Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/aLWgVKWQRmYpsRnKgGa5S8XbAbk.roa
File: aLWgVKWQRmYpsRnKgGa5S8XbAbk.roa (raw, json)
Hash identifier: WD4Pq/XQcx8i5yzICa3igNxzRIA6fmm8+/XwlLsckgc=
Subject key identifier: 68:B5:A0:54:A5:90:46:66:29:B1:19:CA:80:66:B9:4B:C5:DB:01:B9
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 018CC8030335930529174782F9A0E3763DD3
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/aLWgVKWQRmYpsRnKgGa5S8XbAbk.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196615
IP address blocks: 93.175.147.0/24 maxlen: 24
2001:7fb:fd03::/48 maxlen: 48
2001:7fb:fd04::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:03:35:93:05:29:17:47:82:f9:a0:e3:76:3d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b5a054a590466629b119ca8066b94bc5db01b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:95:a8:45:ea:62:b2:54:8a:a9:17:68:60:b2:
15:a6:ab:e6:a2:25:fd:ab:50:c2:9d:2f:a6:1e:12:
60:f1:27:5a:a9:c7:5e:bc:3a:3c:75:e4:9e:3d:b5:
cb:c6:1a:83:f3:39:fc:fe:45:18:f9:71:6b:37:34:
e6:eb:19:dc:1b:da:ab:8d:d8:e5:9b:9e:a2:d2:56:
d4:a2:95:ae:53:c9:22:2b:49:5a:91:dd:84:09:96:
da:33:1e:3b:a0:98:8c:fc:9c:6d:62:e3:65:d8:90:
da:75:33:fd:17:d1:b0:59:b4:5e:6e:b6:15:b0:fc:
a7:ac:24:63:72:04:68:a3:33:41:31:a2:df:47:0f:
69:86:19:b8:0e:cd:b4:13:69:4e:80:c6:2e:ad:50:
f3:4b:2d:e0:35:29:60:1d:26:91:8d:18:51:f9:1a:
73:d1:cd:ab:ef:16:0c:a1:69:87:cb:13:98:58:cb:
d8:e6:0b:e0:91:85:fe:b2:5a:fb:65:53:37:83:ec:
4a:e8:bd:70:47:e4:32:da:ca:2f:40:60:5a:db:6a:
ab:46:7c:b0:39:6f:df:4c:7f:5e:3a:aa:9b:f2:3a:
f5:11:e1:fd:45:f7:80:fb:fb:3b:fa:ae:d2:62:fc:
3e:b7:7f:fc:e3:f2:e3:c8:55:00:33:cb:1b:b3:d0:
7e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B5:A0:54:A5:90:46:66:29:B1:19:CA:80:66:B9:4B:C5:DB:01:B9
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/aLWgVKWQRmYpsRnKgGa5S8XbAbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.175.147.0/24
IPv6:
2001:7fb:fd03::-2001:7fb:fd04:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1f:fd:5e:f3:bf:a0:c2:f9:3b:fe:ed:85:dc:a8:5d:26:fb:93:
b0:74:93:d9:ca:78:2f:52:18:5a:84:a8:f2:c9:ca:90:29:5b:
22:e9:01:10:ef:ba:4a:72:cd:90:b8:2b:00:90:7e:0d:b9:1c:
e8:f7:b2:a8:7c:bb:82:b1:3a:47:8c:c2:ce:25:67:a6:1b:94:
e3:b8:69:35:d9:cd:c8:6e:6f:31:34:8d:53:c8:6f:eb:6a:ba:
77:80:58:3b:e9:15:66:3a:3a:ad:62:ea:4f:63:d2:54:3a:48:
d0:69:01:ab:fb:ec:50:49:28:34:62:a5:9c:0b:99:8f:17:4f:
da:e1:ee:97:00:93:25:f1:fb:f6:47:65:0b:0a:ad:61:ce:24:
93:02:52:ab:8e:c7:da:f5:92:e0:11:41:96:f6:27:c0:29:60:
d2:ee:c0:47:de:74:fd:b1:c9:81:d9:d5:66:27:f3:14:4b:45:
8d:16:c2:ce:f3:15:92:d4:a7:4b:27:51:02:45:ad:ad:b8:43:
c6:30:0a:3d:ad:73:ed:1d:f0:f9:75:0e:f5:06:53:82:68:cc:
d9:9d:e0:e8:ee:fa:d8:2f:2c:d9:02:5e:90:f5:50:f1:69:ac:
ec:96:28:5d:43:83:c4:ad:ba:17:36:9b:b1:6f:7c:ec:05:93:
c3:c4:b4:f0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzIAwM1kwUpF0eC+aDjdj3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI1YTA1NGE1OTA0NjY2MjliMTE5Y2E4MDY2Yjk0YmM1ZGIwMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpWoRepislSKqRdoYLIVpqvmoiX9
q1DCnS+mHhJg8SdaqcdevDo8deSePbXLxhqD8zn8/kUY+XFrNzTm6xncG9qrjdjl
m56i0lbUopWuU8kiK0lakd2ECZbaMx47oJiM/JxtYuNl2JDadTP9F9GwWbRebrYV
sPynrCRjcgRoozNBMaLfRw9phhm4Ds20E2lOgMYurVDzSy3gNSlgHSaRjRhR+Rpz
0c2r7xYMoWmHyxOYWMvY5gvgkYX+slr7ZVM3g+xK6L1wR+Qy2sovQGBa22qrRnyw
OW/fTH9eOqqb8jr1EeH9RfeA+/s7+q7SYvw+t3/84/LjyFUAM8sbs9B+LQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGi1oFSlkEZmKbEZyoBmuUvF2wG5MB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvYUxXZ1ZLV1FSbVlwc1JuS2dHYTVTOFhiQWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAXa+TMBoE
AgACMBQwEgMHACABB/v9AwMHACABB/v9BDANBgkqhkiG9w0BAQsFAAOCAQEAH/1e
87+gwvk7/u2F3KhdJvuTsHST2cp4L1IYWoSo8snKkClbIukBEO+6SnLNkLgrAJB+
Dbkc6PeyqHy7grE6R4zCziVnphuU47hpNdnNyG5vMTSNU8hv62q6d4BYO+kVZjo6
rWLqT2PSVDpI0GkBq/vsUEkoNGKlnAuZjxdP2uHulwCTJfH79kdlCwqtYc4kkwJS
q47H2vWS4BFBlvYnwClg0u7AR950/bHJgdnVZifzFEtFjRbCzvMVktSnSydRAkWt
rbhDxjAKPa1z7R3w+XUO9QZTgmjM2Z3g6O762C8s2QJekPVQ8Wms7JYoXUODxK26
FzabsW987AWTw8S08A==
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:26:49 2024 by rpki-client on console-ams.rpki-client.org