Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/AKOAS8cNtxGkJ05cyz6fYi56zD4.roa
File: AKOAS8cNtxGkJ05cyz6fYi56zD4.roa (raw, json)
Hash identifier: Ap+9uDg7BnaVNpxl/VkdC3mYGsY5rHt+pNKu8PpsLfo=
Subject key identifier: 00:A3:80:4B:C7:0D:B7:11:A4:27:4E:5C:CB:3E:9F:62:2E:7A:CC:3E
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C876F19E83F0E44BA6E78B3621B5
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/AKOAS8cNtxGkJ05cyz6fYi56zD4.roa
Signing time: Mon 01 Jan 2024 04:29:36 +0000
ROA not before: Mon 01 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204834
IP address blocks: 185.177.233.0/24 maxlen: 24
185.177.232.0/23 maxlen: 23
185.177.232.0/24 maxlen: 24
5.202.106.0/23 maxlen: 23
5.202.106.0/24 maxlen: 24
5.202.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c8:76:f1:9e:83:f0:e4:4b:a6:e7:8b:36:21:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00a3804bc70db711a4274e5ccb3e9f622e7acc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:5c:b8:15:35:14:29:45:c2:cc:2c:13:a9:
42:5d:7d:6d:ca:ca:37:25:90:8f:83:80:d9:04:01:
a1:5f:a4:e8:99:60:b2:37:9d:74:65:f9:92:f5:78:
e9:c3:fc:39:c5:e1:1b:19:5d:ce:35:d4:db:6e:89:
09:b9:f4:6b:4e:e0:82:5f:b1:35:d1:d0:53:0b:27:
ae:2b:8c:36:0b:ba:ee:41:c8:31:e0:78:09:a1:52:
08:5b:e7:e8:bb:18:04:f4:84:f5:a9:db:e0:0f:8b:
a8:cb:14:bd:19:c9:a7:34:44:26:05:f8:5f:a5:b1:
d2:b4:e7:43:9a:ff:f4:48:cc:52:4d:ea:a3:53:a0:
09:e3:27:3d:27:52:8f:a1:92:6e:eb:50:c1:ea:91:
84:fe:d5:fd:c0:d8:d2:77:e3:64:8a:81:24:26:96:
a5:e4:47:10:3e:c9:dc:13:a8:84:23:09:16:7d:bf:
0d:3e:c2:de:ed:34:a0:6f:7e:81:79:45:2f:eb:49:
09:91:6f:33:49:40:61:d8:38:ab:0a:38:68:65:b4:
cd:0f:a3:45:25:48:36:c0:35:ec:cb:be:49:43:9f:
7c:e7:4b:24:c0:7e:6b:ec:36:57:17:5d:cc:95:ff:
65:6e:a8:c0:98:ab:e6:e5:26:d3:35:71:81:8d:96:
80:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A3:80:4B:C7:0D:B7:11:A4:27:4E:5C:CB:3E:9F:62:2E:7A:CC:3E
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/AKOAS8cNtxGkJ05cyz6fYi56zD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.106.0/23
185.177.232.0/23
Signature Algorithm: sha256WithRSAEncryption
17:50:42:ee:d8:5c:fc:1f:72:ae:9b:a7:25:1f:30:49:cd:69:
0d:3a:79:31:fc:66:bb:a8:5f:54:85:8f:2d:5d:b1:a6:5e:cd:
9c:32:b5:f7:c6:e2:e5:1b:d7:6c:83:1a:a9:b8:64:cf:91:45:
f5:bd:04:14:e8:f3:33:13:6c:4b:24:35:bc:30:df:1a:4f:a7:
db:51:ad:98:a9:70:bd:fa:48:e3:43:3a:56:84:f5:07:33:6d:
eb:1d:ec:84:4c:4f:0b:05:f5:69:12:82:96:99:d0:43:45:e1:
ce:dd:8b:fd:ff:36:60:44:9e:13:b1:c3:5d:e6:f4:b9:a4:b4:
bb:49:a0:26:13:07:46:34:29:12:a2:4e:dc:b7:60:99:77:55:
0a:4f:bb:81:8a:d7:73:74:66:31:a8:f4:4a:cb:cb:83:e6:94:
a2:c7:9c:da:34:8b:b7:2b:df:f0:45:83:3f:c6:ef:0b:2a:fe:
b8:f0:e2:74:2a:47:35:77:e0:24:2a:33:1b:a7:b3:12:df:71:
21:74:3e:9f:6d:0d:b0:5d:7c:d1:56:c4:c5:58:9a:3a:95:88:
72:a8:12:94:e8:e1:7b:67:5b:02:6d:41:d8:86:7e:33:43:bb:
74:4d:1f:2d:45:c4:19:7b:c0:e4:b1:db:f6:4e:2a:e7:9d:63:
36:8e:4e:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSMh28Z6D8ORLpueLNiG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGEzODA0YmM3MGRiNzExYTQyNzRlNWNjYjNlOWY2MjJlN2FjYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSxcuBU1FClFwswsE6lCXX1tyso3
JZCPg4DZBAGhX6TomWCyN510ZfmS9Xjpw/w5xeEbGV3ONdTbbokJufRrTuCCX7E1
0dBTCyeuK4w2C7ruQcgx4HgJoVIIW+fouxgE9IT1qdvgD4uoyxS9GcmnNEQmBfhf
pbHStOdDmv/0SMxSTeqjU6AJ4yc9J1KPoZJu61DB6pGE/tX9wNjSd+NkioEkJpal
5EcQPsncE6iEIwkWfb8NPsLe7TSgb36BeUUv60kJkW8zSUBh2DirCjhoZbTND6NF
JUg2wDXsy75JQ59850skwH5r7DZXF13Mlf9lbqjAmKvm5SbTNXGBjZaAMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFACjgEvHDbcRpCdOXMs+n2Iuesw+MB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvQUtPQVM4Y050eEdrSjA1Y3l6NmZZaTU2ekQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBcpqAwQB
ubHoMA0GCSqGSIb3DQEBCwUAA4IBAQAXUELu2Fz8H3Kum6clHzBJzWkNOnkx/Ga7
qF9UhY8tXbGmXs2cMrX3xuLlG9dsgxqpuGTPkUX1vQQU6PMzE2xLJDW8MN8aT6fb
Ua2YqXC9+kjjQzpWhPUHM23rHeyETE8LBfVpEoKWmdBDReHO3Yv9/zZgRJ4TscNd
5vS5pLS7SaAmEwdGNCkSok7ct2CZd1UKT7uBitdzdGYxqPRKy8uD5pSix5zaNIu3
K9/wRYM/xu8LKv648OJ0Kkc1d+AkKjMbp7MS33EhdD6fbQ2wXXzRVsTFWJo6lYhy
qBKU6OF7Z1sCbUHYhn4zQ7t0TR8tRcQZe8Dksdv2TirnnWM2jk4O
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:28:01 2024 by rpki-client on console-ams.rpki-client.org