Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/AfpraJUhSCBmPUtNZ2l-p3IkYFU.roa
File: AfpraJUhSCBmPUtNZ2l-p3IkYFU.roa (raw, json)
Hash identifier: 5jocrDdupGOlnI6L1WEMJUOFJuoXy0/v5uj+Qey+j+s=
Subject key identifier: 01:FA:6B:68:95:21:48:20:66:3D:4B:4D:67:69:7E:A7:72:24:60:55
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 018E2E94C371019CE90427D8D92C2A1F206E
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/AfpraJUhSCBmPUtNZ2l-p3IkYFU.roa
Signing time: Mon 11 Mar 2024 17:34:45 +0000
ROA not before: Mon 11 Mar 2024 17:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5413
IP address blocks: 37.252.60.0/23 maxlen: 24
37.252.62.0/23 maxlen: 24
95.172.224.0/19 maxlen: 24
212.105.160.0/19 maxlen: 24
2a00:10ef::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:94:c3:71:01:9c:e9:04:27:d8:d9:2c:2a:1f:20:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Mar 11 17:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01fa6b6895214820663d4b4d67697ea772246055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:43:1b:8f:8f:46:b3:66:56:08:0d:7a:44:b5:
ca:25:23:16:30:99:64:89:2e:9b:0e:77:7a:d3:7d:
ac:aa:5f:40:72:17:02:41:c3:90:37:4c:a4:ac:b7:
30:19:b7:74:e3:d8:84:cb:e9:e8:e7:4c:f3:6e:75:
09:91:93:eb:60:b0:06:fc:76:20:c3:6e:51:fa:6a:
df:2f:3d:4d:a2:3e:a0:dd:07:99:c4:2e:b0:ec:68:
5f:4b:92:84:d3:54:0a:9f:06:c0:1d:f0:04:95:87:
6f:13:92:b3:67:30:c8:2f:95:56:c9:1e:66:4e:61:
2f:cb:93:50:16:82:d7:be:5e:5b:22:da:35:e4:cd:
89:4b:9d:2d:ba:08:d4:1c:c9:08:1a:ee:07:12:be:
7f:f3:74:71:93:78:7a:4b:57:8c:b4:d4:a0:0c:1f:
a5:49:af:4c:b8:19:22:05:3c:72:ec:ba:32:de:ac:
cc:c8:d4:ba:21:a8:ad:d3:52:11:a9:6f:bb:4d:a3:
60:01:5c:6a:30:39:03:dc:a2:99:af:73:7e:c9:6e:
2b:35:44:a1:c2:09:6d:94:e5:12:07:e6:b4:16:e0:
94:fe:50:84:47:0e:2a:95:e0:87:a7:14:4a:73:4f:
dd:46:69:a2:6d:17:fc:4b:8c:54:8a:b5:b9:0e:2b:
5c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FA:6B:68:95:21:48:20:66:3D:4B:4D:67:69:7E:A7:72:24:60:55
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/AfpraJUhSCBmPUtNZ2l-p3IkYFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.60.0/22
95.172.224.0/19
212.105.160.0/19
IPv6:
2a00:10ef::/32
Signature Algorithm: sha256WithRSAEncryption
26:fa:24:0c:3e:39:c3:2a:cf:52:a2:24:a9:fd:0e:96:6a:e3:
27:6e:dd:3b:01:c5:6b:9e:48:5e:a5:53:10:30:fb:8b:26:ef:
0a:82:35:a9:89:1a:fd:ae:95:a4:58:7a:98:be:97:41:55:d8:
b7:58:eb:f0:b8:a7:75:f0:fe:71:f0:31:9d:46:cd:31:26:6f:
19:c8:29:27:61:90:25:a6:93:b5:25:f6:63:0b:e7:3d:d4:61:
d9:94:a2:fd:8c:2c:99:2a:47:55:1b:65:05:ab:ed:ac:12:3b:
52:58:b1:84:54:af:78:4b:f8:11:b0:26:52:43:44:73:43:19:
36:80:49:58:3d:57:2e:d6:71:f6:e3:c8:7c:0d:87:70:a7:5c:
5e:fd:50:31:0c:f6:50:15:78:da:93:62:9e:93:3f:4b:83:f8:
18:a7:05:fa:f7:63:20:3c:41:4c:b7:7b:3b:b1:49:c5:34:69:
ab:d3:76:03:c8:32:73:73:07:ea:db:9c:79:b0:f0:06:3f:6f:
f6:e2:d7:ca:b7:24:ed:85:74:d9:90:1d:37:9a:dc:c3:03:06:
22:5f:f2:29:d0:ff:f9:62:39:fd:dd:9a:71:4e:45:91:94:d6:
4b:f5:68:2a:fc:79:60:e1:51:40:ac:8f:10:3a:0a:47:bb:d7:
c7:3e:1e:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY4ulMNxAZzpBCfY2SwqHyBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjQwMzExMTczNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZhNmI2ODk1MjE0ODIwNjYzZDRiNGQ2NzY5N2VhNzcyMjQ2MDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEMbj49Gs2ZWCA16RLXKJSMWMJlk
iS6bDnd6032sql9AchcCQcOQN0ykrLcwGbd049iEy+no50zzbnUJkZPrYLAG/HYg
w25R+mrfLz1Noj6g3QeZxC6w7GhfS5KE01QKnwbAHfAElYdvE5KzZzDIL5VWyR5m
TmEvy5NQFoLXvl5bIto15M2JS50tugjUHMkIGu4HEr5/83Rxk3h6S1eMtNSgDB+l
Sa9MuBkiBTxy7Loy3qzMyNS6Iait01IRqW+7TaNgAVxqMDkD3KKZr3N+yW4rNUSh
wgltlOUSB+a0FuCU/lCERw4qleCHpxRKc0/dRmmibRf8S4xUirW5DitcPQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAH6a2iVIUggZj1LTWdpfqdyJGBVMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvQWZwcmFKVWhTQ0JtUFV0TloybC1wM0lrWUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCJfw8AwQF
X6zgAwQF1GmgMA0EAgACMAcDBQAqABDvMA0GCSqGSIb3DQEBCwUAA4IBAQAm+iQM
PjnDKs9SoiSp/Q6WauMnbt07AcVrnkhepVMQMPuLJu8KgjWpiRr9rpWkWHqYvpdB
Vdi3WOvwuKd18P5x8DGdRs0xJm8ZyCknYZAlppO1JfZjC+c91GHZlKL9jCyZKkdV
G2UFq+2sEjtSWLGEVK94S/gRsCZSQ0RzQxk2gElYPVcu1nH248h8DYdwp1xe/VAx
DPZQFXjak2Kekz9Lg/gYpwX692MgPEFMt3s7sUnFNGmr03YDyDJzcwfq25x5sPAG
P2/24tfKtyTthXTZkB03mtzDAwYiX/Ip0P/5Yjn93ZpxTkWRlNZL9Wgq/Hlg4VFA
rI8QOgpHu9fHPh5Q
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:24:18 2024 by rpki-client on console-ams.rpki-client.org