Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/ap02rErpjv10MpjYsniak058CT8.roa
File: ap02rErpjv10MpjYsniak058CT8.roa (raw, json)
Hash identifier: 1noWI/jQ3LfSNHTqtg9EVlDLA7ID44Srdjo9j0Cow3Q=
Subject key identifier: 6A:9D:36:AC:4A:E9:8E:FD:74:32:98:D8:B2:78:9A:93:4E:7C:09:3F
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018CC56EB15CEFCC66C13B0DFCC70104B3BF
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/ap02rErpjv10MpjYsniak058CT8.roa
Signing time: Mon 01 Jan 2024 14:30:14 +0000
ROA not before: Mon 01 Jan 2024 14:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49332
IP address blocks: 188.190.32.0/19 maxlen: 20
5.57.64.0/21 maxlen: 22
176.32.0.0/21 maxlen: 22
86.111.64.0/20 maxlen: 21
176.39.64.0/20 maxlen: 21
91.212.203.0/24 maxlen: 24
86.111.84.0/23 maxlen: 24
80.243.144.0/20 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 06:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b1:5c:ef:cc:66:c1:3b:0d:fc:c7:01:04:b3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 14:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a9d36ac4ae98efd743298d8b2789a934e7c093f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:90:02:5d:df:32:3b:68:3d:b1:ac:55:fa:a6:
86:6a:e0:6b:70:51:06:f2:73:ed:c0:81:46:b7:06:
23:29:49:c3:e8:45:82:10:58:8f:ff:5e:c1:e0:38:
32:b5:1e:c5:7c:d1:6e:f0:3e:74:ff:39:06:a6:c2:
68:53:ed:e6:c6:69:58:f6:52:e3:4d:f3:44:09:d4:
fe:66:da:ed:1e:39:89:cb:7b:2f:8d:85:12:3e:4d:
86:cb:1b:17:ee:d0:47:e9:80:dc:eb:24:75:b4:c7:
f2:ae:cb:8f:98:c6:7e:f4:1c:d9:ce:29:94:22:d2:
81:47:15:a2:67:17:90:e9:3c:01:3b:fe:4f:98:98:
ca:b9:75:a7:1d:cd:fe:4b:9c:55:f6:ba:cf:73:b5:
73:30:74:5e:e5:3e:17:33:a8:de:37:7d:76:ff:07:
fb:f0:dd:be:f5:9e:71:2a:7f:74:78:5a:69:e2:cb:
98:7f:fd:51:e5:78:59:af:88:3c:57:9e:da:43:b0:
17:c9:21:88:77:b2:34:36:3c:e9:61:34:83:b7:2d:
8c:f3:a3:b0:f8:3e:7b:51:08:ed:58:d5:15:70:19:
d2:b9:ab:dd:22:6d:91:c8:6b:3f:df:f1:83:15:9c:
20:65:89:29:29:5c:cd:af:5c:06:ed:07:85:d5:1d:
be:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9D:36:AC:4A:E9:8E:FD:74:32:98:D8:B2:78:9A:93:4E:7C:09:3F
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/ap02rErpjv10MpjYsniak058CT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.64.0/21
80.243.144.0/20
86.111.64.0/20
86.111.84.0/23
91.212.203.0/24
176.32.0.0/21
176.39.64.0/20
188.190.32.0/19
Signature Algorithm: sha256WithRSAEncryption
57:69:e9:f5:1e:0e:1d:ca:fd:0e:46:5f:cd:90:a0:d1:10:96:
f1:e5:c4:a8:44:ec:a9:e1:b9:a8:2e:0d:dc:2e:31:7c:d0:83:
2b:21:26:18:99:ac:52:81:62:62:f4:73:39:fb:d0:37:e4:3b:
05:fb:c4:a5:bd:c8:68:4e:db:97:19:71:9d:a7:8d:86:04:39:
02:49:8f:aa:4d:cb:8c:3a:ea:d2:68:e7:a9:87:08:9e:69:f3:
d4:d5:2a:aa:b9:69:15:44:5b:d1:1b:68:28:1a:35:ee:63:76:
e7:b5:81:a3:b0:bd:85:0b:9c:cb:d2:23:20:1e:fa:95:44:d8:
0a:07:b1:5d:ec:9c:e9:dd:28:52:4e:3f:d4:16:5e:fe:c4:33:
6a:56:f7:d7:06:38:33:2a:90:2c:e5:ff:56:72:35:db:3c:d5:
80:3d:23:a6:3c:09:7e:52:53:04:b4:cb:63:56:a9:29:62:81:
fa:ad:34:c6:d7:2c:09:1f:42:c9:17:52:4a:ba:4d:7f:18:d2:
33:8e:11:67:7b:26:14:a2:03:fb:98:9f:6c:3a:4d:7b:3f:bc:
25:56:a1:97:2a:5c:ee:b1:11:1a:9e:1c:ea:04:6d:62:e6:33:
a9:05:1a:a1:a1:d7:e2:fd:de:b0:fd:8c:04:4e:7a:31:c5:f8:
1a:07:fa:d6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFbrFc78xmwTsN/McBBLO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjQwMTAxMTQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTlkMzZhYzRhZTk4ZWZkNzQzMjk4ZDhiMjc4OWE5MzRlN2MwOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZACXd8yO2g9saxV+qaGauBrcFEG
8nPtwIFGtwYjKUnD6EWCEFiP/17B4DgytR7FfNFu8D50/zkGpsJoU+3mxmlY9lLj
TfNECdT+ZtrtHjmJy3svjYUSPk2GyxsX7tBH6YDc6yR1tMfyrsuPmMZ+9BzZzimU
ItKBRxWiZxeQ6TwBO/5PmJjKuXWnHc3+S5xV9rrPc7VzMHRe5T4XM6jeN312/wf7
8N2+9Z5xKn90eFpp4suYf/1R5XhZr4g8V57aQ7AXySGId7I0NjzpYTSDty2M86Ow
+D57UQjtWNUVcBnSuavdIm2RyGs/3/GDFZwgZYkpKVzNr1wG7QeF1R2+vQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGqdNqxK6Y79dDKY2LJ4mpNOfAk/MB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL2FwMDJyRXJwanYxME1wallzbmlhazA1OENUOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAMFOUAD
BARQ85ADBARWb0ADBAFWb1QDBABb1MsDBAOwIAADBASwJ0ADBAW8viAwDQYJKoZI
hvcNAQELBQADggEBAFdp6fUeDh3K/Q5GX82QoNEQlvHlxKhE7KnhuaguDdwuMXzQ
gyshJhiZrFKBYmL0czn70DfkOwX7xKW9yGhO25cZcZ2njYYEOQJJj6pNy4w66tJo
56mHCJ5p89TVKqq5aRVEW9EbaCgaNe5jdue1gaOwvYULnMvSIyAe+pVE2AoHsV3s
nOndKFJOP9QWXv7EM2pW99cGODMqkCzl/1ZyNds81YA9I6Y8CX5SUwS0y2NWqSli
gfqtNMbXLAkfQskXUkq6TX8Y0jOOEWd7JhSiA/uYn2w6TXs/vCVWoZcqXO6xERqe
HOoEbWLmM6kFGqGh1+L93rD9jAROejHF+BoH+tY=
-----END CERTIFICATE-----
Generated at Thu May 30 09:54:53 2024 by rpki-client on console-fra.rpki-client.org