Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/JtcoeLNgIpy4h7DSh1FGa_rABRM.roa
File: JtcoeLNgIpy4h7DSh1FGa_rABRM.roa (raw, json)
Hash identifier: 8ba6tIu4Aw0YQA3zC48ViVNKS1s+lLdpfoIeGXNiWN8=
Subject key identifier: 26:D7:28:78:B3:60:22:9C:B8:87:B0:D2:87:51:46:6B:FA:C0:05:13
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF2EF6CD52DE7647506F5D6BCFC3A
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/JtcoeLNgIpy4h7DSh1FGa_rABRM.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44525
IP address blocks: 109.160.58.0/24 maxlen: 24
109.160.57.0/24 maxlen: 24
109.160.61.0/24 maxlen: 24
109.160.60.0/24 maxlen: 24
109.160.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f2:ef:6c:d5:2d:e7:64:75:06:f5:d6:bc:fc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26d72878b360229cb887b0d28751466bfac00513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:d5:db:81:12:10:90:b6:13:f3:1d:99:71:
22:f7:0b:a3:0a:1c:68:0f:d1:04:f7:e7:7b:57:f2:
8f:7f:b7:7b:85:5f:4c:d5:ea:4d:b6:c1:0f:5b:61:
f8:63:48:95:d6:13:70:dd:23:dc:02:88:42:66:0b:
cd:fa:df:f8:3c:fb:f6:b4:1d:de:58:c2:ea:44:d6:
33:12:5c:88:df:e0:6d:85:6f:b2:b8:a8:06:65:39:
5a:74:91:97:0f:53:51:ef:f2:db:f5:23:75:0f:4a:
c7:05:0e:ae:33:5a:9b:98:40:5c:7a:44:39:16:74:
9f:08:c3:59:cc:29:32:52:70:d0:b3:87:47:ca:f2:
eb:ce:0d:76:cb:59:d1:2f:c2:38:d2:09:de:36:e0:
a5:54:30:e8:b1:dc:e8:ee:94:36:db:e2:b6:d9:ac:
82:3d:b2:81:bf:75:a4:2a:86:ee:78:61:6c:fe:06:
a0:6a:eb:96:b2:9e:02:cc:5c:ef:fd:bb:3e:b6:9c:
0c:df:b0:7c:08:a0:bd:3f:86:83:a7:7a:7d:e6:83:
ad:b4:20:72:2e:9f:be:17:d9:54:0f:c6:92:c3:24:
68:35:cc:60:83:2f:15:7f:69:6d:7c:f8:dd:77:3b:
06:7b:63:df:f6:b9:bc:fe:66:fd:7a:0d:8e:a2:a5:
16:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D7:28:78:B3:60:22:9C:B8:87:B0:D2:87:51:46:6B:FA:C0:05:13
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/JtcoeLNgIpy4h7DSh1FGa_rABRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.57.0-109.160.58.255
109.160.60.0/23
109.160.86.0/24
Signature Algorithm: sha256WithRSAEncryption
95:b1:ce:82:b8:e3:4a:1f:76:fc:5a:59:b7:23:c2:cc:1f:86:
91:83:45:75:c8:c9:54:5b:8a:1b:e1:2c:3e:ed:8f:73:30:92:
c1:c1:d8:3f:10:bb:9d:44:d9:28:44:c9:17:29:68:1c:76:0f:
06:75:22:ff:60:ea:18:21:05:08:60:06:b9:31:bc:18:c4:35:
47:44:db:a4:e8:dc:bc:95:35:da:de:a0:35:fb:70:c2:55:65:
df:0d:dd:64:85:05:27:30:27:3d:2e:95:90:50:e2:47:0d:da:
a9:44:81:02:71:4d:1c:46:ef:78:e2:e6:84:99:d4:d4:24:f7:
e0:f8:32:8c:de:15:ac:44:71:34:67:da:b2:99:b9:69:57:4b:
9c:c2:ce:2d:17:e1:11:90:63:16:af:a2:e2:29:57:ac:84:89:
8f:0d:4a:22:8f:58:1f:c4:4f:43:c2:cd:6e:c9:35:85:8b:5e:
88:28:e7:7a:07:5e:b0:fa:ce:6e:33:f7:f9:54:c3:3c:7b:36:
98:b3:9f:61:56:3a:11:0b:c7:65:72:bc:a3:3f:29:c6:1e:3c:
b7:8b:31:93:27:0a:4f:90:b8:7d:73:78:5e:82:bd:33:67:0e:
3e:6b:1b:a6:f9:93:8f:be:6e:73:91:37:07:03:0f:af:fc:5d:
d0:78:8f:a8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbvLvbNUt52R1BvXWvPw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ3Mjg3OGIzNjAyMjljYjg4N2IwZDI4NzUxNDY2YmZhYzAwNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjrV24ESEJC2E/MdmXEi9wujChxo
D9EE9+d7V/KPf7d7hV9M1epNtsEPW2H4Y0iV1hNw3SPcAohCZgvN+t/4PPv2tB3e
WMLqRNYzElyI3+BthW+yuKgGZTladJGXD1NR7/Lb9SN1D0rHBQ6uM1qbmEBcekQ5
FnSfCMNZzCkyUnDQs4dHyvLrzg12y1nRL8I40gneNuClVDDosdzo7pQ22+K22ayC
PbKBv3WkKobueGFs/gagauuWsp4CzFzv/bs+tpwM37B8CKC9P4aDp3p95oOttCBy
Lp++F9lUD8aSwyRoNcxggy8Vf2ltfPjddzsGe2Pf9rm8/mb9eg2OoqUWMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCbXKHizYCKcuIew0odRRmv6wAUTMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvSnRjb2VMTmdJcHk0aDdEU2gxRkdhX3JBQlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABtoDkD
BABtoDoDBAFtoDwDBABtoFYwDQYJKoZIhvcNAQELBQADggEBAJWxzoK440ofdvxa
WbcjwswfhpGDRXXIyVRbihvhLD7tj3MwksHB2D8Qu51E2ShEyRcpaBx2DwZ1Iv9g
6hghBQhgBrkxvBjENUdE26To3LyVNdreoDX7cMJVZd8N3WSFBScwJz0ulZBQ4kcN
2qlEgQJxTRxG73ji5oSZ1NQk9+D4MozeFaxEcTRn2rKZuWlXS5zCzi0X4RGQYxav
ouIpV6yEiY8NSiKPWB/ET0PCzW7JNYWLXogo53oHXrD6zm4z9/lUwzx7Npizn2FW
OhELx2VyvKM/KcYePLeLMZMnCk+QuH1zeF6CvTNnDj5rG6b5k4++bnORNwcDD6/8
XdB4j6g=
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:15:30 2024 by rpki-client on console-ams.rpki-client.org