Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/AUAIwYcf6czzjIyur-Zi-9C6nAc.roa
File: AUAIwYcf6czzjIyur-Zi-9C6nAc.roa (raw, json)
Hash identifier: 0KyzJ5+f7LXHxb1EzUQ83pWlC0FKH+QqHGyRhp6bYiI=
Subject key identifier: 01:40:08:C1:87:1F:E9:CC:F3:8C:8C:AE:AF:E6:62:FB:D0:BA:9C:07
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C2FC8318D51765800FA71314A029
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/AUAIwYcf6czzjIyur-Zi-9C6nAc.roa
Signing time: Tue 02 Jan 2024 02:31:13 +0000
ROA not before: Tue 02 Jan 2024 02:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31102
IP address blocks: 89.44.108.0/24 maxlen: 24
86.107.52.0/24 maxlen: 24
188.241.134.0/23 maxlen: 23
89.42.9.0/24 maxlen: 24
188.240.202.0/23 maxlen: 23
89.47.255.0/24 maxlen: 24
92.114.39.0/24 maxlen: 24
92.114.52.0/24 maxlen: 24
188.215.70.0/23 maxlen: 23
86.107.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c2:fc:83:18:d5:17:65:80:0f:a7:13:14:a0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=014008c1871fe9ccf38c8caeafe662fbd0ba9c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:03:2c:66:52:31:6a:9c:d7:ff:b8:05:e9:99:
7b:de:8c:bc:0c:a6:c4:ad:66:e7:1a:9c:61:78:bd:
40:d7:ca:6e:b6:15:3d:6b:52:0f:51:a3:3f:25:c2:
b7:56:d1:b6:42:39:11:e9:e7:ef:14:cf:ef:fc:8f:
e1:a7:0c:c6:6f:ff:2d:58:e4:a4:2b:98:64:22:2e:
a0:aa:76:99:55:a2:63:ba:c1:7c:1d:19:6e:41:95:
bf:b5:9e:0b:e0:6b:dc:d2:65:ac:97:5e:e9:62:c8:
2d:07:11:65:ed:ee:18:f8:f9:68:34:15:c7:0a:34:
a2:2b:6d:47:92:7c:be:ce:75:2c:6d:80:ce:35:1f:
0a:c7:7e:86:3b:fb:c8:1f:d6:fd:9b:84:34:57:49:
80:e8:a9:22:26:08:47:f4:a9:9d:6b:c2:ef:2b:e2:
c8:89:68:cc:34:20:b6:f3:52:60:67:28:a2:6c:6a:
ad:f2:ba:3e:15:81:9d:fb:4f:a9:89:ab:e6:cf:ef:
9c:64:ee:08:f2:4f:a6:7a:fd:2f:70:1a:d6:3f:94:
c3:9c:18:46:7c:02:64:5d:41:fe:87:f0:f3:59:13:
5e:9e:d2:95:d4:cb:ae:d5:91:0e:bf:74:d5:64:3e:
36:a8:72:f3:c4:47:d0:38:67:5f:99:28:13:1a:17:
bc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:40:08:C1:87:1F:E9:CC:F3:8C:8C:AE:AF:E6:62:FB:D0:BA:9C:07
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/AUAIwYcf6czzjIyur-Zi-9C6nAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.20.0/24
86.107.52.0/24
89.42.9.0/24
89.44.108.0/24
89.47.255.0/24
92.114.39.0/24
92.114.52.0/24
188.215.70.0/23
188.240.202.0/23
188.241.134.0/23
Signature Algorithm: sha256WithRSAEncryption
82:3c:10:56:82:14:4a:fd:62:fc:bc:fd:ff:c5:f1:43:a9:69:
37:69:b0:6e:91:eb:4e:b7:70:f7:dc:56:38:44:8e:96:c8:0f:
cf:87:fb:26:7b:3e:f2:ce:55:6d:eb:e9:9d:cb:ab:42:4b:21:
60:95:b3:2f:db:11:05:c3:fd:a3:97:05:6f:da:46:f3:fb:f2:
db:f1:1a:ad:86:9b:53:ba:76:a2:d4:a4:27:46:8c:00:6a:23:
32:b8:02:ca:d5:c8:fa:c4:95:ba:20:9c:a6:3d:80:8b:bc:57:
e7:64:85:e1:49:06:2c:be:68:7f:96:ba:88:15:57:b1:29:93:
99:dc:f3:ae:36:a0:f8:56:49:68:fa:b5:56:2c:21:09:69:cd:
ac:d3:99:a9:09:3f:99:6a:85:eb:fe:53:c8:68:52:74:bf:56:
60:d0:86:16:33:fe:0a:0b:db:8a:b9:44:dd:c7:d1:05:a7:09:
95:5a:71:41:b2:f8:45:53:e2:d7:84:31:74:14:95:90:0f:be:
24:5b:73:f7:bf:0a:28:a5:98:b3:af:b7:88:92:2d:51:c5:b8:
c9:d2:c6:41:bb:78:d7:ca:91:c2:80:c8:0b:ff:ff:ea:e8:86:
69:89:96:98:ce:1b:90:50:d5:5f:8e:13:70:4b:f8:06:cc:3f:
2d:76:3d:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzIAsL8gxjVF2WAD6cTFKApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQwMDhjMTg3MWZlOWNjZjM4YzhjYWVhZmU2NjJmYmQwYmE5YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAMsZlIxapzX/7gF6Zl73oy8DKbE
rWbnGpxheL1A18puthU9a1IPUaM/JcK3VtG2QjkR6efvFM/v/I/hpwzGb/8tWOSk
K5hkIi6gqnaZVaJjusF8HRluQZW/tZ4L4Gvc0mWsl17pYsgtBxFl7e4Y+PloNBXH
CjSiK21Hkny+znUsbYDONR8Kx36GO/vIH9b9m4Q0V0mA6KkiJghH9Kmda8LvK+LI
iWjMNCC281JgZyiibGqt8ro+FYGd+0+piavmz++cZO4I8k+mev0vcBrWP5TDnBhG
fAJkXUH+h/DzWRNentKV1Muu1ZEOv3TVZD42qHLzxEfQOGdfmSgTGhe86wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAFACMGHH+nM84yMrq/mYvvQupwHMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvQVVBSXdZY2Y2Y3p6akl5dXItWmktOUM2bkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVmsUAwQA
Vms0AwQAWSoJAwQAWSxsAwQAWS//AwQAXHInAwQAXHI0AwQBvNdGAwQBvPDKAwQB
vPGGMA0GCSqGSIb3DQEBCwUAA4IBAQCCPBBWghRK/WL8vP3/xfFDqWk3abBuketO
t3D33FY4RI6WyA/Ph/smez7yzlVt6+mdy6tCSyFglbMv2xEFw/2jlwVv2kbz+/Lb
8RqthptTunai1KQnRowAaiMyuALK1cj6xJW6IJymPYCLvFfnZIXhSQYsvmh/lrqI
FVexKZOZ3POuNqD4Vklo+rVWLCEJac2s05mpCT+ZaoXr/lPIaFJ0v1Zg0IYWM/4K
C9uKuUTdx9EFpwmVWnFBsvhFU+LXhDF0FJWQD74kW3P3vwoopZizr7eIki1RxbjJ
0sZBu3jXypHCgMgL///q6IZpiZaYzhuQUNVfjhNwS/gGzD8tdj3/
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org