Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/AfU2uS3h9UDjkKbPpMX5hpbTJsA.roa
File: AfU2uS3h9UDjkKbPpMX5hpbTJsA.roa (raw, json)
Hash identifier: CtyhCWMl97xuQy8OsFVLDw1KCa1dSsC9DBa6TwFuaJI=
Subject key identifier: 01:F5:36:B9:2D:E1:F5:40:E3:90:A6:CF:A4:C5:F9:86:96:D3:26:C0
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018CC4247034931ABA55B15DE2529CD252E6
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/AfU2uS3h9UDjkKbPpMX5hpbTJsA.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199653
IP address blocks: 94.177.232.0/21 maxlen: 24
94.177.240.0/22 maxlen: 24
89.38.148.0/22 maxlen: 24
89.40.112.0/22 maxlen: 24
89.36.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:70:34:93:1a:ba:55:b1:5d:e2:52:9c:d2:52:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f536b92de1f540e390a6cfa4c5f98696d326c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c2:93:93:c5:9d:9b:1b:92:85:79:dd:1a:fc:
d3:ae:76:f3:2d:f7:e0:37:0b:ba:a7:e7:60:4e:23:
6b:de:da:37:a9:68:f6:5c:a3:c6:b0:52:f6:fe:8c:
07:1f:85:16:c0:aa:65:a9:ad:6a:82:fd:eb:ea:a7:
94:92:c8:7f:41:ae:b7:b1:da:ff:59:61:7c:ac:47:
0e:86:49:5d:43:84:7f:50:90:02:95:c3:97:b3:64:
2f:5d:2e:70:a1:19:38:75:e4:9d:40:01:ad:de:8d:
86:09:bb:19:de:58:20:06:78:1a:6d:da:68:3c:44:
72:0c:50:ba:64:06:19:dd:bd:39:bd:f1:62:c3:4c:
46:c6:74:91:ed:60:6f:5e:8d:7f:ff:e8:02:74:67:
77:85:84:4e:be:6d:00:a0:43:e3:4f:a7:86:6d:70:
10:de:66:a5:b1:35:ed:03:49:1d:8a:aa:f0:96:17:
d0:20:4a:22:56:9e:28:1c:7a:c7:ab:d6:ee:29:83:
63:f7:85:ca:83:24:0a:5f:73:67:54:c5:96:bf:37:
35:ea:98:0d:36:be:35:60:7e:f0:ea:6f:68:c2:d8:
04:d7:9f:e5:94:d0:8c:41:9e:20:ab:2f:6b:bc:e2:
12:7d:77:e4:35:9f:90:15:96:ee:5a:d6:51:08:c3:
85:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F5:36:B9:2D:E1:F5:40:E3:90:A6:CF:A4:C5:F9:86:96:D3:26:C0
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/AfU2uS3h9UDjkKbPpMX5hpbTJsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.212.0/22
89.38.148.0/22
89.40.112.0/22
94.177.232.0-94.177.243.255
Signature Algorithm: sha256WithRSAEncryption
3f:b6:01:72:b4:71:f1:10:0f:87:c2:87:49:d2:85:6e:51:e8:
b3:5c:02:aa:ff:d3:a2:82:8b:01:0e:74:d5:26:94:ac:6d:3e:
f1:8f:a8:d8:e9:9c:0b:03:c3:8c:ed:c8:41:dd:e2:20:78:e6:
ab:a1:cc:2c:d5:e5:cb:18:07:1a:e2:5a:e8:61:fe:88:33:e3:
92:70:38:66:34:da:2d:50:e1:60:8b:b6:c3:f0:da:af:2e:e0:
ed:5e:86:f4:b5:16:90:54:d5:0e:12:52:56:40:46:52:6e:d0:
1f:5a:25:e8:47:db:97:c8:23:82:b1:b9:c1:5d:15:84:e6:31:
fc:d1:25:e9:3b:de:19:a8:ad:f3:4d:6d:4c:37:a4:cf:a4:64:
bb:e2:33:c0:5c:56:c7:07:63:27:49:9d:16:9c:b4:22:82:7a:
8d:99:7c:0a:ad:41:53:59:79:6e:e7:48:b1:8d:d0:1a:47:17:
2e:b7:a9:b5:4e:ab:16:7d:e1:72:9b:50:b4:cc:a2:82:0d:61:
bb:cb:a6:1e:e5:01:f1:99:96:83:83:7c:de:52:d7:43:80:06:
11:22:0a:13:44:50:a5:23:8c:a0:09:4d:1d:56:df:d0:6e:46:
6d:6a:d7:b2:a3:7c:c1:8d:15:38:bd:e2:d5:4a:65:26:b3:3b:
ae:7c:4a:db
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJHA0kxq6VbFd4lKc0lLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY1MzZiOTJkZTFmNTQwZTM5MGE2Y2ZhNGM1Zjk4Njk2ZDMyNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsKTk8WdmxuShXndGvzTrnbzLffg
Nwu6p+dgTiNr3to3qWj2XKPGsFL2/owHH4UWwKplqa1qgv3r6qeUksh/Qa63sdr/
WWF8rEcOhkldQ4R/UJAClcOXs2QvXS5woRk4deSdQAGt3o2GCbsZ3lggBngabdpo
PERyDFC6ZAYZ3b05vfFiw0xGxnSR7WBvXo1//+gCdGd3hYROvm0AoEPjT6eGbXAQ
3malsTXtA0kdiqrwlhfQIEoiVp4oHHrHq9buKYNj94XKgyQKX3NnVMWWvzc16pgN
Nr41YH7w6m9owtgE15/llNCMQZ4gqy9rvOISfXfkNZ+QFZbuWtZRCMOFEQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAH1Nrkt4fVA45Cmz6TF+YaW0ybAMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvQWZVMnVTM2g5VURqa0tiUHBNWDVocGJUSnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCWSTUAwQC
WSaUAwQCWShwMAwDBANesegDBAJesfAwDQYJKoZIhvcNAQELBQADggEBAD+2AXK0
cfEQD4fCh0nShW5R6LNcAqr/06KCiwEOdNUmlKxtPvGPqNjpnAsDw4ztyEHd4iB4
5quhzCzV5csYBxriWuhh/ogz45JwOGY02i1Q4WCLtsPw2q8u4O1ehvS1FpBU1Q4S
UlZARlJu0B9aJehH25fII4KxucFdFYTmMfzRJek73hmorfNNbUw3pM+kZLviM8Bc
VscHYydJnRactCKCeo2ZfAqtQVNZeW7nSLGN0BpHFy63qbVOqxZ94XKbULTMooIN
YbvLph7lAfGZloODfN5S10OABhEiChNEUKUjjKAJTR1W39BuRm1q17KjfMGNFTi9
4tVKZSazO658Sts=
-----END CERTIFICATE-----
Generated at Sat May 11 14:00:34 2024 by rpki-client on console-fra.rpki-client.org