMDJiOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufpfmB2neybERvjFAueANpR0xyEG
2nPc0u4vU6sE75gQ4kzzW5OcetvVqiz5vpYhUOIHjklqDLgmyc4XOoos/b6IF5pH
VkbEh1UemB0NZ8twzOzYBY8lUXBcpij56oLPyuEtOZ6W2b0dy/5SKjQY3qavCyvS
eJJYk0Pcv9W/0afnvnMGje6fFUwd5SzM56cLeqlhp6Lotw+UGAVeNTS8yBE9bgjO
J4Dq8KcLkpGoCK5RLWmGI0w85gl4Yu/m0UJebqStszllkhwQDc7MYnPgULBxOPeR
iFPJSf3DIuIwLhDnzxvrKTOQV1ou2jvBiDD+p3z1CZVI7zJnw4rPB150xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPqZgNmeoUP/zzyeFJma+1vxArn0MB8GA1UdIwQY
MBaAFMBO3h579nGZ56tvXtAEnpYIMXNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0U3ZUhudjJjWm5ucTI5ZTBBU2VsZ2d4YzJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80OWQwNTAtZGFjZS00NWVjLTgxMzkt
OWU3MWY2YTg0ODAxLzEvMS1wbUEyWjZoUV9fUFBKNFVtWnI3V19FQ3VmUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGIvNDlkMDUwLWRhY2UtNDVlYy04MTM5LTllNzFmNmE4NDgw
MS8xL3dFN2VIbnYyY1pubnEyOWUwQVNlbGdneGMySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEBFEU4DAP
BAIAAjAJAwcAIAEGfAEQMA0GCSqGSIb3DQEBCwUAA4IBAQBjcsLt01wRSR7OtGAr
U+ehR7JEqlohiAkbaYveygzR/gDu78R5nZFrDYl9MD8XhJecUm1lm0zypQD5R3Jo
QAGPCZcjK1+N1UMhpZq5IM5mSli1uWjs7bl0rlDIIYgsmjYZHeqYXw+3t96tuLO6
aTdKVlI3RvOhl3laN654Ehw3q+lsnQlJad71E2d7E66XmsZvHko1Bkc8zdlmQo35
Sg9BAR4p+oTxrmJlUam29FUs428ryiwMGZfQlo5eZslZCJK9XFDI0/IoIl7Ye3Vd
sBtaEw+aFAYpMHePMFNm3G4Ro/Z/9GVMeE2w4zB8B3NwklYmROHGT6ghzt4DhGDQ
qtf8
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:29:19 2024 by rpki-client on console-fra.rpki-client.org