Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/AzYDkxUWLaTZjB-XX-6Nvh-LWE4.roa
File: AzYDkxUWLaTZjB-XX-6Nvh-LWE4.roa (raw, json)
Hash identifier: fi96oSZBasCVRfM6Vgb5HhkMhxaQGlHtSNowYgJi0vo=
Subject key identifier: 03:36:03:93:15:16:2D:A4:D9:8C:1F:97:5F:EE:8D:BE:1F:8B:58:4E
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 018E0912C2D6912EF96A46059C38B511E940
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/AzYDkxUWLaTZjB-XX-6Nvh-LWE4.roa
Signing time: Mon 04 Mar 2024 10:46:48 +0000
ROA not before: Mon 04 Mar 2024 10:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13000
IP address blocks: 62.182.224.0/21 maxlen: 21
87.101.64.0/20 maxlen: 24
87.239.192.0/21 maxlen: 21
89.200.224.0/21 maxlen: 24
91.195.134.0/23 maxlen: 23
91.195.158.0/23 maxlen: 23
91.195.190.0/23 maxlen: 23
91.200.24.0/22 maxlen: 22
91.214.24.0/22 maxlen: 22
95.131.32.0/21 maxlen: 24
188.137.0.0/17 maxlen: 24
193.34.112.0/22 maxlen: 22
193.93.92.0/22 maxlen: 24
193.150.36.0/23 maxlen: 23
195.3.200.0/22 maxlen: 22
195.3.203.0/24 maxlen: 24
195.66.73.0/24 maxlen: 24
2a02:c40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:12:c2:d6:91:2e:f9:6a:46:05:9c:38:b5:11:e9:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Mar 4 10:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0336039315162da4d98c1f975fee8dbe1f8b584e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:a1:16:4b:3e:d8:fb:b3:55:78:64:d3:5a:
9d:77:41:ab:c7:0c:21:b0:46:f0:1f:31:cd:ce:2a:
41:05:3e:19:2e:64:65:9c:d2:19:73:bc:71:db:77:
7d:ae:be:eb:ba:56:a4:89:5d:5a:ea:8f:6b:38:9b:
27:b8:0c:93:c3:81:1a:44:c6:93:27:91:66:0b:c6:
2f:bb:a0:41:b9:24:b4:6d:e5:88:65:fb:94:b6:00:
58:c6:7a:f7:95:2a:ea:0a:eb:ab:5b:8a:8d:8b:3d:
e3:b3:ef:3a:36:a4:a2:9b:f5:58:86:21:88:22:37:
16:45:9d:22:34:6e:93:89:1f:8b:f1:4d:e1:79:27:
06:3e:9d:0b:f0:c7:76:d1:8e:95:70:85:85:54:3e:
86:cd:a1:c0:8f:85:9e:fc:dc:5e:1d:a6:e1:3b:56:
ec:d7:2b:cb:9e:df:b0:24:5f:bf:e9:3a:bc:6c:cc:
43:52:24:ab:20:b4:a3:fa:fe:b1:e1:62:68:c0:a7:
8a:e7:ed:c2:ce:c4:50:f1:3e:48:8e:25:c3:8a:b3:
e5:8b:6a:78:21:a6:e7:fa:7f:d6:ef:67:22:47:80:
d5:bc:66:5b:30:a5:bd:9c:5a:4a:34:54:6c:78:f8:
a6:cc:3e:75:02:f7:b7:a0:ac:37:fb:b3:1f:f5:7c:
4a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:36:03:93:15:16:2D:A4:D9:8C:1F:97:5F:EE:8D:BE:1F:8B:58:4E
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/AzYDkxUWLaTZjB-XX-6Nvh-LWE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.224.0/21
87.101.64.0/20
87.239.192.0/21
89.200.224.0/21
91.195.134.0/23
91.195.158.0/23
91.195.190.0/23
91.200.24.0/22
91.214.24.0/22
95.131.32.0/21
188.137.0.0/17
193.34.112.0/22
193.93.92.0/22
193.150.36.0/23
195.3.200.0/22
195.66.73.0/24
IPv6:
2a02:c40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:b3:0a:d6:c0:89:0c:2a:d1:ff:11:88:02:dc:2b:89:b5:e2:
3b:e5:e1:73:53:61:1a:a0:b2:06:f5:17:18:c2:a6:01:ec:c9:
65:3a:fa:d5:6c:1b:9c:a3:a2:bd:5b:6c:88:60:a8:49:08:51:
ac:b8:8f:21:8f:98:a1:13:52:01:50:ac:d1:24:6c:78:7d:46:
4a:88:f7:a8:94:0f:85:a2:97:e2:8e:a2:ba:f2:c9:23:55:94:
92:de:14:ac:42:26:db:82:9f:e9:f4:55:4e:52:82:f4:5d:24:
76:10:f4:31:cc:6f:97:88:ca:1c:7b:5a:a6:7c:bc:ce:30:c2:
ae:50:1b:a7:2b:2c:a7:6b:92:22:0a:33:94:f0:1e:9f:d6:94:
f8:1d:15:08:ae:4e:fb:a6:a8:9a:cc:c0:7f:82:de:1d:78:4a:
cd:92:8b:12:89:fa:1d:b7:02:5c:14:6c:49:16:bd:64:2c:fc:
6e:46:db:b6:32:91:75:f1:e9:66:a2:4a:ce:d8:8c:c5:4a:b2:
31:eb:6b:bc:aa:32:18:01:12:c2:ce:fe:a0:22:d3:f5:fb:87:
a5:8b:b5:5c:ec:6b:8f:5c:de:2a:01:e1:c8:1a:a3:4f:70:1c:
0b:85:07:86:e5:9b:9a:65:53:7a:a9:e7:07:94:58:eb:ee:3c:
f5:62:fa:f1
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY4JEsLWkS75akYFnDi1EelAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjQwMzA0MTA0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM2MDM5MzE1MTYyZGE0ZDk4YzFmOTc1ZmVlOGRiZTFmOGI1ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDyhFks+2PuzVXhk01qdd0Grxwwh
sEbwHzHNzipBBT4ZLmRlnNIZc7xx23d9rr7rulakiV1a6o9rOJsnuAyTw4EaRMaT
J5FmC8Yvu6BBuSS0beWIZfuUtgBYxnr3lSrqCuurW4qNiz3js+86NqSim/VYhiGI
IjcWRZ0iNG6TiR+L8U3heScGPp0L8Md20Y6VcIWFVD6GzaHAj4We/NxeHabhO1bs
1yvLnt+wJF+/6Tq8bMxDUiSrILSj+v6x4WJowKeK5+3CzsRQ8T5IjiXDirPli2p4
Iabn+n/W72ciR4DVvGZbMKW9nFpKNFRsePimzD51Ave3oKw3+7Mf9XxKYQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFAM2A5MVFi2k2Ywfl1/ujb4fi1hOMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvQXpZRGt4VVdMYVRaakItWFgtNk52aC1MV0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAz624AME
BFdlQAMEA1fvwAMEA1nI4AMEAVvDhgMEAVvDngMEAVvDvgMEAlvIGAMEAlvWGAME
A1+DIAMEB7yJAAMEAsEicAMEAsFdXAMEAcGWJAMEAsMDyAMEAMNCSTANBAIAAjAH
AwUAKgIMQDANBgkqhkiG9w0BAQsFAAOCAQEAPrMK1sCJDCrR/xGIAtwribXiO+Xh
c1NhGqCyBvUXGMKmAezJZTr61WwbnKOivVtsiGCoSQhRrLiPIY+YoRNSAVCs0SRs
eH1GSoj3qJQPhaKX4o6iuvLJI1WUkt4UrEIm24Kf6fRVTlKC9F0kdhD0Mcxvl4jK
HHtapny8zjDCrlAbpyssp2uSIgozlPAen9aU+B0VCK5O+6aomszAf4LeHXhKzZKL
Eon6HbcCXBRsSRa9ZCz8bkbbtjKRdfHpZqJKztiMxUqyMetrvKoyGAESws7+oCLT
9fuHpYu1XOxrj1zeKgHhyBqjT3AcC4UHhuWbmmVTeqnnB5RY6+489WL68Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:47 2024 by rpki-client on console-ams.rpki-client.org