Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/aTAp5ZFkPsnJHtRfQBniuJRLNM4.roa
File: aTAp5ZFkPsnJHtRfQBniuJRLNM4.roa (raw, json)
Hash identifier: nflAj5vJPMYtF0oFTdDYEtjApgfE1EZ7aQXjMhbJAXw=
Subject key identifier: 69:30:29:E5:91:64:3E:C9:C9:1E:D4:5F:40:19:E2:B8:94:4B:34:CE
Certificate issuer: /CN=aecaf94aedffefa4366bca2beb91992c1db34ccc
Certificate serial: 018CC34893D5C4758FFF57BBBA1E7261B859
Authority key identifier: AE:CA:F9:4A:ED:FF:EF:A4:36:6B:CA:2B:EB:91:99:2C:1D:B3:4C:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rsr5Su3_76Q2a8or65GZLB2zTMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/aTAp5ZFkPsnJHtRfQBniuJRLNM4.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21286
IP address blocks: 193.176.216.0/23 maxlen: 23
2001:67c:5a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/rsr5Su3_76Q2a8or65GZLB2zTMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/rsr5Su3_76Q2a8or65GZLB2zTMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/rsr5Su3_76Q2a8or65GZLB2zTMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:93:d5:c4:75:8f:ff:57:bb:ba:1e:72:61:b8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecaf94aedffefa4366bca2beb91992c1db34ccc
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=693029e591643ec9c91ed45f4019e2b8944b34ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:44:25:d5:b7:9e:00:30:f3:cf:23:a9:a3:bb:
22:ba:bd:e0:7f:7d:e2:b8:ca:59:d2:d0:81:f9:45:
75:17:ed:5e:ae:28:42:be:c8:f1:7f:00:00:8d:3b:
2d:31:50:84:f3:43:68:63:40:fc:35:e2:e6:be:8d:
5a:af:bd:29:42:dd:4a:15:50:b7:a7:ae:97:5d:7e:
18:e3:fe:91:d5:ed:27:16:d9:01:1c:68:e0:5c:53:
94:6d:f1:fe:1b:58:7c:06:3e:ce:97:db:9f:82:0b:
60:c0:88:4e:8d:e3:11:d8:d9:84:c0:ec:9f:29:65:
11:2f:5d:53:0e:cc:b0:29:10:ab:2e:ce:f3:2c:9c:
d5:3e:03:86:3b:0f:20:20:a1:58:fc:3b:77:d5:d3:
fc:a6:a5:65:59:78:0c:ba:09:e4:d7:86:ba:49:2a:
cf:5e:16:a2:1d:ab:5e:07:fd:b1:32:c7:c5:5f:ba:
b5:a7:42:74:f4:1f:9f:68:89:73:43:dc:0f:f4:ad:
1b:e8:d0:c5:83:57:c5:fa:be:b0:83:fd:f9:ed:2e:
28:15:66:fa:1c:62:2d:85:0b:9a:06:27:f7:6c:e2:
c4:69:6e:ca:8a:43:a9:17:5d:88:15:09:06:0c:16:
c7:39:03:5a:24:35:a7:43:94:52:3e:6c:05:b2:af:
92:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:30:29:E5:91:64:3E:C9:C9:1E:D4:5F:40:19:E2:B8:94:4B:34:CE
X509v3 Authority Key Identifier:
keyid:AE:CA:F9:4A:ED:FF:EF:A4:36:6B:CA:2B:EB:91:99:2C:1D:B3:4C:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsr5Su3_76Q2a8or65GZLB2zTMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/aTAp5ZFkPsnJHtRfQBniuJRLNM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/047dec-d844-467a-a01a-fc03ef794718/1/rsr5Su3_76Q2a8or65GZLB2zTMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.216.0/23
IPv6:
2001:67c:5a0::/48
Signature Algorithm: sha256WithRSAEncryption
6a:af:6c:14:29:63:b6:aa:76:3b:e1:97:68:64:f7:a7:2d:e3:
12:f0:71:17:8b:91:f3:86:8a:3c:a3:31:91:a9:48:d6:31:82:
09:6d:0f:81:6a:77:e3:cb:7e:ea:71:57:75:62:c6:d7:a1:15:
32:ff:0d:4f:5e:55:f7:cf:d4:28:02:85:fc:49:d5:81:6b:ef:
49:2f:92:5d:4e:f5:31:83:d9:14:0e:aa:d0:47:be:9d:db:31:
d2:2e:88:c1:79:e5:ad:8e:a6:e1:f0:0f:24:6a:49:4d:84:c7:
ea:2c:25:76:80:56:e7:3a:98:1a:d2:e6:06:b2:2e:dc:df:93:
7f:25:a1:26:69:5c:08:66:2b:6b:ff:45:1c:75:b9:0e:84:45:
8b:a2:c4:5e:44:f8:5e:30:8c:7f:52:37:56:5a:01:b6:6c:be:
8f:ef:e9:b8:48:c6:3f:cc:d0:a1:d4:7c:a9:26:55:5d:42:26:
5c:22:46:d0:b8:2f:82:b1:20:ff:a8:5a:80:a0:ea:bc:3e:98:
75:da:19:c2:19:d0:b8:52:8a:6c:78:06:56:97:3a:22:b0:b2:
31:7b:6f:fd:72:5e:1a:5b:d9:e8:01:82:b7:ae:bc:60:5e:f9:
d9:b9:9c:f5:ab:99:b5:84:eb:f5:88:6d:75:02:9f:11:7d:74:
e7:fa:b8:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSJPVxHWP/1e7uh5yYbhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2FmOTRhZWRmZmVmYTQzNjZiY2EyYmViOTE5OTJjMWRi
MzRjY2MwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMwMjllNTkxNjQzZWM5YzkxZWQ0NWY0MDE5ZTJiODk0NGIzNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskQl1beeADDzzyOpo7siur3gf33i
uMpZ0tCB+UV1F+1erihCvsjxfwAAjTstMVCE80NoY0D8NeLmvo1ar70pQt1KFVC3
p66XXX4Y4/6R1e0nFtkBHGjgXFOUbfH+G1h8Bj7Ol9ufggtgwIhOjeMR2NmEwOyf
KWURL11TDsywKRCrLs7zLJzVPgOGOw8gIKFY/Dt31dP8pqVlWXgMugnk14a6SSrP
XhaiHateB/2xMsfFX7q1p0J09B+faIlzQ9wP9K0b6NDFg1fF+r6wg/357S4oFWb6
HGIthQuaBif3bOLEaW7KikOpF12IFQkGDBbHOQNaJDWnQ5RSPmwFsq+SjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGkwKeWRZD7JyR7UX0AZ4riUSzTOMB8GA1UdIwQY
MBaAFK7K+Urt/++kNmvKK+uRmSwds0zMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNyNVN1M183NlEyYThvcjY1R1pMQjJ6VE13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNDdkZWMtZDg0NC00NjdhLWEwMWEt
ZmMwM2VmNzk0NzE4LzEvYVRBcDVaRmtQc25KSHRSZlFCbml1SlJMTk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNDdkZWMtZDg0NC00NjdhLWEwMWEtZmMwM2VmNzk0NzE4
LzEvcnNyNVN1M183NlEyYThvcjY1R1pMQjJ6VE13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwbDYMA8E
AgACMAkDBwAgAQZ8BaAwDQYJKoZIhvcNAQELBQADggEBAGqvbBQpY7aqdjvhl2hk
96ct4xLwcReLkfOGijyjMZGpSNYxggltD4Fqd+PLfupxV3VixtehFTL/DU9eVffP
1CgChfxJ1YFr70kvkl1O9TGD2RQOqtBHvp3bMdIuiMF55a2OpuHwDyRqSU2Ex+os
JXaAVuc6mBrS5gayLtzfk38loSZpXAhmK2v/RRx1uQ6ERYuixF5E+F4wjH9SN1Za
AbZsvo/v6bhIxj/M0KHUfKkmVV1CJlwiRtC4L4KxIP+oWoCg6rw+mHXaGcIZ0LhS
imx4BlaXOiKwsjF7b/1yXhpb2egBgreuvGBe+dm5nPWrmbWE6/WIbXUCnxF9dOf6
uAQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:25 2024 by rpki-client on console-ams.rpki-client.org