Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/Aue8iKahlHB6eZppZuvN64zKcn0.roa
File: Aue8iKahlHB6eZppZuvN64zKcn0.roa (raw, json)
Hash identifier: +zBy4IJRbHl0SdW8ksCb2LS+x9Et9H8RB3W1+Tz/Zh4=
Subject key identifier: 02:E7:BC:88:A6:A1:94:70:7A:79:9A:69:66:EB:CD:EB:8C:CA:72:7D
Certificate issuer: /CN=9c4d86afb59f1d9dd16c1125009b998382e36ed3
Certificate serial: 018CC56F0135A7EDF199C5F80BE40DC51110
Authority key identifier: 9C:4D:86:AF:B5:9F:1D:9D:D1:6C:11:25:00:9B:99:83:82:E3:6E:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/Aue8iKahlHB6eZppZuvN64zKcn0.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48847
IP address blocks: 193.84.118.0/24 maxlen: 24
193.84.115.0/26 maxlen: 26
193.84.114.0/23 maxlen: 23
193.84.114.224/27 maxlen: 27
193.84.114.0/24 maxlen: 24
193.84.118.0/26 maxlen: 26
193.84.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:01:35:a7:ed:f1:99:c5:f8:0b:e4:0d:c5:11:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4d86afb59f1d9dd16c1125009b998382e36ed3
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02e7bc88a6a194707a799a6966ebcdeb8cca727d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:44:15:36:dc:7c:0c:41:c8:3a:b6:b9:56:33:
88:c7:15:64:c0:94:c4:07:b6:7c:62:61:8d:80:5a:
3e:1c:8c:0e:5c:65:b0:45:42:73:98:a4:17:8a:6f:
99:2d:7b:fc:e0:5e:24:18:39:a3:ab:ec:be:a0:ae:
2e:1b:47:0b:37:5e:c1:41:fb:49:90:2c:a0:31:99:
e9:98:18:66:ac:d4:80:15:d1:07:00:d4:ba:a0:37:
63:b4:c3:66:ab:48:6d:2d:89:6e:bb:33:8f:66:8a:
c3:e4:81:89:20:e0:b1:00:ef:3b:f4:b0:d5:88:85:
92:5b:38:53:4f:4b:c4:80:aa:66:f1:4b:55:69:39:
48:8f:48:07:71:aa:60:69:4b:c3:5a:51:b1:1b:c3:
99:42:bc:1a:30:25:46:82:53:25:19:e8:2a:64:a5:
9b:47:fc:ab:12:0f:13:31:b3:fe:c2:72:76:5c:4c:
3e:2b:83:b8:7f:49:ae:c8:3a:72:a3:02:af:a1:54:
33:ff:bf:70:f3:50:15:70:4d:77:fa:cc:65:ec:92:
8e:0f:00:06:b6:4d:52:ed:4a:f6:ea:9a:77:a6:e5:
8b:37:50:9a:8a:98:4c:60:f8:c5:ec:79:8b:01:87:
24:16:08:91:16:6f:10:f3:26:d3:73:2d:a5:74:c8:
e0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E7:BC:88:A6:A1:94:70:7A:79:9A:69:66:EB:CD:EB:8C:CA:72:7D
X509v3 Authority Key Identifier:
keyid:9C:4D:86:AF:B5:9F:1D:9D:D1:6C:11:25:00:9B:99:83:82:E3:6E:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/Aue8iKahlHB6eZppZuvN64zKcn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.114.0/23
193.84.118.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c4:c5:4e:1f:6b:6d:c7:6d:35:c9:bb:65:49:ec:b1:c3:17:
04:42:5d:ae:49:0c:cc:d7:c1:55:75:fd:5e:e7:b6:fc:ee:e6:
cd:91:3a:9a:0e:4c:1e:16:b6:ab:84:86:76:c6:d6:4b:a0:58:
23:1d:49:57:1f:40:20:a1:65:7e:e5:ff:1a:17:ad:db:5a:51:
9b:63:0e:54:21:13:96:b9:5c:35:9f:cc:60:19:32:b1:5c:64:
7f:f0:84:aa:59:b9:e1:15:f8:cb:1a:10:f9:a1:c0:3c:88:40:
ca:d0:ad:16:aa:7b:61:bc:df:74:19:02:82:0c:65:91:b7:24:
0e:6d:36:47:b0:fc:7b:aa:82:ae:14:83:f3:91:25:cb:99:45:
1d:c7:3a:eb:30:2b:21:c6:f0:ae:b6:ed:e1:5a:8d:1f:91:8e:
93:b5:47:66:16:f8:7e:37:d7:4d:de:c8:87:42:83:1b:da:1a:
b7:0e:4e:29:f7:bd:fe:97:14:85:da:62:0f:db:da:f7:58:53:
85:65:7e:ae:a6:7b:0d:5a:a9:3e:61:04:c9:47:2f:ea:64:65:
83:0b:9a:c6:92:fe:2e:cc:1c:3e:70:97:ec:a3:ac:7e:70:3d:
be:60:6a:51:24:76:0d:51:4f:43:be:82:b5:f0:55:bc:0c:2f:
da:1a:ed:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbwE1p+3xmcX4C+QNxREQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNGQ4NmFmYjU5ZjFkOWRkMTZjMTEyNTAwOWI5OTgzODJl
MzZlZDMwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU3YmM4OGE2YTE5NDcwN2E3OTlhNjk2NmViY2RlYjhjY2E3MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkQVNtx8DEHIOra5VjOIxxVkwJTE
B7Z8YmGNgFo+HIwOXGWwRUJzmKQXim+ZLXv84F4kGDmjq+y+oK4uG0cLN17BQftJ
kCygMZnpmBhmrNSAFdEHANS6oDdjtMNmq0htLYluuzOPZorD5IGJIOCxAO879LDV
iIWSWzhTT0vEgKpm8UtVaTlIj0gHcapgaUvDWlGxG8OZQrwaMCVGglMlGegqZKWb
R/yrEg8TMbP+wnJ2XEw+K4O4f0muyDpyowKvoVQz/79w81AVcE13+sxl7JKODwAG
tk1S7Ur26pp3puWLN1CaiphMYPjF7HmLAYckFgiRFm8Q8ybTcy2ldMjgowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFALnvIimoZRwenmaaWbrzeuMynJ9MB8GA1UdIwQY
MBaAFJxNhq+1nx2d0WwRJQCbmYOC427TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkUyR3I3V2ZIWjNSYkJFbEFKdVpnNExqYnRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83NmRjMjUtYjM4OS00MDI0LWJmMjgt
ZjRmMDU2MWI3YTU3LzEvQXVlOGlLYWhsSEI2ZVpwcFp1dk42NHpLY24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83NmRjMjUtYjM4OS00MDI0LWJmMjgtZjRmMDU2MWI3YTU3
LzEvbkUyR3I3V2ZIWjNSYkJFbEFKdVpnNExqYnRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwVRyAwQA
wVR2MA0GCSqGSIb3DQEBCwUAA4IBAQAJxMVOH2ttx201ybtlSeyxwxcEQl2uSQzM
18FVdf1e57b87ubNkTqaDkweFrarhIZ2xtZLoFgjHUlXH0AgoWV+5f8aF63bWlGb
Yw5UIROWuVw1n8xgGTKxXGR/8ISqWbnhFfjLGhD5ocA8iEDK0K0WqnthvN90GQKC
DGWRtyQObTZHsPx7qoKuFIPzkSXLmUUdxzrrMCshxvCutu3hWo0fkY6TtUdmFvh+
N9dN3siHQoMb2hq3Dk4p973+lxSF2mIP29r3WFOFZX6upnsNWqk+YQTJRy/qZGWD
C5rGkv4uzBw+cJfso6x+cD2+YGpRJHYNUU9DvoK18FW8DC/aGu2S
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:53:59 2024 by rpki-client on console-fra.rpki-client.org