Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AyfnL8v8N3x1kZ8SBp2iLWaWZlE.roa
File: AyfnL8v8N3x1kZ8SBp2iLWaWZlE.roa (raw, json)
Hash identifier: OAjeA5YolUQYQetyssEeK6Z8FCWJ7il8U+3fGUDSMBE=
Subject key identifier: 03:27:E7:2F:CB:FC:37:7C:75:91:9F:12:06:9D:A2:2D:66:96:66:51
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F058BA491A35F92AF2772A9ACBD25CD0D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AyfnL8v8N3x1kZ8SBp2iLWaWZlE.roa
Signing time: Mon 22 Apr 2024 11:23:08 +0000
ROA not before: Mon 22 Apr 2024 11:23:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149440
IP address blocks: 216.173.64.0/24 maxlen: 24
216.173.65.0/24 maxlen: 24
216.173.66.0/24 maxlen: 24
216.173.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:8b:a4:91:a3:5f:92:af:27:72:a9:ac:bd:25:cd:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 22 11:23:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0327e72fcbfc377c75919f12069da22d66966651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6a:18:d4:f8:41:8c:cc:48:90:61:5b:82:60:
0e:2e:18:c4:b0:78:48:15:01:cc:47:cb:f1:3f:a6:
4f:c2:46:11:40:60:c2:3c:c0:ab:9f:f3:d2:44:ef:
75:f4:5d:8e:48:42:6a:3c:76:a1:30:62:bd:f8:40:
b7:b7:f5:e9:ec:27:e6:95:9d:f0:59:d6:75:a0:e5:
da:2e:72:d7:ce:4e:f5:71:12:49:53:84:8e:c1:14:
08:6e:4e:ca:3e:48:e2:e2:30:47:0d:39:60:77:19:
af:1e:44:6e:59:03:2f:07:79:49:83:db:0d:02:2e:
06:a0:42:dc:95:9c:2e:7e:0e:6d:96:1e:d1:c8:ef:
d2:ef:3e:51:18:65:54:a7:e5:0b:35:74:25:68:9a:
40:32:b6:84:9c:5e:8a:cb:8a:dc:9c:42:f6:bc:0b:
03:48:a4:45:5f:f8:b1:20:ce:4e:a3:ce:6a:cf:96:
ac:e1:5a:f2:6c:c2:7a:bf:e5:70:3d:98:a5:88:cf:
ca:96:dc:aa:6c:9e:8c:77:62:23:c5:c3:63:fd:d0:
19:28:3c:1e:b2:ef:d7:7a:fa:1e:a4:91:0b:88:3a:
67:6f:30:a1:3e:f1:76:0f:20:24:a1:3d:73:e2:b7:
9e:d1:3b:2e:12:61:66:90:c5:26:b2:59:6f:61:eb:
a5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:27:E7:2F:CB:FC:37:7C:75:91:9F:12:06:9D:A2:2D:66:96:66:51
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AyfnL8v8N3x1kZ8SBp2iLWaWZlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.173.64.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:d3:8c:02:50:46:fa:31:46:2b:cf:a6:ca:4b:b2:05:95:f0:
16:5a:fd:98:1a:2f:eb:95:97:19:b4:55:f5:29:c6:a5:9e:9e:
cb:9b:29:b8:16:34:12:34:d8:12:ba:f8:68:37:b1:85:00:4e:
26:2e:95:ae:09:4a:4f:34:fc:e6:45:44:cb:24:7f:a8:74:08:
b9:80:01:2e:2b:3b:3b:fd:82:5e:42:73:3e:5b:87:bf:3f:30:
61:42:0d:cc:62:ff:a7:b7:09:55:d2:91:93:10:1c:7d:55:68:
c9:48:75:37:b2:5b:87:8c:31:d9:48:55:ad:93:1a:52:fb:5f:
0c:13:b9:42:0d:41:f5:64:b8:00:06:43:56:0c:3f:c0:33:35:
f5:39:d8:76:f3:67:f1:d0:14:c7:2f:64:af:e9:b5:b9:61:f6:
5b:a6:d3:f5:08:5f:bc:4a:9a:d3:74:6c:1f:97:16:25:eb:53:
ee:ac:aa:ba:68:2a:b4:e3:bc:6d:aa:b7:5c:b9:85:2e:bd:99:
b8:5d:db:e7:c8:23:50:19:a1:76:7b:e0:a0:99:3b:90:9e:df:
f9:0b:19:be:fd:b9:9a:04:b4:a2:a5:bc:e8:ad:11:09:9b:7b:
3b:a7:5f:0c:de:57:4b:ee:0c:d3:5a:ed:45:ae:0b:f0:ee:13:
2c:ea:ab:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Fi6SRo1+Srydyqay9Jc0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDIyMTEyMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI3ZTcyZmNiZmMzNzdjNzU5MTlmMTIwNjlkYTIyZDY2OTY2NjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmoY1PhBjMxIkGFbgmAOLhjEsHhI
FQHMR8vxP6ZPwkYRQGDCPMCrn/PSRO919F2OSEJqPHahMGK9+EC3t/Xp7CfmlZ3w
WdZ1oOXaLnLXzk71cRJJU4SOwRQIbk7KPkji4jBHDTlgdxmvHkRuWQMvB3lJg9sN
Ai4GoELclZwufg5tlh7RyO/S7z5RGGVUp+ULNXQlaJpAMraEnF6Ky4rcnEL2vAsD
SKRFX/ixIM5Oo85qz5as4VrybMJ6v+VwPZiliM/KltyqbJ6Md2IjxcNj/dAZKDwe
su/XevoepJELiDpnbzChPvF2DyAkoT1z4ree0TsuEmFmkMUmsllvYeulvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMn5y/L/Dd8dZGfEgadoi1mlmZRMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQXlmbkw4djhOM3gxa1o4U0JwMmlMV2FXWmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2K1AMA0G
CSqGSIb3DQEBCwUAA4IBAQBq04wCUEb6MUYrz6bKS7IFlfAWWv2YGi/rlZcZtFX1
Kcalnp7Lmym4FjQSNNgSuvhoN7GFAE4mLpWuCUpPNPzmRUTLJH+odAi5gAEuKzs7
/YJeQnM+W4e/PzBhQg3MYv+ntwlV0pGTEBx9VWjJSHU3sluHjDHZSFWtkxpS+18M
E7lCDUH1ZLgABkNWDD/AMzX1Odh282fx0BTHL2Sv6bW5YfZbptP1CF+8SprTdGwf
lxYl61PurKq6aCq047xtqrdcuYUuvZm4XdvnyCNQGaF2e+CgmTuQnt/5Cxm+/bma
BLSipbzorREJm3s7p18M3ldL7gzTWu1Frgvw7hMs6qtA
-----END CERTIFICATE-----
Generated at Fri May 10 14:57:53 2024 by rpki-client on console-fra.rpki-client.org