Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/aExIHfZFEI4g8RNFo8RNvYYLF4E.roa
File: aExIHfZFEI4g8RNFo8RNvYYLF4E.roa (raw, json)
Hash identifier: WJNi1Z8fUFXzUnvSCVSfyDm+JVuUGuTSlH4JVIClHXA=
Subject key identifier: 68:4C:48:1D:F6:45:10:8E:20:F1:13:45:A3:C4:4D:BD:86:0B:17:81
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 018CC6B87E916BF00B21D3DF995E95DD1B4E
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/aExIHfZFEI4g8RNFo8RNvYYLF4E.roa
Signing time: Mon 01 Jan 2024 20:30:28 +0000
ROA not before: Mon 01 Jan 2024 20:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31191
IP address blocks: 213.135.93.0/24 maxlen: 25
213.208.185.0/24 maxlen: 25
84.47.137.0/24 maxlen: 25
213.135.68.0/24 maxlen: 25
213.135.75.0/24 maxlen: 25
213.135.76.0/24 maxlen: 25
213.135.78.0/24 maxlen: 25
84.47.188.0/24 maxlen: 25
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:7e:91:6b:f0:0b:21:d3:df:99:5e:95:dd:1b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 1 20:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=684c481df645108e20f11345a3c44dbd860b1781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:8d:30:c3:a6:a7:ab:ba:ad:60:51:ba:eb:
e9:2f:a1:46:a4:08:29:16:2c:da:40:31:75:15:cd:
04:48:ab:a3:b4:be:7b:f4:a8:da:5e:7e:c3:14:b9:
23:84:1b:4b:57:4c:df:cc:34:14:87:26:9c:9d:9a:
0f:e4:b2:92:50:f3:94:9f:67:ed:0e:c5:cd:19:3d:
01:27:1a:11:a0:c3:b8:4e:2e:ed:45:e5:d4:80:9b:
a1:5a:66:6f:7d:2e:80:24:f7:ac:d2:93:a5:22:53:
44:92:31:bf:b3:79:ea:3d:bd:ee:90:6f:96:34:30:
51:b7:ab:38:68:6e:5d:5e:fa:3d:24:95:c4:0d:ae:
f3:1c:7e:af:bb:cd:36:5a:8d:86:17:fa:75:02:45:
2f:7b:4e:6c:3b:c7:d0:10:2c:55:7e:b3:d4:7f:41:
ac:8a:23:ec:6b:19:89:c2:b0:77:1a:17:15:64:72:
c6:a0:aa:f6:e3:91:32:20:28:c7:83:ca:8d:d1:6f:
b8:b5:ae:a9:88:87:6c:29:31:4d:ee:d1:61:b2:08:
1f:30:6f:1d:4a:d0:1d:1e:5d:75:91:cc:22:9a:c9:
d9:44:91:61:e0:91:e0:4c:a1:0e:0e:0d:b5:a5:c1:
7e:43:5c:53:da:ab:00:fe:85:1f:d5:0a:57:c5:8c:
21:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4C:48:1D:F6:45:10:8E:20:F1:13:45:A3:C4:4D:BD:86:0B:17:81
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/aExIHfZFEI4g8RNFo8RNvYYLF4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.137.0/24
84.47.188.0/24
213.135.68.0/24
213.135.75.0-213.135.76.255
213.135.78.0/24
213.135.93.0/24
213.208.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:62:b0:56:25:e5:de:a5:4f:9a:3b:02:af:e2:46:0c:28:c4:
6a:c8:1f:97:6f:51:d9:50:e1:97:1f:a5:d8:36:b5:24:09:bb:
b7:26:fe:72:2b:d7:47:9a:4f:f5:28:ca:84:91:ed:a8:5b:c0:
e0:53:30:56:2d:d6:9d:d4:6a:aa:db:24:17:29:bd:37:67:05:
63:90:62:3a:d4:ce:c9:ba:33:bb:b5:d9:7a:07:bc:d1:50:87:
de:0f:9a:19:7c:cc:9d:f7:10:e9:87:2b:59:5f:fd:0f:b7:d1:
6a:dd:c5:0b:89:23:f2:14:4c:af:9a:b3:fc:48:c8:94:ab:bc:
42:73:9f:6f:66:89:e2:39:c3:3a:69:44:63:67:13:36:0a:f3:
7a:d9:08:b6:77:db:64:6c:27:a8:88:6c:9f:9c:d4:cd:d8:39:
24:23:85:2d:b8:02:4e:75:89:62:b9:9c:b9:3c:33:ce:80:90:
9e:69:4a:9b:5a:96:40:ad:2b:08:5e:9c:61:cf:f3:76:98:a2:
e6:b9:8a:06:9c:f7:09:64:d3:cf:de:0c:f5:3f:94:e2:31:a4:
01:09:e1:2f:91:e4:4e:47:fc:3b:a1:17:bc:fb:9b:34:8f:88:
3a:21:bb:84:0d:36:6c:6a:e2:8d:9c:36:06:2a:41:ad:c7:f8:
41:3d:a2:05
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzGuH6Ra/ALIdPfmV6V3RtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWEwMzliODg2YjIyNjU3OGJkYjZhNDI3ODFiZjU5MDQ0
YmIxMzgwHhcNMjQwMTAxMjAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODRjNDgxZGY2NDUxMDhlMjBmMTEzNDVhM2M0NGRiZDg2MGIxNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5ONMMOmp6u6rWBRuuvpL6FGpAgp
FizaQDF1Fc0ESKujtL579KjaXn7DFLkjhBtLV0zfzDQUhyacnZoP5LKSUPOUn2ft
DsXNGT0BJxoRoMO4Ti7tReXUgJuhWmZvfS6AJPes0pOlIlNEkjG/s3nqPb3ukG+W
NDBRt6s4aG5dXvo9JJXEDa7zHH6vu802Wo2GF/p1AkUve05sO8fQECxVfrPUf0Gs
iiPsaxmJwrB3GhcVZHLGoKr245EyICjHg8qN0W+4ta6piIdsKTFN7tFhsggfMG8d
StAdHl11kcwimsnZRJFh4JHgTKEODg21pcF+Q1xT2qsA/oUf1QpXxYwh8QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGhMSB32RRCOIPETRaPETb2GCxeBMB8GA1UdIwQY
MBaAFPeqA5uIayJleL22pCeBv1kES7E4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWIt
NmY2MjFkNzM2YWZmLzEvYUV4SUhmWkZFSTRnOFJORm84Uk52WVlMRjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWItNmY2MjFkNzM2YWZm
LzEvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVC+JAwQA
VC+8AwQA1YdEMAwDBADVh0sDBADVh0wDBADVh04DBADVh10DBADV0LkwDQYJKoZI
hvcNAQELBQADggEBAKJisFYl5d6lT5o7Aq/iRgwoxGrIH5dvUdlQ4Zcfpdg2tSQJ
u7cm/nIr10eaT/UoyoSR7ahbwOBTMFYt1p3UaqrbJBcpvTdnBWOQYjrUzsm6M7u1
2XoHvNFQh94Pmhl8zJ33EOmHK1lf/Q+30WrdxQuJI/IUTK+as/xIyJSrvEJzn29m
ieI5wzppRGNnEzYK83rZCLZ322RsJ6iIbJ+c1M3YOSQjhS24Ak51iWK5nLk8M86A
kJ5pSptalkCtKwhenGHP83aYoua5igac9wlk08/eDPU/lOIxpAEJ4S+R5E5H/Duh
F7z7mzSPiDohu4QNNmxq4o2cNgYqQa3H+EE9ogU=
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:15:27 2024 by rpki-client on console-fra.rpki-client.org