Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/Azkxw0dzw66csnlmxyGLm6CG2Tk.roa
File: Azkxw0dzw66csnlmxyGLm6CG2Tk.roa (raw, json)
Hash identifier: 56QY0FBVrZL8q9K3OWM76jQ+WsoKNJJaXpC1KgcP6rE=
Subject key identifier: 03:39:31:C3:47:73:C3:AE:9C:B2:79:66:C7:21:8B:9B:A0:86:D9:39
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 018DA8A041D70E940284BFD1DD2B1F0B2072
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/Azkxw0dzw66csnlmxyGLm6CG2Tk.roa
Signing time: Wed 14 Feb 2024 17:18:11 +0000
ROA not before: Wed 14 Feb 2024 17:18:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
2a02:fe80:13::/48 maxlen: 48
2a02:fe80:1010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.mft
rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:a0:41:d7:0e:94:02:84:bf:d1:dd:2b:1f:0b:20:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Feb 14 17:18:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=033931c34773c3ae9cb27966c7218b9ba086d939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:16:92:77:75:cd:d1:7a:95:5f:84:0c:54:e0:
f1:f3:2f:5c:66:1b:d2:dd:a1:6d:1a:88:a9:21:03:
5e:89:d2:67:fc:a9:a1:84:06:7d:72:f9:73:60:86:
7d:ce:0b:e7:c7:2d:67:0c:2c:0e:bb:d4:a0:f2:39:
70:ba:6e:d6:89:09:4b:40:56:02:08:1c:04:d2:95:
00:ee:44:3b:1d:b2:aa:d4:8c:6e:26:5f:d0:a7:ec:
12:66:f4:4b:0a:a1:01:49:b3:ab:e3:29:e3:bc:fa:
c7:bd:7a:93:88:2b:0c:10:1b:5f:25:72:5d:a9:c1:
88:8b:42:01:d0:48:b1:b6:51:89:7f:4a:fc:90:c6:
ac:5a:df:0c:09:8c:cd:8e:d7:5f:37:22:d7:9c:83:
9b:f9:5f:b9:02:73:dd:22:44:50:4a:e1:64:77:b6:
71:2b:6b:1b:5d:be:c6:1d:7f:03:6a:f7:9c:c5:bc:
2f:51:04:ca:7b:e8:68:b4:eb:d5:f9:e7:94:d5:16:
15:3a:e8:4f:7b:49:6b:d0:6f:2e:bb:d6:63:5b:ff:
6e:5e:80:15:f9:53:2e:b5:cc:e8:47:fb:63:37:1c:
a8:b1:e7:4f:7e:1f:2c:8b:61:6c:b3:79:9d:56:81:
e1:85:b4:79:05:e9:fe:64:c1:31:26:db:bc:e6:5d:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:39:31:C3:47:73:C3:AE:9C:B2:79:66:C7:21:8B:9B:A0:86:D9:39
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/Azkxw0dzw66csnlmxyGLm6CG2Tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
IPv6:
2a02:fe80:13::/48
2a02:fe80:1010::/48
Signature Algorithm: sha256WithRSAEncryption
7b:04:07:51:85:be:f1:72:89:ba:3f:01:ee:95:38:ec:f6:4f:
0c:d8:70:e7:a2:a4:fb:c6:37:f4:78:c5:a2:4a:87:de:88:59:
32:e9:46:8e:79:f4:b8:e0:22:18:af:c0:11:cd:85:47:41:3e:
e1:5e:f4:1c:15:aa:8e:62:41:a6:7b:47:c7:64:cf:10:fd:db:
a1:83:5e:d3:cd:18:0d:6d:ee:61:5d:ed:af:17:b2:ee:dc:b5:
98:8f:45:19:90:96:09:81:79:0f:6d:33:30:8c:80:c7:40:b1:
7a:b9:e1:63:7d:43:d1:5b:eb:08:4c:b8:20:b6:34:35:bc:63:
eb:ab:bf:7f:9e:35:c8:51:c5:a9:93:6a:41:ad:0e:95:e5:e8:
6f:8d:09:3c:2c:9f:35:5b:24:9e:92:38:79:46:bf:0b:31:9f:
cc:d8:f6:dd:d9:eb:6b:46:f0:6e:21:0d:62:79:65:0c:4f:ce:
2c:45:7b:4a:28:07:b1:6c:55:62:74:c4:3f:72:88:96:99:c2:
09:8b:ac:f8:ad:b4:eb:90:3e:ff:6a:63:ff:7d:28:73:af:7a:
ce:14:2b:a1:17:b4:84:4c:8b:0e:22:0f:25:2c:ae:6f:0f:d1:
05:8a:f0:af:26:55:f5:69:a4:aa:e3:41:44:eb:9d:52:d1:0c:
ff:ea:3f:48
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY2ooEHXDpQChL/R3SsfCyByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjQwMjE0MTcxODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM5MzFjMzQ3NzNjM2FlOWNiMjc5NjZjNzIxOGI5YmEwODZkOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhaSd3XN0XqVX4QMVODx8y9cZhvS
3aFtGoipIQNeidJn/KmhhAZ9cvlzYIZ9zgvnxy1nDCwOu9Sg8jlwum7WiQlLQFYC
CBwE0pUA7kQ7HbKq1IxuJl/Qp+wSZvRLCqEBSbOr4ynjvPrHvXqTiCsMEBtfJXJd
qcGIi0IB0EixtlGJf0r8kMasWt8MCYzNjtdfNyLXnIOb+V+5AnPdIkRQSuFkd7Zx
K2sbXb7GHX8DavecxbwvUQTKe+hotOvV+eeU1RYVOuhPe0lr0G8uu9ZjW/9uXoAV
+VMutczoR/tjNxyosedPfh8si2Fss3mdVoHhhbR5Ben+ZMExJtu85l3zjwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAM5McNHc8OunLJ5Zschi5ughtk5MB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvQXpreHcwZHp3NjZjc25sbXh5R0xtNkNHMlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuV3kAwQC
wRPgMBgEAgACMBIDBwAqAv6AABMDBwAqAv6AEBAwDQYJKoZIhvcNAQELBQADggEB
AHsEB1GFvvFyibo/Ae6VOOz2TwzYcOeipPvGN/R4xaJKh96IWTLpRo559LjgIhiv
wBHNhUdBPuFe9BwVqo5iQaZ7R8dkzxD926GDXtPNGA1t7mFd7a8Xsu7ctZiPRRmQ
lgmBeQ9tMzCMgMdAsXq54WN9Q9Fb6whMuCC2NDW8Y+urv3+eNchRxamTakGtDpXl
6G+NCTwsnzVbJJ6SOHlGvwsxn8zY9t3Z62tG8G4hDWJ5ZQxPzixFe0ooB7FsVWJ0
xD9yiJaZwgmLrPittOuQPv9qY/99KHOves4UK6EXtIRMiw4iDyUsrm8P0QWK8K8m
VfVppKrjQUTrnVLRDP/qP0g=
-----END CERTIFICATE-----
Generated at Thu May 2 12:25:55 2024 by rpki-client on console-fra.rpki-client.org