Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/aXu4tUIglcOC5OQHWsRApI2YNmI.roa
File: aXu4tUIglcOC5OQHWsRApI2YNmI.roa (raw, json)
Hash identifier: Ty24z4GueI/ejsSx9pg3odOupq60hw4ekUfWt+nLh+Q=
Subject key identifier: 69:7B:B8:B5:42:20:95:C3:82:E4:E4:07:5A:C4:40:A4:8D:98:36:62
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 018CCA2BBAA8ECC44E58A4868A4FCBFC1F40
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/aXu4tUIglcOC5OQHWsRApI2YNmI.roa
Signing time: Tue 02 Jan 2024 12:35:12 +0000
ROA not before: Tue 02 Jan 2024 12:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209251
IP address blocks: 195.168.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 10:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:ba:a8:ec:c4:4e:58:a4:86:8a:4f:cb:fc:1f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 2 12:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=697bb8b5422095c382e4e4075ac440a48d983662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8a:cd:95:a0:ae:8e:30:64:0f:d1:0c:32:1c:
21:8e:4c:1d:3b:24:35:65:0e:94:94:99:a1:fb:33:
af:6b:d2:e5:98:c8:e8:88:82:78:ce:f7:f7:5a:c7:
8e:5c:8e:72:9c:fe:e6:f5:21:5b:e9:bb:cf:47:91:
44:8f:5d:16:8a:74:10:5d:05:a1:60:df:86:be:d0:
6c:dc:8b:87:40:ff:51:8d:65:e7:e0:67:a1:6f:8c:
6d:9a:7b:4c:f1:28:e5:d5:3b:cc:36:78:dc:93:99:
74:41:1a:2b:d1:ca:bd:4a:7f:20:64:13:1b:eb:52:
ca:3c:f3:8c:ae:fb:3f:7a:68:83:29:3a:09:ca:0b:
89:4d:aa:81:71:65:6f:ff:11:e0:a2:08:7c:6d:48:
a6:4e:a3:57:55:2d:9d:22:34:0c:00:a8:37:17:9a:
5b:df:cf:d1:78:3e:aa:8f:d3:ec:29:8b:0f:22:a1:
67:20:91:87:e0:36:28:4d:85:3e:77:4d:35:c5:54:
68:1a:87:c2:91:40:34:48:b6:fd:ff:05:5c:00:54:
95:e9:b3:77:75:4e:66:af:a0:5d:7e:89:ae:20:03:
fb:82:07:78:d0:ff:16:90:9c:0a:50:eb:74:d0:8e:
65:8a:98:2c:77:5c:7c:ff:b3:63:68:b5:31:8e:76:
70:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7B:B8:B5:42:20:95:C3:82:E4:E4:07:5A:C4:40:A4:8D:98:36:62
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/aXu4tUIglcOC5OQHWsRApI2YNmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.168.218.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:32:70:06:f3:6c:3f:33:90:ea:b8:06:78:4b:f5:27:4d:ec:
c7:ce:6a:a9:17:24:d4:f2:84:35:74:ce:f8:cf:84:f0:f1:b9:
a5:64:c3:dd:fa:bd:48:54:c7:a7:00:45:5e:9d:54:c4:d6:f1:
ca:6a:d1:9c:6f:52:5b:b7:ca:86:aa:9c:36:74:7c:6a:c9:c4:
f3:57:ef:fb:0c:62:07:20:6f:a7:c1:24:f6:d1:c3:c7:f7:37:
fd:17:39:db:a5:c2:de:23:fe:10:44:ae:a6:0e:d8:2e:12:f9:
fc:90:cf:18:a9:60:87:54:1e:7a:2c:ac:8d:03:39:49:6e:88:
e7:d8:c1:a2:86:9a:8c:dd:5c:dc:d4:eb:5f:7f:9b:37:b4:99:
b5:4d:36:41:d9:23:a2:63:23:92:2d:99:fc:9a:f6:07:0a:fe:
52:43:c1:e6:a2:b2:89:4c:17:e7:9c:e1:2b:90:0e:91:6a:96:
9c:27:2f:38:e6:dd:6b:7a:7d:5f:48:01:7e:a3:31:76:c1:a6:
4b:2d:da:94:89:74:20:9b:e2:1f:da:80:1f:1a:b0:eb:61:ca:
94:74:46:9b:60:db:19:c0:c9:62:83:72:76:2b:95:b9:e2:cb:
b5:15:6a:30:26:52:be:7a:e3:36:42:8a:ef:9c:3a:a8:34:22:
b5:ee:ce:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK7qo7MROWKSGik/L/B9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjQwMTAyMTIzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdiYjhiNTQyMjA5NWMzODJlNGU0MDc1YWM0NDBhNDhkOTgzNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYrNlaCujjBkD9EMMhwhjkwdOyQ1
ZQ6UlJmh+zOva9LlmMjoiIJ4zvf3WseOXI5ynP7m9SFb6bvPR5FEj10WinQQXQWh
YN+GvtBs3IuHQP9RjWXn4Gehb4xtmntM8Sjl1TvMNnjck5l0QRor0cq9Sn8gZBMb
61LKPPOMrvs/emiDKToJyguJTaqBcWVv/xHgogh8bUimTqNXVS2dIjQMAKg3F5pb
38/ReD6qj9PsKYsPIqFnIJGH4DYoTYU+d001xVRoGofCkUA0SLb9/wVcAFSV6bN3
dU5mr6BdfomuIAP7ggd40P8WkJwKUOt00I5lipgsd1x8/7NjaLUxjnZw7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGl7uLVCIJXDguTkB1rEQKSNmDZiMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvYVh1NHRVSWdsY09DNU9RSFdzUkFwSTJZTm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6jaMA0G
CSqGSIb3DQEBCwUAA4IBAQBtMnAG82w/M5DquAZ4S/UnTezHzmqpFyTU8oQ1dM74
z4Tw8bmlZMPd+r1IVMenAEVenVTE1vHKatGcb1Jbt8qGqpw2dHxqycTzV+/7DGIH
IG+nwST20cPH9zf9FznbpcLeI/4QRK6mDtguEvn8kM8YqWCHVB56LKyNAzlJbojn
2MGihpqM3Vzc1Otff5s3tJm1TTZB2SOiYyOSLZn8mvYHCv5SQ8HmorKJTBfnnOEr
kA6RapacJy845t1ren1fSAF+ozF2waZLLdqUiXQgm+If2oAfGrDrYcqUdEabYNsZ
wMlig3J2K5W54su1FWowJlK+euM2QorvnDqoNCK17s7X
-----END CERTIFICATE-----
Generated at Mon May 27 15:34:54 2024 by rpki-client on console-fra.rpki-client.org