Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/AVahNdgwiQLmdKWemaaACz9yjxA.roa
File: AVahNdgwiQLmdKWemaaACz9yjxA.roa (raw, json)
Hash identifier: AzpeWoHChE4/StWOGUGs5GxX++TL4TlzQAM8MWbU8hI=
Subject key identifier: 01:56:A1:35:D8:30:89:02:E6:74:A5:9E:99:A6:80:0B:3F:72:8F:10
Certificate issuer: /CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Certificate serial: 018CC6B7D4B7F409AA1EEF5DC303EE590534
Authority key identifier: F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/AVahNdgwiQLmdKWemaaACz9yjxA.roa
Signing time: Mon 01 Jan 2024 20:29:45 +0000
ROA not before: Mon 01 Jan 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205051
IP address blocks: 185.231.208.0/22 maxlen: 24
91.205.80.0/22 maxlen: 24
91.205.82.0/24 maxlen: 24
45.142.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d4:b7:f4:09:aa:1e:ef:5d:c3:03:ee:59:05:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Validity
Not Before: Jan 1 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0156a135d8308902e674a59e99a6800b3f728f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c7:f3:e7:09:8e:7e:5e:8d:79:40:d2:4e:74:
81:2b:7c:b0:30:c9:80:fa:66:9b:49:87:f3:ad:9d:
f8:7c:be:aa:6a:ba:e6:87:bd:e7:8b:89:1a:24:10:
a8:bb:63:8d:f1:a3:f1:1c:db:48:63:a3:0f:47:ef:
b1:b7:55:65:4c:37:ea:7d:76:cc:a9:0f:f5:04:97:
4c:72:5f:51:55:4b:fc:54:a4:84:a8:4e:54:80:9f:
74:2f:62:d0:8f:96:0a:71:33:05:8b:dd:8a:57:2e:
7a:16:71:10:e8:24:80:84:a3:e3:e6:bf:19:73:ac:
3e:b2:33:f8:0b:f6:2b:77:04:57:fc:c3:d4:09:af:
f8:fb:4f:d2:00:9c:f1:cc:8e:f1:d3:83:01:bd:31:
c1:c4:92:f5:cc:d5:2f:0d:dd:02:7e:61:b4:49:f1:
b8:02:3b:25:99:4a:93:4b:f5:1d:73:b1:be:48:bb:
b5:cb:bf:36:86:3a:8c:ac:54:39:dc:a6:0e:17:dc:
c4:3a:0f:fe:0e:86:7b:ed:ca:5e:46:cc:b8:dd:56:
63:e2:fd:a5:6f:94:f4:67:fd:3f:27:49:91:90:f9:
95:51:3c:f3:9b:6d:9e:76:6d:50:67:33:60:ba:c0:
26:ba:bf:3d:24:8c:fb:60:34:67:7b:0c:32:50:0a:
97:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:56:A1:35:D8:30:89:02:E6:74:A5:9E:99:A6:80:0B:3F:72:8F:10
X509v3 Authority Key Identifier:
keyid:F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/AVahNdgwiQLmdKWemaaACz9yjxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.168.0/22
91.205.80.0/22
185.231.208.0/22
Signature Algorithm: sha256WithRSAEncryption
35:e2:0a:a4:ca:8b:fd:6e:13:c2:bc:44:e5:ab:14:c6:a0:93:
d6:de:11:b6:b1:1d:94:9f:1b:2e:a0:27:a1:ee:a2:66:14:97:
2e:c8:1e:7b:e9:f9:9c:07:bb:e0:1d:18:25:6d:54:f9:bd:2a:
79:9b:ed:8c:02:e3:80:12:a5:98:1d:1e:5a:b6:9e:3c:85:ce:
ae:fe:81:26:23:ed:9d:ba:01:6a:71:29:cd:80:2d:d6:fa:ab:
ef:9b:dd:13:09:0f:f2:92:22:df:d4:84:eb:e7:5b:f9:73:fb:
1e:6d:9b:33:15:73:e4:18:d5:87:6c:27:3b:c6:57:7b:e2:40:
8b:12:94:52:2f:54:26:09:91:59:e9:e3:31:43:f2:2d:92:45:
36:2d:2f:a3:53:6e:cd:79:a9:32:3a:71:28:bd:a7:a0:0f:6d:
74:ec:67:97:37:78:db:ce:79:7e:21:62:5e:97:70:a1:ec:3b:
fb:b6:b0:96:8f:90:eb:dc:8e:79:db:cb:47:3c:09:16:85:41:
42:7f:ca:af:b5:6a:5c:e1:af:3a:d7:49:81:aa:4a:69:3b:61:
a4:50:9b:a6:0d:96:b0:b1:88:c6:6a:bf:3f:10:42:c6:54:66:
00:29:09:ab:0d:f5:b1:74:db:b4:c3:ca:6e:3c:1f:db:77:d9:
3a:20:48:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt9S39AmqHu9dwwPuWQU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NTdjMDIwY2RjMjJiNjhkYTI2YTQ2OWY2ZmZhNmI0NDgz
NzBkMWQwHhcNMjQwMTAxMjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU2YTEzNWQ4MzA4OTAyZTY3NGE1OWU5OWE2ODAwYjNmNzI4ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMfz5wmOfl6NeUDSTnSBK3ywMMmA
+mabSYfzrZ34fL6qarrmh73ni4kaJBCou2ON8aPxHNtIY6MPR++xt1VlTDfqfXbM
qQ/1BJdMcl9RVUv8VKSEqE5UgJ90L2LQj5YKcTMFi92KVy56FnEQ6CSAhKPj5r8Z
c6w+sjP4C/YrdwRX/MPUCa/4+0/SAJzxzI7x04MBvTHBxJL1zNUvDd0CfmG0SfG4
AjslmUqTS/Udc7G+SLu1y782hjqMrFQ53KYOF9zEOg/+DoZ77cpeRsy43VZj4v2l
b5T0Z/0/J0mRkPmVUTzzm22edm1QZzNgusAmur89JIz7YDRnewwyUAqXIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAFWoTXYMIkC5nSlnpmmgAs/co8QMB8GA1UdIwQY
MBaAFPRXwCDNwito2iakafb/prRINw0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAt
N2JhZmQ0M2U3ODYyLzEvQVZhaE5kZ3dpUUxtZEtXZW1hYUFDejl5anhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAtN2JhZmQ0M2U3ODYy
LzEvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY6oAwQC
W81QAwQCuefQMA0GCSqGSIb3DQEBCwUAA4IBAQA14gqkyov9bhPCvETlqxTGoJPW
3hG2sR2UnxsuoCeh7qJmFJcuyB576fmcB7vgHRglbVT5vSp5m+2MAuOAEqWYHR5a
tp48hc6u/oEmI+2dugFqcSnNgC3W+qvvm90TCQ/ykiLf1ITr51v5c/sebZszFXPk
GNWHbCc7xld74kCLEpRSL1QmCZFZ6eMxQ/ItkkU2LS+jU27NeakyOnEovaegD210
7GeXN3jbznl+IWJel3Ch7Dv7trCWj5Dr3I5528tHPAkWhUFCf8qvtWpc4a8610mB
qkppO2GkUJumDZawsYjGar8/EELGVGYAKQmrDfWxdNu0w8puPB/bd9k6IEiK
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:34 2024 by rpki-client on console-ams.rpki-client.org