Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/AirrtZULXSEUAduX9FV2RVHqzTE.roa
File: AirrtZULXSEUAduX9FV2RVHqzTE.roa (raw, json)
Hash identifier: LkJAf7f0Og3W3HP1oLL4r+1kULWevMdp3jI8raSgxUg=
Subject key identifier: 02:2A:EB:B5:95:0B:5D:21:14:01:DB:97:F4:55:76:45:51:EA:CD:31
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 018D78C4BD47947B5A2962AEDA42781EE088
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/AirrtZULXSEUAduX9FV2RVHqzTE.roa
Signing time: Mon 05 Feb 2024 10:16:15 +0000
ROA not before: Mon 05 Feb 2024 10:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31304
IP address blocks: 83.168.64.0/22 maxlen: 24
83.168.96.0/23 maxlen: 24
83.168.104.0/24 maxlen: 24
83.168.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:c4:bd:47:94:7b:5a:29:62:ae:da:42:78:1e:e0:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Feb 5 10:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=022aebb5950b5d211401db97f455764551eacd31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3e:20:00:31:e7:66:bd:3d:d6:32:ce:fd:ef:
09:34:78:52:54:d2:12:f9:64:8e:a3:a5:e9:5c:90:
d7:28:0d:de:a6:2b:53:9c:88:2e:c7:56:1e:1d:a6:
3a:f0:6f:55:cf:bc:de:f4:49:93:8d:40:56:97:44:
c9:71:1b:ea:d7:10:a1:c2:23:c8:29:1b:2d:b9:b4:
95:c2:2f:e5:1f:99:ee:3d:bc:af:0e:a7:09:dc:a2:
b4:67:53:5b:a3:30:4c:5b:6b:6b:97:04:9e:b7:aa:
0e:91:6f:e6:f1:a3:fa:e3:dd:4c:89:0d:49:1a:78:
57:c7:a5:19:b4:9f:17:4a:0c:00:78:be:ea:ef:6b:
ab:cb:ec:4d:93:32:57:80:31:f8:70:1e:77:77:19:
ef:0b:f4:6f:e3:8d:a1:f1:59:6b:c7:88:d4:80:a0:
48:42:71:61:ce:42:0b:1f:48:26:88:ce:b5:cf:cb:
66:13:14:9e:2b:55:6c:64:8c:10:23:e1:55:c0:21:
57:36:e5:b3:43:10:ae:01:ed:eb:4d:80:7c:92:16:
0b:d0:10:4c:38:62:79:c4:d3:91:20:f2:97:c9:89:
f8:aa:3e:c9:27:a7:55:29:82:4f:9e:ca:4d:16:7c:
a1:76:d5:b2:bc:c5:e8:25:3e:1f:ed:03:9d:0f:7f:
80:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2A:EB:B5:95:0B:5D:21:14:01:DB:97:F4:55:76:45:51:EA:CD:31
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/AirrtZULXSEUAduX9FV2RVHqzTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.64.0/22
83.168.96.0/23
83.168.104.0/24
83.168.111.0/24
Signature Algorithm: sha256WithRSAEncryption
57:24:cb:f9:3b:96:ca:4c:c8:a4:a5:51:ef:f5:ef:5d:17:81:
61:ba:44:d2:32:d9:6a:2b:0e:b1:d0:2c:8a:1e:07:69:68:3a:
0c:e4:70:7d:49:2f:1e:f4:a2:e0:4c:8b:1e:48:36:f6:34:2c:
5b:5c:db:7c:c5:a3:d7:02:5f:f3:65:81:fe:9e:9c:5a:5d:a9:
bd:ca:2f:cc:69:e9:7f:80:82:0a:bf:2c:35:e4:0b:aa:84:07:
57:67:c6:a4:e4:f1:2e:68:c0:5a:32:2d:1e:d3:d7:df:cb:3a:
5b:02:30:4a:7d:42:a0:91:0f:88:b3:5a:83:d5:73:eb:2d:b0:
23:10:67:44:2f:9d:a7:f7:1b:78:15:f5:c7:d6:c0:94:1d:76:
56:7c:13:9b:e5:88:f9:02:36:6e:dc:36:1e:a2:72:bd:72:ff:
26:7c:79:b8:d9:26:24:89:90:b4:da:00:00:81:26:51:72:2e:
13:5f:da:18:cd:93:5d:27:dc:79:a9:04:8f:f8:53:43:d6:32:
ba:fb:13:7e:eb:8f:f2:c1:07:4d:af:0c:79:79:fa:59:dd:ea:
45:a6:88:75:00:d3:46:58:fa:ad:44:f9:41:02:46:32:69:79:
f1:d3:98:9f:a5:c4:c0:8d:d3:a5:3f:cf:57:80:fe:d9:0c:51:
75:50:c0:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY14xL1HlHtaKWKu2kJ4HuCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQwMjA1MTAxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJhZWJiNTk1MGI1ZDIxMTQwMWRiOTdmNDU1NzY0NTUxZWFjZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz4gADHnZr091jLO/e8JNHhSVNIS
+WSOo6XpXJDXKA3epitTnIgux1YeHaY68G9Vz7ze9EmTjUBWl0TJcRvq1xChwiPI
KRstubSVwi/lH5nuPbyvDqcJ3KK0Z1NbozBMW2trlwSet6oOkW/m8aP6491MiQ1J
GnhXx6UZtJ8XSgwAeL7q72ury+xNkzJXgDH4cB53dxnvC/Rv442h8Vlrx4jUgKBI
QnFhzkILH0gmiM61z8tmExSeK1VsZIwQI+FVwCFXNuWzQxCuAe3rTYB8khYL0BBM
OGJ5xNORIPKXyYn4qj7JJ6dVKYJPnspNFnyhdtWyvMXoJT4f7QOdD3+AEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAIq67WVC10hFAHbl/RVdkVR6s0xMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvQWlycnRaVUxYU0VVQWR1WDlGVjJSVkhxelRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU6hAAwQB
U6hgAwQAU6hoAwQAU6hvMA0GCSqGSIb3DQEBCwUAA4IBAQBXJMv5O5bKTMikpVHv
9e9dF4FhukTSMtlqKw6x0CyKHgdpaDoM5HB9SS8e9KLgTIseSDb2NCxbXNt8xaPX
Al/zZYH+npxaXam9yi/Mael/gIIKvyw15AuqhAdXZ8ak5PEuaMBaMi0e09ffyzpb
AjBKfUKgkQ+Is1qD1XPrLbAjEGdEL52n9xt4FfXH1sCUHXZWfBOb5Yj5AjZu3DYe
onK9cv8mfHm42SYkiZC02gAAgSZRci4TX9oYzZNdJ9x5qQSP+FND1jK6+xN+64/y
wQdNrwx5efpZ3epFpoh1ANNGWPqtRPlBAkYyaXnx05ifpcTAjdOlP89XgP7ZDFF1
UMCn
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:35:36 2024 by rpki-client on console-fra.rpki-client.org