Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/PycQn7bjGGX0a8E6lxjihPalbJI.roa
File: PycQn7bjGGX0a8E6lxjihPalbJI.roa (raw, json)
Hash identifier: M5DiK0OdFNeKCOumNgJO8+pMHJQbgDobY8VGLp3sq9E=
Subject key identifier: 3F:27:10:9F:B6:E3:18:65:F4:6B:C1:3A:97:18:E2:84:F6:A5:6C:92
Certificate issuer: /CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Certificate serial: 018CC64B6575E8FABD8A36CEE45DFFB6FFF5
Authority key identifier: 01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/PycQn7bjGGX0a8E6lxjihPalbJI.roa
Signing time: Mon 01 Jan 2024 18:31:19 +0000
ROA not before: Mon 01 Jan 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200161
IP address blocks: 83.217.24.0/22 maxlen: 24
185.30.17.231/32 maxlen: 32
212.8.236.0/22 maxlen: 24
185.30.16.0/22 maxlen: 24
2a00:a960::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:65:75:e8:fa:bd:8a:36:ce:e4:5d:ff:b6:ff:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Validity
Not Before: Jan 1 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f27109fb6e31865f46bc13a9718e284f6a56c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e3:ba:4d:a3:8a:65:f2:ea:c0:da:74:61:d8:
ea:26:9f:42:a4:18:f9:3c:cd:72:ad:74:05:30:0a:
f1:00:da:a3:4d:67:6d:53:f2:bd:e5:a5:ae:13:d9:
29:68:61:98:1c:be:4b:3e:a4:fb:91:a4:60:15:fd:
0f:84:23:7d:2d:7f:39:41:3c:d2:82:f0:56:fb:7b:
59:b9:84:67:8b:b3:28:5b:15:fd:31:71:d2:d7:4f:
71:a3:ef:3d:14:62:36:b4:49:ec:ea:fa:cf:cf:e3:
0d:e4:ea:2f:85:4f:c1:5f:b6:17:b6:17:f8:56:a5:
ed:9d:97:46:45:a3:8d:32:57:05:32:92:19:bf:f1:
b5:58:1c:b2:8f:03:b1:ab:d0:fa:0a:4b:36:1a:01:
ae:c5:0f:ea:58:a3:6d:39:ec:aa:02:3b:06:7d:35:
f2:c7:90:bc:08:18:a0:da:cf:c2:a0:c1:6a:52:13:
c4:d3:8a:8d:f3:4b:55:69:eb:f7:ba:3a:7d:5d:58:
71:6c:35:06:40:1a:92:a1:60:3b:cc:53:4f:38:d9:
38:9c:14:82:4a:57:25:78:17:80:86:cc:90:db:73:
9e:6a:5f:c1:25:c3:cb:d0:5d:55:42:bc:07:be:0f:
a5:7f:43:77:50:b1:0d:6f:57:8a:77:fb:5e:67:25:
18:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:27:10:9F:B6:E3:18:65:F4:6B:C1:3A:97:18:E2:84:F6:A5:6C:92
X509v3 Authority Key Identifier:
keyid:01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/PycQn7bjGGX0a8E6lxjihPalbJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.24.0/22
185.30.16.0/22
212.8.236.0/22
IPv6:
2a00:a960::/32
Signature Algorithm: sha256WithRSAEncryption
8d:c6:7a:f6:83:08:4c:9f:9d:f3:bf:66:08:15:e7:7a:e5:14:
ff:44:46:85:ee:ca:8c:eb:dd:c8:5a:6b:6a:03:ae:b8:ee:eb:
f3:71:6a:6a:e9:01:e8:17:18:8b:80:57:d4:06:86:eb:a4:8d:
a1:f0:2a:18:48:96:64:e1:b9:10:f9:ba:3e:21:8f:03:d2:d7:
82:6e:5f:9b:85:e6:e7:3a:aa:ab:ba:83:44:f1:ac:12:74:90:
ba:9e:8d:51:47:2c:52:77:94:b1:01:ca:1d:81:de:ad:cc:8e:
5d:09:35:2a:a6:68:9d:84:91:e5:e7:84:54:58:ed:c8:23:d5:
ce:74:7b:1f:54:00:a5:c3:61:b5:00:9c:a7:15:f1:a2:f4:a5:
15:32:c1:16:1c:f1:1d:17:66:2a:f5:25:43:0f:8b:24:8b:95:
7a:4e:25:09:3c:c5:8c:89:50:97:9d:75:94:83:f8:63:0e:b3:
34:9f:64:ad:44:f3:20:4a:a0:e7:61:a7:14:ca:73:e1:e5:ae:
68:d5:2a:ac:54:e2:83:6a:d8:41:d3:fa:e8:01:f4:4c:d0:8d:
29:d0:c5:80:dc:db:c0:d4:c0:e0:55:4a:cb:07:68:72:49:21:
00:79:f6:03:91:a4:a4:da:12:4c:f4:f3:8e:11:a0:aa:90:59:
2b:83:cb:17
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS2V16Pq9ijbO5F3/tv/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNmU1ZTMxZmE4NzE2YWFhNTRlMThmY2RjZmVkM2ZjOTRk
YjkwYjUwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjI3MTA5ZmI2ZTMxODY1ZjQ2YmMxM2E5NzE4ZTI4NGY2YTU2YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOO6TaOKZfLqwNp0YdjqJp9CpBj5
PM1yrXQFMArxANqjTWdtU/K95aWuE9kpaGGYHL5LPqT7kaRgFf0PhCN9LX85QTzS
gvBW+3tZuYRni7MoWxX9MXHS109xo+89FGI2tEns6vrPz+MN5OovhU/BX7YXthf4
VqXtnZdGRaONMlcFMpIZv/G1WByyjwOxq9D6Cks2GgGuxQ/qWKNtOeyqAjsGfTXy
x5C8CBig2s/CoMFqUhPE04qN80tVaev3ujp9XVhxbDUGQBqSoWA7zFNPONk4nBSC
SlcleBeAhsyQ23Oeal/BJcPL0F1VQrwHvg+lf0N3ULENb1eKd/teZyUYqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD8nEJ+24xhl9GvBOpcY4oT2pWySMB8GA1UdIwQY
MBaAFAFuXjH6hxaqpU4Y/Nz+0/yU25C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVc1ZU1mcUhGcXFsVGhqODNQN1RfSlRia0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hZjRlZjgtZWQwNy00YWNkLWE0MmYt
Yzk2YzJjZTg1OWU1LzEvUHljUW43YmpHR1gwYThFNmx4amloUGFsYkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9hZjRlZjgtZWQwNy00YWNkLWE0MmYtYzk2YzJjZTg1OWU1
LzEvQVc1ZU1mcUhGcXFsVGhqODNQN1RfSlRia0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCU9kYAwQC
uR4QAwQC1AjsMA0EAgACMAcDBQAqAKlgMA0GCSqGSIb3DQEBCwUAA4IBAQCNxnr2
gwhMn53zv2YIFed65RT/REaF7sqM693IWmtqA6647uvzcWpq6QHoFxiLgFfUBobr
pI2h8CoYSJZk4bkQ+bo+IY8D0teCbl+bhebnOqqruoNE8awSdJC6no1RRyxSd5Sx
Acodgd6tzI5dCTUqpmidhJHl54RUWO3II9XOdHsfVAClw2G1AJynFfGi9KUVMsEW
HPEdF2Yq9SVDD4ski5V6TiUJPMWMiVCXnXWUg/hjDrM0n2StRPMgSqDnYacUynPh
5a5o1SqsVOKDathB0/roAfRM0I0p0MWA3NvA1MDgVUrLB2hySSEAefYDkaSk2hJM
9POOEaCqkFkrg8sX
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:35 2024 by rpki-client on console-ams.rpki-client.org