Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/AROH3stmLy3bZ87mCXvMTzn7vfI.roa
File: AROH3stmLy3bZ87mCXvMTzn7vfI.roa (raw, json)
Hash identifier: PQdyGgnKO8/qDtbnpFDxuegB3KYGJsiThASMC/rJqb4=
Subject key identifier: 01:13:87:DE:CB:66:2F:2D:DB:67:CE:E6:09:7B:CC:4F:39:FB:BD:F2
Certificate issuer: /CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Certificate serial: 018CC424EC140EE7789F1C0E564FB378BEDC
Authority key identifier: A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/AROH3stmLy3bZ87mCXvMTzn7vfI.roa
Signing time: Mon 01 Jan 2024 08:30:03 +0000
ROA not before: Mon 01 Jan 2024 08:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21436
IP address blocks: 193.108.165.0/24 maxlen: 24
2001:67c:17b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ec:14:0e:e7:78:9f:1c:0e:56:4f:b3:78:be:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Validity
Not Before: Jan 1 08:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=011387decb662f2ddb67cee6097bcc4f39fbbdf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1f:f5:e7:fe:06:51:56:81:06:a1:8d:c3:75:
88:e0:d2:4a:75:21:ae:47:01:c0:20:e8:3e:cd:bc:
86:0a:fa:72:6d:57:31:df:ec:20:35:48:e1:e5:d5:
32:e5:e2:70:f1:1f:f8:62:79:53:66:8d:4b:79:13:
78:d3:f2:e6:34:07:df:f5:3e:0a:d5:7f:4a:05:5c:
e9:99:46:87:46:be:e3:29:e7:9f:f0:a5:26:b6:fc:
aa:90:2e:dd:8d:75:1e:6c:91:19:6d:c1:7b:bd:2c:
b8:01:91:a2:e4:3f:d8:a1:5d:a8:36:14:8c:85:84:
ed:d1:90:59:7b:fa:ab:91:e2:ab:8f:96:e6:6d:8e:
b3:b0:6d:79:be:f1:39:36:16:db:96:13:b9:9e:ab:
5d:3a:a4:4f:11:6c:0b:29:54:8e:50:5f:5e:6f:6e:
86:c1:a1:81:25:cc:a7:d5:3a:2e:d8:48:3e:33:e8:
0e:11:ba:70:de:00:1a:78:76:5a:56:f5:b9:27:dc:
32:1f:b5:d2:b2:43:b3:7f:8a:f7:5a:69:bc:8d:61:
93:31:ad:8d:38:1e:ec:16:85:cc:4e:de:54:05:41:
2a:96:96:bf:d1:0c:17:c1:cf:13:13:0e:61:c3:89:
cb:68:37:21:b4:64:fa:2e:9c:65:05:88:88:24:84:
3b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:13:87:DE:CB:66:2F:2D:DB:67:CE:E6:09:7B:CC:4F:39:FB:BD:F2
X509v3 Authority Key Identifier:
keyid:A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/AROH3stmLy3bZ87mCXvMTzn7vfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.165.0/24
IPv6:
2001:67c:17b0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ca:53:3e:f6:4a:87:04:43:9e:33:5b:b1:f1:3c:cd:b3:08:
79:79:e3:50:88:42:c2:8a:ca:21:3c:64:0a:10:57:77:9a:9b:
a4:e8:f1:08:67:3e:27:00:f5:b9:9a:93:bf:ae:28:fe:3d:5b:
19:b9:5d:0d:64:50:c8:b0:73:09:f7:0b:62:6c:c1:87:80:46:
52:d6:6b:0e:10:3b:25:84:55:a1:e2:50:27:66:62:0f:d0:0d:
f2:a3:ca:d6:e5:32:4b:2e:b9:8d:20:40:6a:37:c7:ee:21:60:
ea:f0:d5:0c:b2:02:c5:0c:a7:91:3a:7d:81:3b:8a:8c:ab:cb:
d2:c0:7f:52:05:71:c8:09:e6:62:a6:45:75:d0:0f:96:6c:d2:
1b:da:09:f1:6e:56:42:23:61:50:fd:a6:8b:85:a1:64:ed:d2:
77:a0:41:fa:cf:ca:75:15:fe:7b:9f:69:68:48:90:5c:ba:6f:
e5:eb:a3:b7:3f:03:73:4a:2a:e9:fb:f6:d6:30:23:21:73:63:
db:f0:ba:c1:82:2d:de:19:35:90:ec:65:82:79:92:db:bb:47:
01:b0:7b:2e:fb:54:5e:98:36:ed:38:b8:df:91:6f:c9:48:2e:
8d:8d:1c:ce:46:1c:b7:40:7c:ae:ca:6e:40:2a:75:b8:4a:72:
18:e6:cb:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJOwUDud4nxwOVk+zeL7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDBjNzUxZWJmYjQ4MDdkODQ2MjJlODA2Y2IzZDBiOWRk
ODEwNjkwHhcNMjQwMTAxMDgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTEzODdkZWNiNjYyZjJkZGI2N2NlZTYwOTdiY2M0ZjM5ZmJiZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB/15/4GUVaBBqGNw3WI4NJKdSGu
RwHAIOg+zbyGCvpybVcx3+wgNUjh5dUy5eJw8R/4YnlTZo1LeRN40/LmNAff9T4K
1X9KBVzpmUaHRr7jKeef8KUmtvyqkC7djXUebJEZbcF7vSy4AZGi5D/YoV2oNhSM
hYTt0ZBZe/qrkeKrj5bmbY6zsG15vvE5NhbblhO5nqtdOqRPEWwLKVSOUF9eb26G
waGBJcyn1Tou2Eg+M+gOEbpw3gAaeHZaVvW5J9wyH7XSskOzf4r3Wmm8jWGTMa2N
OB7sFoXMTt5UBUEqlpa/0QwXwc8TEw5hw4nLaDchtGT6LpxlBYiIJIQ7VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAETh97LZi8t22fO5gl7zE85+73yMB8GA1UdIwQY
MBaAFKZAx1Hr+0gH2EYi6AbLPQud2BBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMt
MDI2YjhjZjY5MWJhLzEvQVJPSDNzdG1MeTNiWjg3bUNYdk1Uem43dmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMtMDI2YjhjZjY5MWJh
LzEvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWylMA8E
AgACMAkDBwAgAQZ8F7AwDQYJKoZIhvcNAQELBQADggEBADvKUz72SocEQ54zW7Hx
PM2zCHl541CIQsKKyiE8ZAoQV3eam6To8QhnPicA9bmak7+uKP49Wxm5XQ1kUMiw
cwn3C2JswYeARlLWaw4QOyWEVaHiUCdmYg/QDfKjytblMksuuY0gQGo3x+4hYOrw
1QyyAsUMp5E6fYE7ioyry9LAf1IFccgJ5mKmRXXQD5Zs0hvaCfFuVkIjYVD9pouF
oWTt0negQfrPynUV/nufaWhIkFy6b+Xro7c/A3NKKun79tYwIyFzY9vwusGCLd4Z
NZDsZYJ5ktu7RwGwey77VF6YNu04uN+Rb8lILo2NHM5GHLdAfK7KbkAqdbhKchjm
yxc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:34 2024 by rpki-client on console-ams.rpki-client.org