Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/aRHWBpLTknT-Uw3yjoXIUqqXk1g.roa
File: aRHWBpLTknT-Uw3yjoXIUqqXk1g.roa (raw, json)
Hash identifier: 4k9FAHalXSJzISYqBBDcM0r9fvxbYEHk8yd+BExW/y4=
Subject key identifier: 69:11:D6:06:92:D3:92:74:FE:53:0D:F2:8E:85:C8:52:AA:97:93:58
Certificate issuer: /CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Certificate serial: 018CC64A944FA8A9BE8DCF6BF434218C1627
Authority key identifier: 81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/aRHWBpLTknT-Uw3yjoXIUqqXk1g.roa
Signing time: Mon 01 Jan 2024 18:30:25 +0000
ROA not before: Mon 01 Jan 2024 18:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207021
IP address blocks: 194.50.187.0/24 maxlen: 24
194.0.182.0/24 maxlen: 24
193.227.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:94:4f:a8:a9:be:8d:cf:6b:f4:34:21:8c:16:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Validity
Not Before: Jan 1 18:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6911d60692d39274fe530df28e85c852aa979358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:c9:3e:da:f1:60:25:d6:31:bf:ca:f5:b4:
80:b8:0b:f3:30:32:06:fc:55:fb:c3:c9:3e:ce:97:
56:d3:44:ff:2f:f4:fc:a8:7d:99:6d:8c:44:36:a5:
b8:d0:b9:7c:5f:ff:a4:9e:7a:06:37:34:21:fc:8d:
80:27:b7:ff:15:63:1c:b0:af:2a:2e:10:2f:f6:c5:
68:50:db:77:34:ba:78:2d:3c:1f:8d:ce:8e:74:75:
91:32:b3:b0:71:a5:61:04:6a:ee:d7:4d:a9:5c:99:
ea:03:10:ef:50:8c:42:53:bf:29:10:9c:67:24:d6:
23:e4:1f:98:81:38:12:dd:c5:ff:e2:20:9d:b8:9c:
63:90:96:1d:ef:2c:53:e6:26:fa:4f:f8:d3:a5:5d:
fe:14:aa:6b:a2:c8:33:01:6c:25:5a:72:11:be:58:
56:6b:13:3b:56:8b:10:c2:a5:1d:7c:13:78:43:af:
23:2b:2e:32:be:0a:a2:69:a0:b2:39:51:81:e3:33:
6a:cf:d0:5c:75:db:35:fb:4c:59:e8:78:c3:a9:d9:
27:60:f2:a8:d1:37:94:fd:f5:5c:b5:09:6b:7a:f1:
9d:b5:20:21:73:7c:61:20:c6:a9:ec:7a:bb:67:5e:
60:2c:3e:40:38:f0:98:c9:4d:17:0a:e8:97:da:77:
3c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:11:D6:06:92:D3:92:74:FE:53:0D:F2:8E:85:C8:52:AA:97:93:58
X509v3 Authority Key Identifier:
keyid:81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/aRHWBpLTknT-Uw3yjoXIUqqXk1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.227.117.0/24
194.0.182.0/24
194.50.187.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:d8:9c:ce:fd:af:6c:75:1f:1d:82:d2:a9:ee:60:30:c0:a8:
9e:73:44:01:6c:04:d8:27:85:3b:28:3e:80:ad:94:6c:2e:45:
d5:e2:6f:0d:67:fc:e0:23:1f:8a:5e:9b:61:88:28:10:2d:4d:
87:2a:2b:f6:00:0c:c2:be:ed:c7:ab:78:eb:b3:70:f8:0d:ca:
27:d4:62:ab:d0:03:9f:67:61:d9:77:e4:09:57:7f:a8:4b:dc:
d6:97:31:50:32:28:42:7b:74:14:ce:28:97:1c:ae:72:de:23:
dd:55:1a:42:54:02:6b:45:ba:84:fc:ea:59:d5:d2:7a:d5:58:
58:b5:14:77:7e:8a:fe:ae:d8:ac:cf:fd:e7:1a:b6:c1:74:f1:
f4:02:b6:b7:d2:a6:de:32:22:0b:a3:e8:93:a1:17:d0:96:b9:
6d:f9:cf:bb:49:ee:a3:27:8a:60:f0:2e:8e:c7:6c:31:03:71:
c7:2e:7e:a4:cb:45:28:c2:8b:29:3d:52:39:22:22:e9:48:7f:
e7:b6:d8:d8:2d:0f:2a:95:1a:83:d7:ec:f6:a5:42:bc:c7:1f:
0d:ca:7a:54:15:9e:0a:1a:41:a7:81:32:f6:31:51:21:82:a7:
34:d0:23:11:7d:8c:b2:f9:06:1d:e9:e5:89:1b:54:38:20:a2:
50:6b:83:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSpRPqKm+jc9r9DQhjBYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTdjZThiYWNiZWNlZWIxNmY2MDBiNjA3ZDFiZmQwODAz
M2IzMDIwHhcNMjQwMTAxMTgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTExZDYwNjkyZDM5Mjc0ZmU1MzBkZjI4ZTg1Yzg1MmFhOTc5MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMnJPtrxYCXWMb/K9bSAuAvzMDIG
/FX7w8k+zpdW00T/L/T8qH2ZbYxENqW40Ll8X/+knnoGNzQh/I2AJ7f/FWMcsK8q
LhAv9sVoUNt3NLp4LTwfjc6OdHWRMrOwcaVhBGru102pXJnqAxDvUIxCU78pEJxn
JNYj5B+YgTgS3cX/4iCduJxjkJYd7yxT5ib6T/jTpV3+FKprosgzAWwlWnIRvlhW
axM7VosQwqUdfBN4Q68jKy4yvgqiaaCyOVGB4zNqz9Bcdds1+0xZ6HjDqdknYPKo
0TeU/fVctQlrevGdtSAhc3xhIMap7Hq7Z15gLD5AOPCYyU0XCuiX2nc8sQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGkR1gaS05J0/lMN8o6FyFKql5NYMB8GA1UdIwQY
MBaAFIGnzousvs7rFvYAtgfRv9CAM7MCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzct
YjI3ZDg3MzBhMjcwLzEvYVJIV0JwTFRrblQtVXczeWpvWElVcXFYazFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzctYjI3ZDg3MzBhMjcw
LzEvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAweN1AwQA
wgC2AwQAwjK7MA0GCSqGSIb3DQEBCwUAA4IBAQDO2JzO/a9sdR8dgtKp7mAwwKie
c0QBbATYJ4U7KD6ArZRsLkXV4m8NZ/zgIx+KXpthiCgQLU2HKiv2AAzCvu3Hq3jr
s3D4Dcon1GKr0AOfZ2HZd+QJV3+oS9zWlzFQMihCe3QUziiXHK5y3iPdVRpCVAJr
RbqE/OpZ1dJ61VhYtRR3for+rtisz/3nGrbBdPH0Ara30qbeMiILo+iToRfQlrlt
+c+7Se6jJ4pg8C6Ox2wxA3HHLn6ky0UowospPVI5IiLpSH/nttjYLQ8qlRqD1+z2
pUK8xx8NynpUFZ4KGkGngTL2MVEhgqc00CMRfYyy+QYd6eWJG1Q4IKJQa4NN
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:24:53 2024 by rpki-client on console-ams.rpki-client.org