Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/farLJvep4zi2ARshamisEx8uvDU.roa
File: farLJvep4zi2ARshamisEx8uvDU.roa (raw, json)
Hash identifier: IA5VbYCHp/uFPA+KmFf7NszGzJftrZEHs2URPta6748=
Subject key identifier: 7D:AA:CB:26:F7:A9:E3:38:B6:01:1B:21:6A:68:AC:13:1F:2E:BC:35
Certificate issuer: /CN=af93102511e660263f8ef6e4c1f9ab32393839b2
Certificate serial: 018CC64B18ABECFFF24F828105F3DDA4F81C
Authority key identifier: AF:93:10:25:11:E6:60:26:3F:8E:F6:E4:C1:F9:AB:32:39:38:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/farLJvep4zi2ARshamisEx8uvDU.roa
Signing time: Mon 01 Jan 2024 18:30:59 +0000
ROA not before: Mon 01 Jan 2024 18:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62121
IP address blocks: 193.200.90.0/23 maxlen: 23
2001:67c:564::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:18:ab:ec:ff:f2:4f:82:81:05:f3:dd:a4:f8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af93102511e660263f8ef6e4c1f9ab32393839b2
Validity
Not Before: Jan 1 18:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7daacb26f7a9e338b6011b216a68ac131f2ebc35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4f:b8:71:83:da:61:45:d4:40:34:c8:1d:4c:
11:37:5f:0d:4f:cd:d3:4d:59:6c:62:99:31:96:cf:
a2:1d:43:77:0f:ef:fd:04:e4:ef:14:55:b1:1f:fe:
92:3b:17:54:e1:5c:32:1b:14:89:a0:b3:9d:4c:b0:
60:e8:e8:30:30:13:8c:81:38:80:97:ae:21:58:f6:
ef:ec:a2:5f:a3:de:90:66:d6:47:02:88:f4:b6:2e:
af:48:9d:1b:ad:70:fe:69:49:0e:5f:83:0f:40:c0:
7e:c5:41:12:06:0a:ce:5a:db:dd:a2:db:a7:9a:11:
04:d7:cf:98:1a:1a:03:ae:4c:5f:4d:73:c1:4e:45:
5f:e9:2c:44:77:48:96:6c:0d:ec:6a:63:86:19:27:
3c:56:97:40:8f:d2:31:77:6d:9e:d5:1f:e3:7d:6f:
11:4b:cd:d2:c4:eb:88:ec:95:de:14:ea:f8:57:2b:
da:48:95:c7:82:07:3b:3d:10:10:68:5e:c1:bb:e4:
49:23:b0:f5:be:4d:fe:cc:3e:15:c2:ec:43:81:03:
96:e8:23:ec:b2:41:94:bc:bb:47:8d:07:9a:33:49:
b1:ec:fe:72:92:1b:ac:86:2f:53:8f:ea:24:3b:37:
35:18:5b:bd:2a:3d:ba:65:ba:db:2c:56:9b:7c:d1:
a8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AA:CB:26:F7:A9:E3:38:B6:01:1B:21:6A:68:AC:13:1F:2E:BC:35
X509v3 Authority Key Identifier:
keyid:AF:93:10:25:11:E6:60:26:3F:8E:F6:E4:C1:F9:AB:32:39:38:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/farLJvep4zi2ARshamisEx8uvDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.90.0/23
IPv6:
2001:67c:564::/48
Signature Algorithm: sha256WithRSAEncryption
14:c1:92:39:d3:29:f9:c3:3f:c0:c4:8c:c2:a3:74:aa:91:b2:
3d:3f:f7:ee:29:dc:34:01:c5:3e:db:6f:9e:1d:e6:62:6c:e8:
7b:cd:d8:f0:dd:59:78:c8:c3:8c:8c:2a:37:83:b7:c8:c1:9d:
2c:3c:b0:ff:28:4d:c6:69:7b:f8:9a:7a:2a:bc:91:3a:31:76:
c0:f9:b0:ea:6a:72:58:bf:fc:a5:82:c9:bd:04:dd:7d:50:8c:
8d:f0:59:62:a5:5a:41:5b:f0:b0:21:fa:40:ab:0d:11:71:07:
3a:e1:71:b7:f1:53:a0:93:c5:00:b1:02:55:2d:df:f5:f3:2b:
70:5b:b4:d3:e2:01:24:73:47:f8:6b:b7:e8:63:a7:a7:55:d3:
2e:a8:e2:7a:95:ba:db:41:06:30:7f:03:a5:d8:6b:1b:9a:0f:
c3:e9:b8:1a:03:f6:a1:98:80:96:bf:41:77:0b:d3:4b:50:11:
4f:ad:cc:63:2d:1d:66:f8:c5:bd:30:64:49:61:e3:59:c4:95:
b6:01:4b:83:1d:e7:0c:80:b0:5a:80:da:6e:f7:a8:10:42:14:
66:40:84:86:28:c8:0f:50:d7:6c:f2:d7:89:30:72:23:34:e8:
67:03:74:7e:e6:ff:c4:a6:89:31:58:0a:22:f7:36:b9:52:4b:
82:52:3c:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSxir7P/yT4KBBfPdpPgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTMxMDI1MTFlNjYwMjYzZjhlZjZlNGMxZjlhYjMyMzkz
ODM5YjIwHhcNMjQwMTAxMTgzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFhY2IyNmY3YTllMzM4YjYwMTFiMjE2YTY4YWMxMzFmMmViYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU+4cYPaYUXUQDTIHUwRN18NT83T
TVlsYpkxls+iHUN3D+/9BOTvFFWxH/6SOxdU4VwyGxSJoLOdTLBg6OgwMBOMgTiA
l64hWPbv7KJfo96QZtZHAoj0ti6vSJ0brXD+aUkOX4MPQMB+xUESBgrOWtvdotun
mhEE18+YGhoDrkxfTXPBTkVf6SxEd0iWbA3samOGGSc8VpdAj9Ixd22e1R/jfW8R
S83SxOuI7JXeFOr4VyvaSJXHggc7PRAQaF7Bu+RJI7D1vk3+zD4VwuxDgQOW6CPs
skGUvLtHjQeaM0mx7P5ykhushi9Tj+okOzc1GFu9Kj26ZbrbLFabfNGo6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2qyyb3qeM4tgEbIWporBMfLrw1MB8GA1UdIwQY
MBaAFK+TECUR5mAmP4725MH5qzI5ODmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVNUUpSSG1ZQ1lfanZia3dmbXJNams0T2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kMTZlOTYtMDMxMy00YzliLTljMDkt
YTk1ZmUzMTAyNjQ1LzEvZmFyTEp2ZXA0emkyQVJzaGFtaXNFeDh1dkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kMTZlOTYtMDMxMy00YzliLTljMDktYTk1ZmUzMTAyNjQ1
LzEvcjVNUUpSSG1ZQ1lfanZia3dmbXJNams0T2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwchaMA8E
AgACMAkDBwAgAQZ8BWQwDQYJKoZIhvcNAQELBQADggEBABTBkjnTKfnDP8DEjMKj
dKqRsj0/9+4p3DQBxT7bb54d5mJs6HvN2PDdWXjIw4yMKjeDt8jBnSw8sP8oTcZp
e/iaeiq8kToxdsD5sOpqcli//KWCyb0E3X1QjI3wWWKlWkFb8LAh+kCrDRFxBzrh
cbfxU6CTxQCxAlUt3/XzK3BbtNPiASRzR/hrt+hjp6dV0y6o4nqVuttBBjB/A6XY
axuaD8PpuBoD9qGYgJa/QXcL00tQEU+tzGMtHWb4xb0wZElh41nElbYBS4Md5wyA
sFqA2m73qBBCFGZAhIYoyA9Q12zy14kwciM06GcDdH7m/8SmiTFYCiL3NrlSS4JS
PPw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:38:13 2024 by rpki-client on console-fra.rpki-client.org