Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/SjW9EsP7MSc-4kWFMQ1kn8Bnnr4.roa
File: SjW9EsP7MSc-4kWFMQ1kn8Bnnr4.roa (raw, json)
Hash identifier: l+kacU2KQZEO5T7Y57UMdBLQrM3kGJecYqoGSjV4AFs=
Subject key identifier: 4A:35:BD:12:C3:FB:31:27:3E:E2:45:85:31:0D:64:9F:C0:67:9E:BE
Certificate issuer: /CN=7a49eeaf24342c3b2c632c9e48463138de2dc00b
Certificate serial: 018CC56E4FB6F65D1C31181524DD5D32FC7D
Authority key identifier: 7A:49:EE:AF:24:34:2C:3B:2C:63:2C:9E:48:46:31:38:DE:2D:C0:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/SjW9EsP7MSc-4kWFMQ1kn8Bnnr4.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15757
IP address blocks: 94.124.224.0/21 maxlen: 23
185.165.200.0/22 maxlen: 24
217.17.160.0/19 maxlen: 24
82.114.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4f:b6:f6:5d:1c:31:18:15:24:dd:5d:32:fc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a49eeaf24342c3b2c632c9e48463138de2dc00b
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a35bd12c3fb31273ee24585310d649fc0679ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:20:bf:40:f4:e1:34:a7:e3:72:de:37:85:
00:b8:ad:6f:83:77:3b:c1:49:66:7f:ad:5a:2a:4c:
e8:f1:14:15:a1:44:02:43:ff:a4:86:80:ae:66:69:
3f:78:67:86:ac:3b:99:4a:b1:cc:b6:43:1d:4f:cd:
b1:09:c1:51:7d:75:e7:99:58:a6:cc:ca:38:c5:1a:
5b:d0:a5:7f:28:3f:91:1c:96:81:94:aa:be:9c:aa:
9a:cd:67:e8:1b:8c:80:92:8f:04:19:47:09:09:9f:
a2:d3:95:11:d8:09:65:c9:73:12:1e:f4:ab:4c:54:
fc:8b:65:11:33:61:92:7a:54:8b:9e:aa:7e:16:ac:
e4:85:1a:05:fb:36:c6:dd:1c:fd:32:36:df:97:3c:
ae:a7:4f:33:59:7a:35:f5:4b:f2:41:94:9b:51:ef:
bc:f4:0f:76:c5:50:9c:b1:eb:15:9a:c0:21:2c:14:
11:3e:36:e9:7e:90:29:90:c7:6f:c7:3c:c3:01:d3:
00:10:8f:b1:45:83:f0:f4:87:cd:1f:ce:97:d0:cc:
4c:e9:6d:82:ea:39:b0:e7:4f:e8:58:0f:bf:d5:11:
f0:83:4c:d7:4e:1c:ac:53:75:1e:6f:70:6b:60:7b:
df:ff:63:7d:62:86:b9:8c:93:df:e9:ff:34:65:5c:
24:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:35:BD:12:C3:FB:31:27:3E:E2:45:85:31:0D:64:9F:C0:67:9E:BE
X509v3 Authority Key Identifier:
keyid:7A:49:EE:AF:24:34:2C:3B:2C:63:2C:9E:48:46:31:38:DE:2D:C0:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eknuryQ0LDssYyyeSEYxON4twAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/SjW9EsP7MSc-4kWFMQ1kn8Bnnr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/63b8aa-722f-4009-ada7-f9b60711453c/1/eknuryQ0LDssYyyeSEYxON4twAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.114.128.0/19
94.124.224.0/21
185.165.200.0/22
217.17.160.0/19
Signature Algorithm: sha256WithRSAEncryption
98:79:2c:db:af:0f:e4:a1:55:55:ca:72:94:36:79:3f:12:ea:
db:3a:ac:3e:07:4d:a0:da:31:72:51:11:de:e1:f1:88:b5:4c:
51:ac:48:95:59:fc:f8:63:1a:ec:5d:c4:48:62:56:c0:6d:a8:
42:8f:80:62:e1:2a:f5:fa:ca:26:d9:ce:90:64:21:5b:b0:af:
3d:4f:e0:3f:58:a4:06:46:96:65:5d:a9:e6:b9:f6:0b:e2:8d:
39:b6:91:73:bc:09:77:9e:8f:bb:44:91:ab:1f:8c:5f:6a:81:
87:9e:eb:16:59:ef:95:e0:80:a9:c3:1e:62:34:32:14:e7:8a:
70:90:e1:bf:2b:fc:46:ac:9c:ee:13:29:b2:0c:99:bb:eb:e5:
02:2d:a4:02:25:4d:2a:83:90:cc:31:cd:cc:27:d5:4d:61:8d:
57:65:d2:4f:8f:b3:0e:a1:db:68:dc:1e:83:04:4e:52:4b:e9:
f2:27:3c:d7:a8:9e:e7:ff:d3:26:61:19:19:cd:a8:df:7b:f3:
b8:51:6a:b5:31:4f:0a:48:fd:cd:0c:3f:65:44:8c:e6:4e:04:
85:e3:7b:b7:e8:28:a7:a1:56:28:92:67:7a:e4:65:65:a1:ea:
72:37:69:91:e6:c6:f9:a7:8d:e2:e1:14:94:00:91:98:1d:10:
78:1c:61:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbk+29l0cMRgVJN1dMvx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDllZWFmMjQzNDJjM2IyYzYzMmM5ZTQ4NDYzMTM4ZGUy
ZGMwMGIwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTM1YmQxMmMzZmIzMTI3M2VlMjQ1ODUzMTBkNjQ5ZmMwNjc5ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+Agv0D04TSn43LeN4UAuK1vg3c7
wUlmf61aKkzo8RQVoUQCQ/+khoCuZmk/eGeGrDuZSrHMtkMdT82xCcFRfXXnmVim
zMo4xRpb0KV/KD+RHJaBlKq+nKqazWfoG4yAko8EGUcJCZ+i05UR2AllyXMSHvSr
TFT8i2URM2GSelSLnqp+FqzkhRoF+zbG3Rz9Mjbflzyup08zWXo19UvyQZSbUe+8
9A92xVCcsesVmsAhLBQRPjbpfpApkMdvxzzDAdMAEI+xRYPw9IfNH86X0MxM6W2C
6jmw50/oWA+/1RHwg0zXThysU3Ueb3BrYHvf/2N9Yoa5jJPf6f80ZVwkIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEo1vRLD+zEnPuJFhTENZJ/AZ56+MB8GA1UdIwQY
MBaAFHpJ7q8kNCw7LGMsnkhGMTjeLcALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtudXJ5UTBMRHNzWXl5ZVNFWXhPTjR0d0FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82M2I4YWEtNzIyZi00MDA5LWFkYTct
ZjliNjA3MTE0NTNjLzEvU2pXOUVzUDdNU2MtNGtXRk1RMWtuOEJubnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82M2I4YWEtNzIyZi00MDA5LWFkYTctZjliNjA3MTE0NTNj
LzEvZWtudXJ5UTBMRHNzWXl5ZVNFWXhPTjR0d0FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUnKAAwQD
XnzgAwQCuaXIAwQF2RGgMA0GCSqGSIb3DQEBCwUAA4IBAQCYeSzbrw/koVVVynKU
Nnk/EurbOqw+B02g2jFyURHe4fGItUxRrEiVWfz4YxrsXcRIYlbAbahCj4Bi4Sr1
+som2c6QZCFbsK89T+A/WKQGRpZlXanmufYL4o05tpFzvAl3no+7RJGrH4xfaoGH
nusWWe+V4ICpwx5iNDIU54pwkOG/K/xGrJzuEymyDJm76+UCLaQCJU0qg5DMMc3M
J9VNYY1XZdJPj7MOodto3B6DBE5SS+nyJzzXqJ7n/9MmYRkZzajfe/O4UWq1MU8K
SP3NDD9lRIzmTgSF43u36CinoVYokmd65GVloepyN2mR5sb5p43i4RSUAJGYHRB4
HGFa
-----END CERTIFICATE-----
Generated at Sat Sep 28 01:56:10 2024 by rpki-client on console-ams.rpki-client.org