Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/AxAZUrsO080BrDtNclJ03R5zOj4.roa
File: AxAZUrsO080BrDtNclJ03R5zOj4.roa (raw, json)
Hash identifier: AbBTOY8Hv010cTuCsl/Aw3abYUv+81YBqU0xGovQxdA=
Subject key identifier: 03:10:19:52:BB:0E:D3:CD:01:AC:3B:4D:72:52:74:DD:1E:73:3A:3E
Certificate issuer: /CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Certificate serial: 018CC64B6BBDDF2315982CC2EDA20D5F6075
Authority key identifier: 9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/AxAZUrsO080BrDtNclJ03R5zOj4.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1200
IP address blocks: 91.236.189.0/24 maxlen: 24
193.105.101.0/24 maxlen: 24
185.55.139.0/24 maxlen: 24
185.55.138.0/24 maxlen: 24
185.55.137.0/24 maxlen: 24
185.55.136.0/22 maxlen: 22
185.55.136.0/24 maxlen: 24
91.200.16.0/22 maxlen: 22
195.69.145.0/24 maxlen: 24
195.69.144.0/22 maxlen: 22
195.60.82.128/26 maxlen: 26
2001:67c:1a8::/48 maxlen: 48
2a02:4b60::/32 maxlen: 32
2001:7f8:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.mft
rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 22:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6b:bd:df:23:15:98:2c:c2:ed:a2:0d:5f:60:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03101952bb0ed3cd01ac3b4d725274dd1e733a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:73:9c:1a:61:05:72:ef:8b:6c:1d:b3:15:75:
94:5d:96:d4:57:4a:c6:79:e6:bd:15:e3:15:23:5d:
57:ad:52:d4:55:3e:65:47:7d:e3:8f:45:fc:1e:d0:
68:fa:7d:3d:a2:4f:68:63:ec:f9:e4:5f:5e:5a:84:
76:2a:45:d1:ec:e0:7a:9a:f4:ba:cb:80:7b:0d:6a:
ec:76:85:d4:f9:37:86:8e:38:65:db:10:6e:32:71:
ee:79:0a:d8:75:30:7a:1b:fd:fb:fa:d7:d9:20:87:
98:bc:76:8c:e5:23:34:5b:44:68:da:b6:0e:31:eb:
de:c7:1e:83:38:31:88:f2:84:92:b2:49:4f:dd:1a:
fc:1b:45:16:a6:46:ec:b8:d0:a5:d1:83:de:f3:59:
48:43:fc:97:e2:bb:e2:ed:fa:80:ec:46:8a:b4:8e:
82:35:7d:ec:5c:b9:3d:74:03:e3:f9:55:b9:7b:e2:
a5:f5:01:81:cb:66:ec:d9:1b:f3:5c:0c:18:5a:6a:
05:c6:60:eb:4f:ab:cd:37:fe:39:86:95:69:26:d5:
0a:1b:e0:d3:55:bd:60:0c:cb:9d:96:b5:f7:6c:88:
28:5b:4c:8c:0e:94:bd:0d:bc:8f:ff:f6:99:ab:07:
c2:99:bb:3b:0e:55:99:5d:95:ff:f6:0a:62:2d:9d:
f2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:10:19:52:BB:0E:D3:CD:01:AC:3B:4D:72:52:74:DD:1E:73:3A:3E
X509v3 Authority Key Identifier:
keyid:9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/AxAZUrsO080BrDtNclJ03R5zOj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.16.0/22
91.236.189.0/24
185.55.136.0/22
193.105.101.0/24
195.60.82.128/26
195.69.144.0/22
IPv6:
2001:67c:1a8::/48
2001:7f8:1::/48
2a02:4b60::/32
Signature Algorithm: sha256WithRSAEncryption
73:01:b7:4f:2b:86:13:5e:df:e4:a1:05:f1:f8:59:95:28:19:
09:45:9f:b5:0b:71:88:e6:8b:fa:60:89:bc:f6:bf:e6:0f:d4:
f1:55:5f:19:05:4b:a4:ba:a3:50:c9:93:0f:2d:de:c6:3a:91:
e1:bd:c4:cb:b0:10:2d:32:05:02:44:71:da:ea:99:53:81:d3:
53:68:c5:49:14:cf:15:49:43:8e:2e:29:08:9b:0b:b2:af:bc:
17:17:ff:99:be:19:45:d0:7e:55:29:6e:0f:39:23:1f:87:6d:
70:54:ca:dd:c4:44:c8:1b:1b:0a:ac:13:60:1e:7d:44:6e:b4:
63:23:3b:4d:67:3a:63:d1:83:c7:8c:24:b7:d6:e4:b1:e4:f1:
69:6e:5c:7c:04:6a:63:4b:1a:28:77:e6:0e:4c:56:aa:9b:8b:
b5:ab:04:ab:97:cf:fe:d5:2f:ca:83:ab:d5:96:dc:32:77:c2:
c3:2c:36:ad:21:a7:f1:e2:0f:8e:3b:71:5f:56:4e:61:c8:a0:
c9:41:d7:28:09:d4:2d:15:1c:f4:d4:26:ed:40:0b:11:ba:e8:
ad:2a:fe:65:c8:de:fc:40:6b:32:58:dd:ac:2c:f0:fb:c0:aa:
7f:cd:c4:f4:29:1d:50:df:8c:73:28:6f:ab:18:97:e2:7d:06:
0a:25:f9:89
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzGS2u93yMVmCzC7aINX2B1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNmZiNzk1NDE3OWE5NjY2YjRjYjZhZmUzNDZkMWUyMWVj
MzBlNDUwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzEwMTk1MmJiMGVkM2NkMDFhYzNiNGQ3MjUyNzRkZDFlNzMzYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nOcGmEFcu+LbB2zFXWUXZbUV0rG
eea9FeMVI11XrVLUVT5lR33jj0X8HtBo+n09ok9oY+z55F9eWoR2KkXR7OB6mvS6
y4B7DWrsdoXU+TeGjjhl2xBuMnHueQrYdTB6G/37+tfZIIeYvHaM5SM0W0Ro2rYO
Mevexx6DODGI8oSSsklP3Rr8G0UWpkbsuNCl0YPe81lIQ/yX4rvi7fqA7EaKtI6C
NX3sXLk9dAPj+VW5e+Kl9QGBy2bs2RvzXAwYWmoFxmDrT6vNN/45hpVpJtUKG+DT
Vb1gDMudlrX3bIgoW0yMDpS9DbyP//aZqwfCmbs7DlWZXZX/9gpiLZ3yTQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAMQGVK7DtPNAaw7TXJSdN0eczo+MB8GA1UdIwQY
MBaAFJ9vt5VBealma0y2r+NG0eIeww5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjItM2xVRjVxV1pyVExhdjQwYlI0aDdERGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYTNmZmYtMWE0Mi00MDQ0LWFlOGYt
NzM1NGE3M2JkYTdlLzEvQXhBWlVyc08wODBCckR0TmNsSjAzUjV6T2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYTNmZmYtMWE0Mi00MDQ0LWFlOGYtNzM1NGE3M2JkYTdl
LzEvbjItM2xVRjVxV1pyVExhdjQwYlI0aDdERGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjArBAIAATAlAwQCW8gQAwQA
W+y9AwQCuTeIAwQAwWllAwUGwzxSgAMEAsNFkDAfBAIAAjAZAwcAIAEGfAGoAwcA
IAEH+AABAwUAKgJLYDANBgkqhkiG9w0BAQsFAAOCAQEAcwG3TyuGE17f5KEF8fhZ
lSgZCUWftQtxiOaL+mCJvPa/5g/U8VVfGQVLpLqjUMmTDy3exjqR4b3Ey7AQLTIF
AkRx2uqZU4HTU2jFSRTPFUlDji4pCJsLsq+8Fxf/mb4ZRdB+VSluDzkjH4dtcFTK
3cREyBsbCqwTYB59RG60YyM7TWc6Y9GDx4wkt9bkseTxaW5cfARqY0saKHfmDkxW
qpuLtasEq5fP/tUvyoOr1ZbcMnfCwyw2rSGn8eIPjjtxX1ZOYcigyUHXKAnULRUc
9NQm7UALEbrorSr+Zcje/EBrMljdrCzw+8Cqf83E9CkdUN+McyhvqxiX4n0GCiX5
iQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 03:04:11 2024 by rpki-client on console-fra.rpki-client.org