Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/a7vukxqK5didpM3Ra4tErQdd49w.roa
File: a7vukxqK5didpM3Ra4tErQdd49w.roa (raw, json)
Hash identifier: LKeQR1HsnaDON2kFXjBLZgpwHdPviFL1dj4g8nTEiig=
Subject key identifier: 6B:BB:EE:93:1A:8A:E5:D8:9D:A4:CD:D1:6B:8B:44:AD:07:5D:E3:DC
Certificate issuer: /CN=a4a015b2d3d3e909b602f9fdd4f6f6f618873c58
Certificate serial: 018CC8DF03F18A3023D23727A5728E6B7A50
Authority key identifier: A4:A0:15:B2:D3:D3:E9:09:B6:02:F9:FD:D4:F6:F6:F6:18:87:3C:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKAVstPT6Qm2Avn91Pb29hiHPFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/a7vukxqK5didpM3Ra4tErQdd49w.roa
Signing time: Tue 02 Jan 2024 06:31:47 +0000
ROA not before: Tue 02 Jan 2024 06:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31424
IP address blocks: 195.191.132.0/23 maxlen: 23
193.17.194.0/24 maxlen: 24
2001:67c:358::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/pKAVstPT6Qm2Avn91Pb29hiHPFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/pKAVstPT6Qm2Avn91Pb29hiHPFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pKAVstPT6Qm2Avn91Pb29hiHPFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:03:f1:8a:30:23:d2:37:27:a5:72:8e:6b:7a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4a015b2d3d3e909b602f9fdd4f6f6f618873c58
Validity
Not Before: Jan 2 06:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bbbee931a8ae5d89da4cdd16b8b44ad075de3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3e:bf:b1:24:17:0d:5b:9d:2b:c9:ee:b6:93:
83:1f:66:57:ff:b7:64:90:97:b3:3c:b9:b8:b9:e2:
02:82:40:66:68:ee:11:68:f3:af:79:b0:87:c1:b7:
b0:c8:15:5b:9d:d0:f0:d2:f3:42:43:95:2a:f8:a4:
7e:76:1e:6e:8e:05:1b:86:09:f1:1d:e7:d8:a6:f0:
fd:41:ed:da:59:3e:88:8b:9e:ae:89:6d:a7:2a:97:
b1:ec:a4:72:48:65:00:8c:30:08:47:ee:97:49:52:
b8:b7:4d:b4:8f:36:d1:da:b5:6e:0a:cd:ea:11:30:
71:02:41:a2:96:71:81:74:b8:d1:bf:74:10:8d:ef:
35:b5:89:af:51:6b:e4:19:03:67:8f:4e:28:6e:b0:
74:65:31:ae:5a:16:0b:31:1c:f2:9a:c3:5e:b9:3a:
04:6a:45:25:9d:de:39:f9:a6:06:67:1c:6c:d7:e7:
e0:51:6d:df:40:ce:d1:8b:35:4e:b7:ec:5c:75:7b:
1f:57:95:11:b1:39:4e:e3:c8:dc:1a:97:39:8e:8f:
0b:01:88:b6:87:f0:16:9f:37:e2:02:89:3b:3e:d1:
1e:70:c5:a0:25:3a:b4:a2:42:50:a8:c2:91:59:06:
ae:2a:1b:cb:f4:af:de:a6:69:6d:80:fe:09:db:b9:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BB:EE:93:1A:8A:E5:D8:9D:A4:CD:D1:6B:8B:44:AD:07:5D:E3:DC
X509v3 Authority Key Identifier:
keyid:A4:A0:15:B2:D3:D3:E9:09:B6:02:F9:FD:D4:F6:F6:F6:18:87:3C:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKAVstPT6Qm2Avn91Pb29hiHPFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/a7vukxqK5didpM3Ra4tErQdd49w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b9bda3-b611-4338-bbe8-a7dd16343297/1/pKAVstPT6Qm2Avn91Pb29hiHPFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.194.0/24
195.191.132.0/23
IPv6:
2001:67c:358::/48
Signature Algorithm: sha256WithRSAEncryption
8d:8e:c3:72:7f:25:05:77:dc:64:a1:7c:0a:22:c3:2f:05:c3:
c1:3d:c7:5a:90:4f:0d:43:7f:38:e1:68:44:3c:5f:48:d4:df:
21:bc:6f:25:5c:46:41:35:7a:86:a7:a0:db:00:5f:fb:e1:70:
7f:fa:27:75:b4:5e:b4:b9:0f:02:20:2b:9f:40:6d:0c:ec:58:
1f:bd:14:15:bc:8d:7d:e2:e7:2d:93:94:70:e4:39:03:cf:98:
ec:39:8c:38:c9:29:bd:e9:a2:0b:88:a3:f9:de:cf:b6:77:2a:
88:33:e3:ec:a5:02:2d:26:22:a7:5f:00:47:a7:d9:65:06:4a:
fe:e5:c6:4f:80:6e:61:ce:5c:45:6b:7c:73:4c:5c:31:21:14:
2d:81:42:f0:49:13:92:76:44:0a:b8:83:f6:ae:2a:fa:e5:41:
05:c0:ec:f6:23:a1:48:20:98:68:56:5f:dd:f8:e2:a7:a8:d5:
0c:c3:9a:b3:d3:b6:ca:3e:62:18:bc:ac:c7:61:53:c5:f3:de:
76:67:2f:e1:3b:8d:5e:e3:5b:78:77:e3:ac:76:0e:0e:69:73:
9e:96:b2:bb:ae:e2:79:9f:fe:c3:c7:32:21:98:2d:a8:8d:18:
30:ed:a3:d7:a9:8a:e0:b4:7a:4c:b2:cf:28:84:bd:49:c6:41:
e1:25:f3:0e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI3wPxijAj0jcnpXKOa3pQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTAxNWIyZDNkM2U5MDliNjAyZjlmZGQ0ZjZmNmY2MTg4
NzNjNTgwHhcNMjQwMTAyMDYzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJiZWU5MzFhOGFlNWQ4OWRhNGNkZDE2YjhiNDRhZDA3NWRlM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD6/sSQXDVudK8nutpODH2ZX/7dk
kJezPLm4ueICgkBmaO4RaPOvebCHwbewyBVbndDw0vNCQ5Uq+KR+dh5ujgUbhgnx
HefYpvD9Qe3aWT6Ii56uiW2nKpex7KRySGUAjDAIR+6XSVK4t020jzbR2rVuCs3q
ETBxAkGilnGBdLjRv3QQje81tYmvUWvkGQNnj04obrB0ZTGuWhYLMRzymsNeuToE
akUlnd45+aYGZxxs1+fgUW3fQM7RizVOt+xcdXsfV5URsTlO48jcGpc5jo8LAYi2
h/AWnzfiAok7PtEecMWgJTq0okJQqMKRWQauKhvL9K/epmltgP4J27nzWQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGu77pMaiuXYnaTN0WuLRK0HXePcMB8GA1UdIwQY
MBaAFKSgFbLT0+kJtgL5/dT29vYYhzxYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtBVnN0UFQ2UW0yQXZuOTFQYjI5aGlIUEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iOWJkYTMtYjYxMS00MzM4LWJiZTgt
YTdkZDE2MzQzMjk3LzEvYTd2dWt4cUs1ZGlkcE0zUmE0dEVyUWRkNDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iOWJkYTMtYjYxMS00MzM4LWJiZTgtYTdkZDE2MzQzMjk3
LzEvcEtBVnN0UFQ2UW0yQXZuOTFQYjI5aGlIUEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwRHCAwQB
w7+EMA8EAgACMAkDBwAgAQZ8A1gwDQYJKoZIhvcNAQELBQADggEBAI2Ow3J/JQV3
3GShfAoiwy8Fw8E9x1qQTw1DfzjhaEQ8X0jU3yG8byVcRkE1eoanoNsAX/vhcH/6
J3W0XrS5DwIgK59AbQzsWB+9FBW8jX3i5y2TlHDkOQPPmOw5jDjJKb3poguIo/ne
z7Z3Kogz4+ylAi0mIqdfAEen2WUGSv7lxk+AbmHOXEVrfHNMXDEhFC2BQvBJE5J2
RAq4g/auKvrlQQXA7PYjoUggmGhWX9344qeo1QzDmrPTtso+Yhi8rMdhU8Xz3nZn
L+E7jV7jW3h346x2Dg5pc56Wsruu4nmf/sPHMiGYLaiNGDDto9epiuC0ekyyzyiE
vUnGQeEl8w4=
-----END CERTIFICATE-----
Generated at Wed Jun 26 12:52:04 2024 by rpki-client on console-ams.rpki-client.org