Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/AAUfkBghQ7qiFaGjKdoaoy7Owvg.roa
File: AAUfkBghQ7qiFaGjKdoaoy7Owvg.roa (raw, json)
Hash identifier: r5KWTTxmaOH+mRCIgfcGelsPCmoKJoiLI/+M6TaRXMs=
Subject key identifier: 00:05:1F:90:18:21:43:BA:A2:15:A1:A3:29:DA:1A:A3:2E:CE:C2:F8
Certificate issuer: /CN=66f04275253f967384c4973758a54b7fd085fe45
Certificate serial: 018CC56EA4C3B751C0506CC1B25E1FD6E95E
Authority key identifier: 66:F0:42:75:25:3F:96:73:84:C4:97:37:58:A5:4B:7F:D0:85:FE:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/AAUfkBghQ7qiFaGjKdoaoy7Owvg.roa
Signing time: Mon 01 Jan 2024 14:30:11 +0000
ROA not before: Mon 01 Jan 2024 14:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204645
IP address blocks: 185.109.172.0/22 maxlen: 24
2a02:4e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/ZvBCdSU_lnOExJc3WKVLf9CF_kU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/ZvBCdSU_lnOExJc3WKVLf9CF_kU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a4:c3:b7:51:c0:50:6c:c1:b2:5e:1f:d6:e9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f04275253f967384c4973758a54b7fd085fe45
Validity
Not Before: Jan 1 14:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00051f90182143baa215a1a329da1aa32ecec2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9b:27:a8:a7:df:83:b0:a4:70:22:96:df:7b:
c5:f7:73:49:1a:a9:be:77:83:3d:f5:8f:62:62:ef:
e6:25:7e:f5:e9:d2:a8:79:14:e7:d6:52:56:20:6b:
a5:a8:74:39:52:dd:c9:85:58:b3:98:1d:b7:07:97:
d5:20:55:b4:38:b9:92:af:22:55:4a:ec:a3:bd:94:
54:ca:56:57:a0:0f:a7:d2:01:c7:7c:7d:fb:d6:33:
0e:ce:d9:85:02:ab:4e:21:f2:60:b7:e4:71:34:3e:
30:f3:90:c0:b3:86:29:f9:9b:89:1a:41:df:8e:17:
29:45:04:13:04:62:3c:f4:8d:36:cb:91:4f:65:70:
b9:3b:ae:44:87:80:f3:8f:8f:71:df:c4:d0:aa:d1:
8d:88:e6:ab:50:10:66:03:d6:27:e5:a3:64:b1:97:
cb:35:a0:4c:0e:52:79:fe:b8:c1:76:2c:7c:74:d2:
98:43:4d:7c:5a:cc:f5:a9:5d:b6:12:57:b2:a0:f8:
c3:13:54:f3:0e:79:e0:48:da:f4:7f:45:17:0a:73:
91:a8:e8:a8:5a:4f:9b:50:5b:72:eb:3a:98:01:71:
ec:51:70:f9:b1:8b:31:c6:ab:c0:98:16:67:53:93:
bf:9e:48:38:32:df:f9:9c:80:f3:d9:dc:06:99:06:
53:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:05:1F:90:18:21:43:BA:A2:15:A1:A3:29:DA:1A:A3:2E:CE:C2:F8
X509v3 Authority Key Identifier:
keyid:66:F0:42:75:25:3F:96:73:84:C4:97:37:58:A5:4B:7F:D0:85:FE:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/AAUfkBghQ7qiFaGjKdoaoy7Owvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/ZvBCdSU_lnOExJc3WKVLf9CF_kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.172.0/22
IPv6:
2a02:4e80::/32
Signature Algorithm: sha256WithRSAEncryption
7b:78:c3:ba:1d:5a:dc:bc:af:19:2c:0b:96:45:a2:84:af:8f:
97:17:ae:ea:b4:37:5e:ee:17:5a:ce:fe:01:51:ed:ec:ed:02:
67:4a:c5:09:e9:97:23:ce:23:6b:cc:c8:80:77:14:76:a3:4e:
f2:6f:19:65:af:51:09:79:e1:f4:be:9e:db:44:a7:f1:27:01:
02:23:3f:bc:9d:bb:40:de:3a:8e:32:14:65:52:f4:0e:0b:02:
00:75:dc:0a:40:0e:16:e5:c5:22:22:35:d7:4e:09:9f:39:3b:
36:4f:64:77:9c:14:70:84:25:f5:b7:7f:9a:c2:35:74:c0:8f:
85:76:5c:3f:9e:be:13:7e:4c:31:fd:25:57:3d:d7:b1:50:0a:
72:3b:9e:9e:0a:99:e2:0a:a1:1f:ee:75:c8:79:ed:33:93:8f:
47:e6:ae:23:e4:41:21:ed:a3:b0:94:57:a2:c6:bd:a2:2f:46:
82:4d:53:56:84:fe:29:b6:ed:93:b1:41:c9:3f:3a:20:fc:6d:
1e:be:8c:22:ef:0e:23:cb:c7:fa:78:78:5c:6d:c4:57:e8:be:
6c:d5:b7:5d:1f:63:bc:43:5b:dc:01:1d:56:51:4b:d6:2a:86:
bd:f0:f8:97:a2:7d:7c:6e:49:87:69:43:a7:47:3d:0a:66:c1:
79:21:69:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbqTDt1HAUGzBsl4f1uleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjA0Mjc1MjUzZjk2NzM4NGM0OTczNzU4YTU0YjdmZDA4
NWZlNDUwHhcNMjQwMTAxMTQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA1MWY5MDE4MjE0M2JhYTIxNWExYTMyOWRhMWFhMzJlY2VjMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpsnqKffg7CkcCKW33vF93NJGqm+
d4M99Y9iYu/mJX716dKoeRTn1lJWIGulqHQ5Ut3JhVizmB23B5fVIFW0OLmSryJV
SuyjvZRUylZXoA+n0gHHfH371jMOztmFAqtOIfJgt+RxND4w85DAs4Yp+ZuJGkHf
jhcpRQQTBGI89I02y5FPZXC5O65Eh4Dzj49x38TQqtGNiOarUBBmA9Yn5aNksZfL
NaBMDlJ5/rjBdix8dNKYQ018Wsz1qV22EleyoPjDE1TzDnngSNr0f0UXCnORqOio
Wk+bUFty6zqYAXHsUXD5sYsxxqvAmBZnU5O/nkg4Mt/5nIDz2dwGmQZTYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAAFH5AYIUO6ohWhoynaGqMuzsL4MB8GA1UdIwQY
MBaAFGbwQnUlP5ZzhMSXN1ilS3/Qhf5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZCQ2RTVV9sbk9FeEpjM1dLVkxmOUNGX2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ZTE2ZDItZDNiOS00ZWZhLTljM2Qt
ZTQ5NjE4NTJjOGI2LzEvQUFVZmtCZ2hRN3FpRmFHaktkb2FveTdPd3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ZTE2ZDItZDNiOS00ZWZhLTljM2QtZTQ5NjE4NTJjOGI2
LzEvWnZCQ2RTVV9sbk9FeEpjM1dLVkxmOUNGX2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW2sMA0E
AgACMAcDBQAqAk6AMA0GCSqGSIb3DQEBCwUAA4IBAQB7eMO6HVrcvK8ZLAuWRaKE
r4+XF67qtDde7hdazv4BUe3s7QJnSsUJ6ZcjziNrzMiAdxR2o07ybxllr1EJeeH0
vp7bRKfxJwECIz+8nbtA3jqOMhRlUvQOCwIAddwKQA4W5cUiIjXXTgmfOTs2T2R3
nBRwhCX1t3+awjV0wI+Fdlw/nr4Tfkwx/SVXPdexUApyO56eCpniCqEf7nXIee0z
k49H5q4j5EEh7aOwlFeixr2iL0aCTVNWhP4ptu2TsUHJPzog/G0evowi7w4jy8f6
eHhcbcRX6L5s1bddH2O8Q1vcAR1WUUvWKoa98PiXon18bkmHaUOnRz0KZsF5IWlD
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:46 2024 by rpki-client on console-ams.rpki-client.org