Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/AT3axf-L90nwcu445JuzGmzLmmY.roa
File: AT3axf-L90nwcu445JuzGmzLmmY.roa (raw, json)
Hash identifier: /B13uAfl/EgzjYptdPbz8LyEIBz0ks4IILqBgHbleIc=
Subject key identifier: 01:3D:DA:C5:FF:8B:F7:49:F0:72:EE:38:E4:9B:B3:1A:6C:CB:9A:66
Certificate issuer: /CN=7ee053cb9cb4f41c1e4773e7f16e84bb57522033
Certificate serial: 018CC72573A0EEC8F44B6EAEE2C42F846800
Authority key identifier: 7E:E0:53:CB:9C:B4:F4:1C:1E:47:73:E7:F1:6E:84:BB:57:52:20:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/AT3axf-L90nwcu445JuzGmzLmmY.roa
Signing time: Mon 01 Jan 2024 22:29:29 +0000
ROA not before: Mon 01 Jan 2024 22:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 193.228.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:73:a0:ee:c8:f4:4b:6e:ae:e2:c4:2f:84:68:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee053cb9cb4f41c1e4773e7f16e84bb57522033
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=013ddac5ff8bf749f072ee38e49bb31a6ccb9a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0c:f5:a9:f8:9d:68:62:1f:ec:94:3d:4d:ec:
4c:b3:38:a0:33:cf:a2:9e:53:13:c6:5e:f7:1f:e0:
a7:5d:8c:c2:90:ed:23:e4:59:93:c7:cf:21:6e:83:
43:3c:41:35:5b:3b:4a:7e:35:2e:b1:4f:04:3e:77:
3d:de:c2:0d:e6:51:00:7b:69:fb:f8:e1:2d:ce:7f:
7d:f1:6f:be:11:39:15:d6:49:bc:bf:59:5e:b1:64:
25:e2:d6:fa:59:ea:9d:dd:6b:f1:c5:59:21:c1:f3:
c4:b1:92:5c:e7:dd:7c:d9:84:f0:4b:4e:0f:99:4e:
d3:9b:d2:b7:6f:d1:36:db:d6:7e:f7:ff:94:c3:cf:
40:03:3c:35:7b:8e:2c:bd:70:42:83:1f:12:d4:f1:
6b:27:8e:f3:fd:0c:90:35:69:61:a4:7e:b9:5c:c1:
99:c7:3b:56:d3:65:d0:9f:7a:89:b4:51:3f:d3:40:
aa:7b:15:46:f7:03:9b:66:f1:5a:82:ea:a7:0f:a0:
06:af:65:2b:45:a4:fa:3a:f8:b4:43:eb:44:e4:b4:
18:19:e5:e1:bb:75:06:c4:f9:7b:0e:16:af:df:f5:
b2:c0:50:a5:56:d7:e1:c2:00:40:ef:eb:76:ff:ff:
1f:0c:11:19:15:d5:fc:c4:23:54:8c:2c:55:5b:65:
a0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3D:DA:C5:FF:8B:F7:49:F0:72:EE:38:E4:9B:B3:1A:6C:CB:9A:66
X509v3 Authority Key Identifier:
keyid:7E:E0:53:CB:9C:B4:F4:1C:1E:47:73:E7:F1:6E:84:BB:57:52:20:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/AT3axf-L90nwcu445JuzGmzLmmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.91.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2b:90:57:d7:db:3b:74:e1:dd:00:01:b3:6b:c9:c3:ab:69:
93:9d:97:8c:84:bd:44:3b:4c:7d:7a:7b:c4:e4:88:14:14:21:
1c:59:4d:16:96:ab:ac:c4:c2:1a:5a:7d:46:00:77:9c:7f:b7:
63:e9:7c:22:41:b4:51:b3:31:24:40:37:09:bb:97:d3:ff:d3:
e9:d9:44:de:c6:6d:0a:23:44:13:67:45:20:a5:f3:43:dc:a2:
6c:66:4e:71:ef:71:9a:ab:87:94:3f:e2:91:34:eb:b7:06:e4:
61:08:f6:34:bd:d6:8b:e7:69:76:bd:bf:d7:cb:e6:24:fe:9c:
7d:2f:93:ed:23:78:b2:08:9f:68:ec:97:4f:2b:ac:f0:fb:ef:
17:1a:d0:1a:2e:40:89:0c:e0:6e:47:34:58:da:bb:f8:ae:a9:
8f:fb:e3:19:f6:17:f0:e3:ae:02:2c:be:47:12:3d:9e:e1:72:
99:b6:91:b1:0d:ce:7b:22:df:65:2b:fb:a0:c6:45:c9:e8:df:
1a:a9:b0:7c:11:64:f2:44:64:74:af:8c:8b:5c:72:b0:1a:29:
50:f5:de:9d:53:2a:92:1b:75:7f:6a:73:dc:a6:02:72:f0:01:
09:a1:28:d7:36:74:76:2a:2c:56:51:96:73:80:16:d7:fb:c6:
9c:73:ab:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXOg7sj0S26u4sQvhGgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTA1M2NiOWNiNGY0MWMxZTQ3NzNlN2YxNmU4NGJiNTc1
MjIwMzMwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNkZGFjNWZmOGJmNzQ5ZjA3MmVlMzhlNDliYjMxYTZjY2I5YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAz1qfidaGIf7JQ9TexMszigM8+i
nlMTxl73H+CnXYzCkO0j5FmTx88hboNDPEE1WztKfjUusU8EPnc93sIN5lEAe2n7
+OEtzn998W++ETkV1km8v1lesWQl4tb6Weqd3WvxxVkhwfPEsZJc59182YTwS04P
mU7Tm9K3b9E229Z+9/+Uw89AAzw1e44svXBCgx8S1PFrJ47z/QyQNWlhpH65XMGZ
xztW02XQn3qJtFE/00CqexVG9wObZvFaguqnD6AGr2UrRaT6Ovi0Q+tE5LQYGeXh
u3UGxPl7Dhav3/WywFClVtfhwgBA7+t2//8fDBEZFdX8xCNUjCxVW2WgEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAE92sX/i/dJ8HLuOOSbsxpsy5pmMB8GA1UdIwQY
MBaAFH7gU8uctPQcHkdz5/FuhLtXUiAzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVCVHk1eTA5QndlUjNQbjhXNkV1MWRTSURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wNjAwYTQtMTQ2NC00YTdjLWFmNTYt
MThlODZmMGIxZDgxLzEvQVQzYXhmLUw5MG53Y3U0NDVKdXpHbXpMbW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wNjAwYTQtMTQ2NC00YTdjLWFmNTYtMThlODZmMGIxZDgx
LzEvZnVCVHk1eTA5QndlUjNQbjhXNkV1MWRTSURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweRbMA0G
CSqGSIb3DQEBCwUAA4IBAQBAK5BX19s7dOHdAAGza8nDq2mTnZeMhL1EO0x9envE
5IgUFCEcWU0WlqusxMIaWn1GAHecf7dj6XwiQbRRszEkQDcJu5fT/9Pp2UTexm0K
I0QTZ0UgpfND3KJsZk5x73Gaq4eUP+KRNOu3BuRhCPY0vdaL52l2vb/Xy+Yk/px9
L5PtI3iyCJ9o7JdPK6zw++8XGtAaLkCJDOBuRzRY2rv4rqmP++MZ9hfw464CLL5H
Ej2e4XKZtpGxDc57It9lK/ugxkXJ6N8aqbB8EWTyRGR0r4yLXHKwGilQ9d6dUyqS
G3V/anPcpgJy8AEJoSjXNnR2KixWUZZzgBbX+8acc6vv
-----END CERTIFICATE-----
Generated at Sat May 25 10:38:21 2024 by rpki-client on console-ams.rpki-client.org