Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/imZ28BQtqFjnRsj20hXG5Akxjsc.roa
File: imZ28BQtqFjnRsj20hXG5Akxjsc.roa (raw, json)
Hash identifier: azn3GGs6ZzTZdxKRVBxzcKv4lSz5+AoDd7pnnkP7TEc=
Subject key identifier: 8A:66:76:F0:14:2D:A8:58:E7:46:C8:F6:D2:15:C6:E4:09:31:8E:C7
Certificate issuer: /CN=b9af19f4a60daf15efb7ec41fc59f5da655972e6
Certificate serial: 018CC9B88DE4AA94AB4E35C1FE218774E555
Authority key identifier: B9:AF:19:F4:A6:0D:AF:15:EF:B7:EC:41:FC:59:F5:DA:65:59:72:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/imZ28BQtqFjnRsj20hXG5Akxjsc.roa
Signing time: Tue 02 Jan 2024 10:29:24 +0000
ROA not before: Tue 02 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203949
IP address blocks: 193.111.148.0/24 maxlen: 24
94.126.87.0/24 maxlen: 24
94.126.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:b8:8d:e4:aa:94:ab:4e:35:c1:fe:21:87:74:e5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9af19f4a60daf15efb7ec41fc59f5da655972e6
Validity
Not Before: Jan 2 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a6676f0142da858e746c8f6d215c6e409318ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f1:69:04:12:54:64:80:b3:f0:35:dd:3b:59:
ee:eb:37:1b:09:bb:1a:4d:5d:3f:5c:de:bb:a7:fe:
25:09:8a:3e:86:40:04:7a:17:9c:b7:af:84:c7:3c:
7b:50:54:77:75:7b:9a:9b:e2:fb:fc:0a:7e:90:1a:
c0:8f:ac:ed:e4:08:76:40:2d:ad:c0:58:9c:72:8b:
27:23:ca:7b:44:69:97:50:49:6d:d1:72:38:a5:d4:
6d:90:08:f3:2b:16:f9:c8:87:31:f6:7b:30:7a:04:
83:18:b6:b9:2c:cb:90:69:dc:d7:b5:89:33:68:e1:
33:bd:32:b1:26:c3:52:35:e3:30:93:73:6e:b7:bc:
b1:c9:d9:c7:a4:e6:e6:3f:7e:5d:71:26:0e:49:e2:
56:a9:47:af:7b:4c:0b:86:26:97:a1:ba:32:c2:bd:
6c:5e:7c:b1:a7:7e:00:0f:6f:d8:49:b2:95:8b:58:
85:18:32:1b:e2:29:41:5f:89:5b:96:e5:d9:12:6c:
e4:6d:a3:c4:ec:07:df:86:2d:e2:39:d3:03:b9:d0:
f8:28:7d:03:13:7f:4f:da:77:e4:fd:ed:2e:ac:e9:
b5:10:cd:fe:85:44:11:87:b2:d5:75:dc:a2:f4:62:
a6:97:dc:df:8a:15:e9:ef:85:30:43:ff:37:c5:81:
f6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:66:76:F0:14:2D:A8:58:E7:46:C8:F6:D2:15:C6:E4:09:31:8E:C7
X509v3 Authority Key Identifier:
keyid:B9:AF:19:F4:A6:0D:AF:15:EF:B7:EC:41:FC:59:F5:DA:65:59:72:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/imZ28BQtqFjnRsj20hXG5Akxjsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.86.0/23
193.111.148.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:dd:ad:5a:b5:b4:00:7d:98:bd:be:a2:83:ae:d5:b8:9d:be:
ff:2d:0a:60:dd:ec:d4:8e:28:2f:62:cb:eb:97:1f:09:97:8e:
fa:01:ff:a3:16:57:97:4f:28:2c:77:7d:87:a0:d1:56:ea:e7:
bd:5b:fa:43:59:cf:7d:95:11:a9:57:06:d4:13:50:25:8b:d6:
63:4d:fc:c5:a0:7a:ef:59:95:f1:6f:db:b5:c3:6d:34:ef:ab:
d9:21:eb:6b:f2:e4:ea:fa:00:d2:6a:05:d8:dc:9c:91:8a:cd:
b4:c9:b2:3d:5e:ef:ca:77:ea:38:5c:60:8a:f8:ff:38:a5:3c:
aa:27:0e:99:6e:62:b1:27:05:c5:2b:f7:2c:0b:63:f3:a1:1d:
de:e2:f6:b0:35:0c:d3:fa:5e:57:c1:61:37:1c:96:49:c4:03:
b0:7e:9c:94:c3:70:a5:09:05:ef:94:3d:cf:a4:d6:8d:7e:76:
6c:94:88:dc:93:a9:9d:d5:b1:4a:13:95:d7:cb:66:43:53:7a:
f8:c2:cd:86:20:54:3a:63:d4:29:81:e4:d4:34:b2:a4:04:10:
1e:ba:4b:a0:dd:45:50:b5:71:23:c6:6e:63:16:e5:a7:4a:d3:
17:70:cc:73:d8:0e:91:ee:83:1b:98:be:f2:28:1c:c8:ac:37:
07:31:ed:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJuI3kqpSrTjXB/iGHdOVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWYxOWY0YTYwZGFmMTVlZmI3ZWM0MWZjNTlmNWRhNjU1
OTcyZTYwHhcNMjQwMTAyMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTY2NzZmMDE0MmRhODU4ZTc0NmM4ZjZkMjE1YzZlNDA5MzE4ZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvFpBBJUZICz8DXdO1nu6zcbCbsa
TV0/XN67p/4lCYo+hkAEehect6+Exzx7UFR3dXuam+L7/Ap+kBrAj6zt5Ah2QC2t
wFiccosnI8p7RGmXUElt0XI4pdRtkAjzKxb5yIcx9nswegSDGLa5LMuQadzXtYkz
aOEzvTKxJsNSNeMwk3Nut7yxydnHpObmP35dcSYOSeJWqUeve0wLhiaXoboywr1s
Xnyxp34AD2/YSbKVi1iFGDIb4ilBX4lbluXZEmzkbaPE7Affhi3iOdMDudD4KH0D
E39P2nfk/e0urOm1EM3+hUQRh7LVddyi9GKml9zfihXp74UwQ/83xYH2xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIpmdvAULahY50bI9tIVxuQJMY7HMB8GA1UdIwQY
MBaAFLmvGfSmDa8V77fsQfxZ9dplWXLmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWE4WjlLWU5yeFh2dC14Ql9GbjEybVZaY3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xNGY0NmMtMGEzNi00Y2MzLWIwOTEt
NzQyNWIxM2Q1Y2Y4LzEvaW1aMjhCUXRxRmpuUnNqMjBoWEc1QWt4anNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xNGY0NmMtMGEzNi00Y2MzLWIwOTEtNzQyNWIxM2Q1Y2Y4
LzEvdWE4WjlLWU5yeFh2dC14Ql9GbjEybVZaY3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXn5WAwQA
wW+UMA0GCSqGSIb3DQEBCwUAA4IBAQB93a1atbQAfZi9vqKDrtW4nb7/LQpg3ezU
jigvYsvrlx8Jl476Af+jFleXTygsd32HoNFW6ue9W/pDWc99lRGpVwbUE1Ali9Zj
TfzFoHrvWZXxb9u1w20076vZIetr8uTq+gDSagXY3JyRis20ybI9Xu/Kd+o4XGCK
+P84pTyqJw6ZbmKxJwXFK/csC2PzoR3e4vawNQzT+l5XwWE3HJZJxAOwfpyUw3Cl
CQXvlD3PpNaNfnZslIjck6md1bFKE5XXy2ZDU3r4ws2GIFQ6Y9QpgeTUNLKkBBAe
ukug3UVQtXEjxm5jFuWnStMXcMxz2A6R7oMbmL7yKBzIrDcHMe1a
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:36:51 2024 by rpki-client on console-ams.rpki-client.org