Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/AxdzFFXSdRtvXDMq70gFnhqwwIM.roa
File: AxdzFFXSdRtvXDMq70gFnhqwwIM.roa (raw, json)
Hash identifier: 1URVYMZK7iq2+dcLdvQyEQ3eCr2QzGhA/ihJSYDfomg=
Subject key identifier: 03:17:73:14:55:D2:75:1B:6F:5C:33:2A:EF:48:05:9E:1A:B0:C0:83
Certificate issuer: /CN=588cabf6f523f26e267db03b524347841aaaa465
Certificate serial: 018F7732724A3EE95A23E296BBDCDF0BA6FE
Authority key identifier: 58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/AxdzFFXSdRtvXDMq70gFnhqwwIM.roa
Signing time: Tue 14 May 2024 13:02:25 +0000
ROA not before: Tue 14 May 2024 13:02:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48635
IP address blocks: 62.221.192.0/19 maxlen: 24
86.109.16.0/22 maxlen: 24
94.126.32.0/22 maxlen: 24
109.237.208.0/20 maxlen: 20
185.21.240.0/22 maxlen: 22
185.21.240.0/24 maxlen: 24
185.21.241.0/24 maxlen: 24
185.21.242.0/24 maxlen: 24
185.21.243.0/24 maxlen: 24
185.87.248.0/22 maxlen: 24
2001:1460::/32 maxlen: 48
2a04:1cc0::/29 maxlen: 48
2a05:c4c0::/29 maxlen: 48
2a0d:7980::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:32:72:4a:3e:e9:5a:23:e2:96:bb:dc:df:0b:a6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588cabf6f523f26e267db03b524347841aaaa465
Validity
Not Before: May 14 13:02:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0317731455d2751b6f5c332aef48059e1ab0c083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:23:1c:0f:96:7f:7a:15:72:93:2a:a8:67:5c:
8f:f5:09:63:16:95:24:96:79:f1:86:05:3c:c6:fe:
3e:68:46:a5:93:5c:65:3a:f0:d5:23:97:3c:96:ce:
4a:51:91:a6:c0:76:c7:0a:65:18:2c:d4:73:50:72:
12:65:62:b4:c4:f1:b2:3e:ef:74:85:a3:d1:20:8b:
97:6d:d1:a8:61:98:da:79:19:36:87:8a:ed:c5:91:
d2:c1:67:8d:8c:83:00:11:1f:ce:14:ad:df:89:45:
cb:33:fc:e3:03:72:92:c8:0c:01:de:6d:c1:02:cd:
74:32:ba:ca:75:c6:90:f4:d7:9f:c2:d4:72:a9:4d:
fe:90:7d:c6:98:27:67:67:78:c9:70:cc:d7:78:1a:
51:aa:e7:41:b0:4e:93:b8:5d:a2:a5:12:5d:e7:f5:
af:37:d2:e6:18:cb:23:c1:6b:d6:8a:01:3a:1f:8a:
0c:03:1f:25:de:7f:e6:ce:a9:8d:c5:62:a6:fb:a8:
20:7a:43:0b:5e:84:a7:51:b8:a5:ce:01:01:62:88:
bd:6a:e6:cf:74:c7:37:42:89:48:fd:73:59:b3:eb:
e7:63:6a:64:ad:b7:ee:21:65:e1:b8:70:e6:a4:27:
40:ec:71:b2:0f:1a:74:98:40:d6:c0:68:85:43:27:
09:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:17:73:14:55:D2:75:1B:6F:5C:33:2A:EF:48:05:9E:1A:B0:C0:83
X509v3 Authority Key Identifier:
keyid:58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/AxdzFFXSdRtvXDMq70gFnhqwwIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.192.0/19
86.109.16.0/22
94.126.32.0/22
109.237.208.0/20
185.21.240.0/22
185.87.248.0/22
IPv6:
2001:1460::/32
2a04:1cc0::/29
2a05:c4c0::/29
2a0d:7980::/32
Signature Algorithm: sha256WithRSAEncryption
d2:e4:b2:5f:d5:bb:8b:95:3e:6c:a2:e3:da:0f:39:07:9e:78:
ba:ce:c5:25:2b:d5:f9:06:c4:4d:f1:f8:58:4a:32:72:c2:4f:
a5:0b:d1:9f:49:42:a2:58:9e:de:4e:4f:ea:0d:3e:39:43:bb:
5e:36:7e:d8:c0:a3:16:d9:7e:cd:0f:40:30:e0:7a:4b:5e:3a:
66:ea:b1:80:a4:6f:e1:89:4f:e9:89:03:e6:ac:44:81:2e:0e:
c6:ca:00:85:6e:ae:1b:95:12:79:b0:c6:99:c1:fa:66:b3:0f:
a5:6a:93:40:5a:96:d3:50:bc:78:83:68:26:56:c3:68:02:ef:
f2:69:a8:32:4a:3f:6c:a9:59:89:39:c1:d0:df:19:d0:6a:7d:
e3:1b:f9:72:ff:2d:56:8c:e9:8f:a5:46:66:fa:e2:dd:cc:2e:
c1:85:31:fc:51:c8:2d:a3:ff:e1:90:54:2e:6c:1b:31:e2:1d:
1d:bc:e8:ec:71:7d:86:9a:15:97:f7:d2:bf:fb:c5:79:ab:b9:
11:4c:5c:70:f3:10:5a:74:6f:5c:b1:da:d6:56:91:21:83:d1:
0c:d1:2e:60:3e:5f:60:90:f4:70:40:ee:d3:31:ff:e6:ea:8e:
b1:2a:30:af:48:ae:5b:33:0d:0b:87:13:40:a0:e3:ef:a8:70:
48:c5:17:8a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY93MnJKPulaI+KWu9zfC6b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGNhYmY2ZjUyM2YyNmUyNjdkYjAzYjUyNDM0Nzg0MWFh
YWE0NjUwHhcNMjQwNTE0MTMwMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzE3NzMxNDU1ZDI3NTFiNmY1YzMzMmFlZjQ4MDU5ZTFhYjBjMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryMcD5Z/ehVykyqoZ1yP9QljFpUk
lnnxhgU8xv4+aEalk1xlOvDVI5c8ls5KUZGmwHbHCmUYLNRzUHISZWK0xPGyPu90
haPRIIuXbdGoYZjaeRk2h4rtxZHSwWeNjIMAER/OFK3fiUXLM/zjA3KSyAwB3m3B
As10MrrKdcaQ9NefwtRyqU3+kH3GmCdnZ3jJcMzXeBpRqudBsE6TuF2ipRJd5/Wv
N9LmGMsjwWvWigE6H4oMAx8l3n/mzqmNxWKm+6ggekMLXoSnUbilzgEBYoi9aubP
dMc3QolI/XNZs+vnY2pkrbfuIWXhuHDmpCdA7HGyDxp0mEDWwGiFQycJ1wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAMXcxRV0nUbb1wzKu9IBZ4asMCDMB8GA1UdIwQY
MBaAFFiMq/b1I/JuJn2wO1JDR4QaqqRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQt
NmFkMzI1MmExNDI3LzEvQXhkekZGWFNkUnR2WERNcTcwZ0ZuaHF3d0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQtNmFkMzI1MmExNDI3
LzEvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQFPt3AAwQC
Vm0QAwQCXn4gAwQEbe3QAwQCuRXwAwQCuVf4MCIEAgACMBwDBQAgARRgAwUDKgQc
wAMFAyoFxMADBQAqDXmAMA0GCSqGSIb3DQEBCwUAA4IBAQDS5LJf1buLlT5souPa
DzkHnni6zsUlK9X5BsRN8fhYSjJywk+lC9GfSUKiWJ7eTk/qDT45Q7teNn7YwKMW
2X7ND0Aw4HpLXjpm6rGApG/hiU/piQPmrESBLg7GygCFbq4blRJ5sMaZwfpmsw+l
apNAWpbTULx4g2gmVsNoAu/yaagySj9sqVmJOcHQ3xnQan3jG/ly/y1WjOmPpUZm
+uLdzC7BhTH8Ucgto//hkFQubBsx4h0dvOjscX2GmhWX99K/+8V5q7kRTFxw8xBa
dG9csdrWVpEhg9EM0S5gPl9gkPRwQO7TMf/m6o6xKjCvSK5bMw0LhxNAoOPvqHBI
xReK
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:53:10 2024 by rpki-client on console-ams.rpki-client.org