Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/A0wNRtYNAv5pN1_gcmsf_bUnfRk.roa
File: A0wNRtYNAv5pN1_gcmsf_bUnfRk.roa (raw, json)
Hash identifier: 4qrjlA1OwrQa2t6aCVFRejTm2sBkHP6eFx4xuqVqR3U=
Subject key identifier: 03:4C:0D:46:D6:0D:02:FE:69:37:5F:E0:72:6B:1F:FD:B5:27:7D:19
Certificate issuer: /CN=f53353f368dd801cd6102232dfa1cea69dd8cb6c
Certificate serial: 018CC26D6DBE146BD80F2CF4E405CCE1F710
Authority key identifier: F5:33:53:F3:68:DD:80:1C:D6:10:22:32:DF:A1:CE:A6:9D:D8:CB:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/A0wNRtYNAv5pN1_gcmsf_bUnfRk.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.71.219.0/24 maxlen: 24
185.71.216.0/24 maxlen: 24
185.71.217.0/24 maxlen: 24
185.71.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/9TNT82jdgBzWECIy36HOpp3Yy2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/9TNT82jdgBzWECIy36HOpp3Yy2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6d:be:14:6b:d8:0f:2c:f4:e4:05:cc:e1:f7:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f53353f368dd801cd6102232dfa1cea69dd8cb6c
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=034c0d46d60d02fe69375fe0726b1ffdb5277d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:eb:af:61:9a:83:bf:04:e1:f0:59:1b:f3:92:
39:c3:71:77:cc:ba:2d:69:ca:e7:6a:a0:fd:0b:ac:
a0:11:45:0c:3c:38:07:2e:a0:ba:6d:97:a9:ac:e9:
31:88:a9:fc:8a:1d:cd:7a:ac:97:8a:85:67:a7:fb:
77:48:83:b3:d2:87:b7:97:2e:24:4c:76:5c:dc:9f:
b5:45:f8:bf:fe:fb:13:3a:77:07:c0:23:79:a3:b5:
d4:f4:49:7b:23:97:17:5e:f0:60:de:22:91:81:90:
12:49:4b:18:36:cb:76:2b:ae:da:01:e5:98:74:ea:
9c:c1:06:d2:6f:93:ea:fc:68:0a:a7:29:ff:1c:65:
6c:89:4a:d1:ee:03:6b:bf:75:70:c7:fc:af:34:58:
e7:6b:bd:59:99:a2:1d:45:90:86:b5:ca:4f:4f:ce:
1c:2a:bf:34:1d:fc:37:ab:72:57:34:57:8d:52:bb:
06:ce:e0:45:dd:13:eb:bd:45:f1:f8:f3:ca:6f:99:
34:ce:29:83:79:b5:4b:22:a5:05:da:7c:45:c0:63:
39:0d:ed:af:7a:8c:c9:cf:3c:ff:b7:f5:4d:90:81:
31:91:3b:44:90:d9:dd:18:36:24:6e:07:57:ef:b0:
2c:29:d6:27:b0:6d:05:47:fb:f6:8a:77:0a:4c:75:
a7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4C:0D:46:D6:0D:02:FE:69:37:5F:E0:72:6B:1F:FD:B5:27:7D:19
X509v3 Authority Key Identifier:
keyid:F5:33:53:F3:68:DD:80:1C:D6:10:22:32:DF:A1:CE:A6:9D:D8:CB:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/A0wNRtYNAv5pN1_gcmsf_bUnfRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/9TNT82jdgBzWECIy36HOpp3Yy2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.216.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:e7:c9:cb:08:b5:b3:76:73:1f:03:4d:13:13:90:01:00:5b:
4a:67:a3:12:f3:b7:ae:61:53:de:7f:36:1b:bc:bb:15:b0:51:
e6:52:13:3e:53:d1:5f:3a:c9:07:e5:32:d1:f5:19:7b:1e:7c:
d6:2c:9f:77:f5:b0:fc:5b:aa:d6:cb:ba:3b:3d:00:3c:84:c6:
b5:53:d2:cd:36:a5:55:dd:43:de:a1:e5:34:ab:f5:50:a2:91:
d9:ad:5b:4f:ff:9a:63:0d:95:01:90:4b:c5:be:a2:f4:04:ad:
0b:61:6c:b7:21:0f:e8:13:fb:b3:0f:66:a1:4a:f6:55:4d:77:
ff:15:ac:3c:e6:d5:9a:d4:f0:ae:c3:f6:64:86:e6:8e:38:c0:
c3:7a:a9:da:92:b6:a1:73:82:a1:ac:91:ef:f4:f1:35:7b:42:
f7:31:93:ab:12:64:93:0e:aa:9a:61:d2:54:66:b0:91:67:5f:
d4:03:f9:9c:8a:da:be:dc:7a:13:87:9e:b8:51:e2:ae:38:dd:
88:62:d9:3b:c8:8d:d6:d1:5d:e0:bd:2f:cb:47:96:58:23:74:
bb:79:f3:92:1d:b9:f4:20:58:5d:33:e7:0e:6a:0e:a1:b3:eb:
22:58:4c:36:e6:c5:46:4d:84:59:a9:8f:5b:91:0b:b2:1b:cb:
6a:f7:9c:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbW2+FGvYDyz05AXM4fcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MzM1M2YzNjhkZDgwMWNkNjEwMjIzMmRmYTFjZWE2OWRk
OGNiNmMwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRjMGQ0NmQ2MGQwMmZlNjkzNzVmZTA3MjZiMWZmZGI1Mjc3ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuuvYZqDvwTh8Fkb85I5w3F3zLot
acrnaqD9C6ygEUUMPDgHLqC6bZeprOkxiKn8ih3NeqyXioVnp/t3SIOz0oe3ly4k
THZc3J+1Rfi//vsTOncHwCN5o7XU9El7I5cXXvBg3iKRgZASSUsYNst2K67aAeWY
dOqcwQbSb5Pq/GgKpyn/HGVsiUrR7gNrv3Vwx/yvNFjna71ZmaIdRZCGtcpPT84c
Kr80Hfw3q3JXNFeNUrsGzuBF3RPrvUXx+PPKb5k0zimDebVLIqUF2nxFwGM5De2v
eozJzzz/t/VNkIExkTtEkNndGDYkbgdX77AsKdYnsG0FR/v2incKTHWnrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANMDUbWDQL+aTdf4HJrH/21J30ZMB8GA1UdIwQY
MBaAFPUzU/No3YAc1hAiMt+hzqad2MtsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVROVDgyamRnQnpXRUNJeTM2SE9wcDNZeTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iODA5N2EtNGVlZC00NjNiLWI2NWEt
MGVjN2VjYjI1MDMwLzEvQTB3TlJ0WU5BdjVwTjFfZ2Ntc2ZfYlVuZlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iODA5N2EtNGVlZC00NjNiLWI2NWEtMGVjN2VjYjI1MDMw
LzEvOVROVDgyamRnQnpXRUNJeTM2SE9wcDNZeTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUfYMA0G
CSqGSIb3DQEBCwUAA4IBAQAL58nLCLWzdnMfA00TE5ABAFtKZ6MS87euYVPefzYb
vLsVsFHmUhM+U9FfOskH5TLR9Rl7HnzWLJ939bD8W6rWy7o7PQA8hMa1U9LNNqVV
3UPeoeU0q/VQopHZrVtP/5pjDZUBkEvFvqL0BK0LYWy3IQ/oE/uzD2ahSvZVTXf/
Faw85tWa1PCuw/ZkhuaOOMDDeqnakrahc4KhrJHv9PE1e0L3MZOrEmSTDqqaYdJU
ZrCRZ1/UA/mcitq+3HoTh564UeKuON2IYtk7yI3W0V3gvS/LR5ZYI3S7efOSHbn0
IFhdM+cOag6hs+siWEw25sVGTYRZqY9bkQuyG8tq95wp
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:32:25 2024 by rpki-client on console-ams.rpki-client.org