Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/ARZe-UB5Yhnf8Ip3SWkfTTSsPjs.roa
File: ARZe-UB5Yhnf8Ip3SWkfTTSsPjs.roa (raw, json)
Hash identifier: AbMi0rC9MeHXn46z4RzsiB/TG3D3djjcWWVbu9MN750=
Subject key identifier: 01:16:5E:F9:40:79:62:19:DF:F0:8A:77:49:69:1F:4D:34:AC:3E:3B
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 018CCA990D5CA211042FE47910F0DAEF1AFB
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/ARZe-UB5Yhnf8Ip3SWkfTTSsPjs.roa
Signing time: Tue 02 Jan 2024 14:34:37 +0000
ROA not before: Tue 02 Jan 2024 14:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34081
IP address blocks: 84.33.16.0/23 maxlen: 24
217.70.144.0/20 maxlen: 24
193.188.28.0/22 maxlen: 24
31.14.163.0/24 maxlen: 25
172.83.81.0/24 maxlen: 25
84.33.192.0/18 maxlen: 24
84.33.0.0/18 maxlen: 24
2001:1a38::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:0d:5c:a2:11:04:2f:e4:79:10:f0:da:ef:1a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 2 14:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01165ef940796219dff08a7749691f4d34ac3e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2a:54:63:cf:24:bd:c5:7a:96:b4:90:2c:64:
d1:f3:91:75:66:a4:29:86:f9:05:bc:1b:57:31:40:
ea:23:dd:99:4c:8c:be:53:57:e4:0f:9a:fd:c3:a4:
ad:91:85:f2:ac:1a:24:a6:48:4f:ca:73:0e:9c:48:
28:0c:bd:b2:88:03:10:de:2b:ea:db:1a:e1:ba:df:
65:50:1e:b7:8e:08:14:df:a8:02:69:9b:57:a6:b8:
09:69:0d:10:7b:3b:fe:4a:24:28:cc:e1:b7:8d:cb:
85:3f:18:98:ea:5a:0e:08:92:07:c2:fd:df:00:62:
1b:f4:36:1a:18:8f:24:d5:73:1b:72:c1:5c:3a:0f:
35:28:d7:06:83:30:40:a4:ab:16:6a:8f:86:91:0c:
2c:16:fc:3d:df:fd:18:bd:31:d5:0d:08:76:83:e2:
73:9b:c3:29:fa:0c:7b:9e:0f:e8:2b:64:c6:89:10:
d4:98:39:b0:c2:03:39:24:88:05:ec:ff:9f:9f:7f:
33:92:a2:f8:78:e7:b9:be:fb:84:e8:42:78:57:1a:
3c:1b:0a:f0:18:2f:26:d8:0f:de:9c:77:93:40:63:
38:00:b5:45:6d:bc:0b:5a:3b:35:27:8d:70:73:c3:
72:14:bd:5c:01:ac:41:64:5f:49:d9:b4:d4:5f:9e:
65:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:16:5E:F9:40:79:62:19:DF:F0:8A:77:49:69:1F:4D:34:AC:3E:3B
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/ARZe-UB5Yhnf8Ip3SWkfTTSsPjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.163.0/24
84.33.0.0/18
84.33.192.0/18
172.83.81.0/24
193.188.28.0/22
217.70.144.0/20
IPv6:
2001:1a38::/32
Signature Algorithm: sha256WithRSAEncryption
0a:ae:14:37:8f:0f:4a:d7:8c:0c:f0:9e:ed:65:30:40:ac:f9:
32:be:9b:09:95:c3:00:d8:4f:61:78:af:d5:db:58:ea:dc:de:
dd:c7:99:73:bb:61:9b:69:d4:f6:9f:85:86:64:f0:08:38:4b:
fc:db:4c:64:c7:7b:d8:b7:a8:5c:5b:a3:f2:da:9e:09:09:68:
99:21:ba:74:65:59:9a:88:36:11:80:68:fd:61:f2:ae:f8:6f:
ba:98:3d:67:41:75:7c:c6:9b:b2:8e:b8:9c:a4:ed:7b:8a:41:
2c:ca:93:15:9a:56:a9:01:6f:e5:20:1b:90:a0:92:d6:29:be:
b6:f0:7e:19:89:9b:01:3d:bd:9e:5a:5f:29:b1:96:ee:f5:ab:
d4:2f:71:45:2b:10:8b:de:8a:57:28:22:8a:f5:e5:14:43:23:
59:30:4b:18:dd:a1:96:99:de:4f:6f:13:a1:35:77:3d:ec:13:
85:fe:57:65:d0:4a:be:77:9a:7f:80:8e:7c:9b:72:e2:fc:c5:
33:0b:c0:41:50:f7:7d:02:d7:79:3b:9e:b1:19:de:a3:ce:09:
ba:42:24:82:ea:c4:23:8c:ff:86:16:0a:a0:59:2e:d4:aa:16:
95:cc:a4:1b:07:d6:4c:48:07:0b:dd:03:ee:d6:76:b3:8c:aa:
df:c4:7d:29
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzKmQ1cohEEL+R5EPDa7xr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm
NWE1OWQwHhcNMjQwMTAyMTQzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTE2NWVmOTQwNzk2MjE5ZGZmMDhhNzc0OTY5MWY0ZDM0YWMzZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApipUY88kvcV6lrSQLGTR85F1ZqQp
hvkFvBtXMUDqI92ZTIy+U1fkD5r9w6StkYXyrBokpkhPynMOnEgoDL2yiAMQ3ivq
2xrhut9lUB63jggU36gCaZtXprgJaQ0Qezv+SiQozOG3jcuFPxiY6loOCJIHwv3f
AGIb9DYaGI8k1XMbcsFcOg81KNcGgzBApKsWao+GkQwsFvw93/0YvTHVDQh2g+Jz
m8Mp+gx7ng/oK2TGiRDUmDmwwgM5JIgF7P+fn38zkqL4eOe5vvuE6EJ4Vxo8Gwrw
GC8m2A/enHeTQGM4ALVFbbwLWjs1J41wc8NyFL1cAaxBZF9J2bTUX55l8wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAEWXvlAeWIZ3/CKd0lpH000rD47MB8GA1UdIwQY
MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt
MTFhZmI0OTkyZWVmLzEvQVJaZS1VQjVZaG5mOElwM1NXa2ZUVFNzUGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm
LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHw6jAwQG
VCEAAwQGVCHAAwQArFNRAwQCwbwcAwQE2UaQMA0EAgACMAcDBQAgARo4MA0GCSqG
SIb3DQEBCwUAA4IBAQAKrhQ3jw9K14wM8J7tZTBArPkyvpsJlcMA2E9heK/V21jq
3N7dx5lzu2GbadT2n4WGZPAIOEv820xkx3vYt6hcW6Py2p4JCWiZIbp0ZVmaiDYR
gGj9YfKu+G+6mD1nQXV8xpuyjricpO17ikEsypMVmlapAW/lIBuQoJLWKb628H4Z
iZsBPb2eWl8psZbu9avUL3FFKxCL3opXKCKK9eUUQyNZMEsY3aGWmd5PbxOhNXc9
7BOF/ldl0Eq+d5p/gI58m3Li/MUzC8BBUPd9Atd5O56xGd6jzgm6QiSC6sQjjP+G
FgqgWS7UqhaVzKQbB9ZMSAcL3QPu1nazjKrfxH0p
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:34:05 2024 by rpki-client on console-ams.rpki-client.org