Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/AZwhlsxC1K5W0MBkZifOdcMApRE.roa
File: AZwhlsxC1K5W0MBkZifOdcMApRE.roa (raw, json)
Hash identifier: IXjVAj3p1cXEbjuuW0XBHDRWR01492+68557twQtyT8=
Subject key identifier: 01:9C:21:96:CC:42:D4:AE:56:D0:C0:64:66:27:CE:75:C3:00:A5:11
Certificate issuer: /CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Certificate serial: 018CC8015EE7534CDF7E688958FED028EA1C
Authority key identifier: FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/AZwhlsxC1K5W0MBkZifOdcMApRE.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12322
IP address blocks: 83.152.0.0/13 maxlen: 15
88.120.0.0/13 maxlen: 13
213.36.0.0/16 maxlen: 18
91.160.0.0/12 maxlen: 12
82.142.0.0/18 maxlen: 18
83.214.0.0/16 maxlen: 16
212.62.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5e:e7:53:4c:df:7e:68:89:58:fe:d0:28:ea:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=019c2196cc42d4ae56d0c0646627ce75c300a511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:06:fa:94:61:5f:15:0c:d8:93:2c:59:78:a2:
67:1d:e1:3e:be:d8:e3:d6:71:27:b3:1f:19:11:a7:
40:19:2f:99:5f:ea:b0:9e:83:81:a7:15:14:73:86:
48:6b:08:c5:7e:29:a7:96:0d:b8:2d:91:5d:91:59:
86:69:bd:b7:a7:74:85:f3:3a:36:b6:70:94:eb:ca:
25:8f:68:52:bb:fb:47:25:2e:8d:21:ed:13:e3:02:
18:5a:be:03:7b:a6:c3:9c:87:ba:38:d1:95:44:92:
4d:7b:aa:ca:ce:8e:ac:a7:27:6b:29:0f:f6:a6:a9:
e3:e5:da:41:ca:4a:8d:18:cb:90:91:da:ea:63:a2:
5d:1b:db:3a:3f:75:c1:30:9e:f5:77:a8:1c:aa:48:
51:3e:4d:75:4f:11:00:1e:a1:7a:56:c5:86:10:2e:
20:4b:b1:b5:b4:70:58:ef:6e:47:7c:14:f4:89:46:
c7:c1:4a:a8:ee:e0:46:d0:8b:ac:a3:2e:f3:86:09:
c9:f9:3e:de:5f:0f:ce:85:a5:36:b7:fd:b1:09:af:
37:53:23:4a:cd:aa:ac:ff:d3:05:5c:62:b6:c9:4f:
75:3a:f0:d2:04:36:d8:bf:b1:b3:66:22:13:d9:27:
18:86:73:22:f0:42:d5:de:ee:7a:c2:b3:88:6a:1e:
e1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9C:21:96:CC:42:D4:AE:56:D0:C0:64:66:27:CE:75:C3:00:A5:11
X509v3 Authority Key Identifier:
keyid:FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/AZwhlsxC1K5W0MBkZifOdcMApRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.142.0.0/18
83.152.0.0/13
83.214.0.0/16
88.120.0.0/13
91.160.0.0/12
212.62.128.0/18
213.36.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:a3:29:0d:0c:51:ac:bb:65:54:e6:6d:08:13:d5:e2:a7:db:
2d:27:72:3a:29:8d:86:0d:15:0d:ec:5a:4e:19:e5:33:85:a4:
9c:2a:63:6a:4a:2c:2a:86:70:fb:09:63:4c:7f:de:39:42:4a:
55:15:16:84:17:ae:95:57:f7:49:04:6c:46:dc:96:02:42:1f:
53:71:5d:76:e7:7d:2c:31:8e:19:27:0e:1c:f1:50:d0:79:f2:
22:6a:6c:ee:41:06:5f:32:1f:50:f3:05:3c:e1:bc:fa:30:b2:
8b:2b:3f:1a:67:d2:bf:f4:43:1a:5c:bf:b9:0c:36:71:4b:3f:
36:48:45:ee:10:0d:02:63:1d:9e:10:f4:84:1d:9a:fa:10:2b:
28:52:15:14:79:ea:4c:ce:80:0f:be:b3:2c:a3:1f:c1:42:4d:
4e:02:e9:9e:e6:ba:53:b5:4c:59:2a:dd:9a:4d:14:cd:09:fa:
36:4e:be:8d:c6:b5:b2:0b:b8:e8:fb:f6:87:fd:72:8b:d1:8d:
34:46:64:e0:c3:d7:1c:2e:3c:05:8e:be:1c:28:03:05:b1:58:
59:28:6b:f9:ed:e6:9d:d3:d7:42:36:b5:c8:cf:26:cd:45:68:
ee:20:ca:1f:f9:32:db:fb:87:b8:69:a8:fe:8b:2a:74:96:58:
bf:49:d5:26
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIAV7nU0zffmiJWP7QKOocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTE2YjQ5M2QyYTEyODk3Y2FmNDc1N2JiMThhMDJlZWMy
Y2RlMTcwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTljMjE5NmNjNDJkNGFlNTZkMGMwNjQ2NjI3Y2U3NWMzMDBhNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQb6lGFfFQzYkyxZeKJnHeE+vtjj
1nEnsx8ZEadAGS+ZX+qwnoOBpxUUc4ZIawjFfimnlg24LZFdkVmGab23p3SF8zo2
tnCU68olj2hSu/tHJS6NIe0T4wIYWr4De6bDnIe6ONGVRJJNe6rKzo6spydrKQ/2
pqnj5dpBykqNGMuQkdrqY6JdG9s6P3XBMJ71d6gcqkhRPk11TxEAHqF6VsWGEC4g
S7G1tHBY725HfBT0iUbHwUqo7uBG0Iusoy7zhgnJ+T7eXw/OhaU2t/2xCa83UyNK
zaqs/9MFXGK2yU91OvDSBDbYv7GzZiIT2ScYhnMi8ELV3u56wrOIah7h9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAGcIZbMQtSuVtDAZGYnznXDAKURMB8GA1UdIwQY
MBaAFPrha0k9KhKJfK9HV7sYoC7sLN4XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11RnJTVDBxRW9sOHIwZFh1eGlnTHV3czNoYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUz
LTRhZmQ4MjU0YWU0My8xL0Fad2hsc3hDMUs1VzBNQmtaaWZPZGNNQXBSRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUzLTRhZmQ4MjU0YWU0
My8xLzEtdUZyU1QwcUVvbDhyMGRYdXhpZ0x1d3MzaGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPgYIKwYBBQUHAQcBAf8ELzAtMCsEAgABMCUDBAZSjgAD
AwNTmAMDAFPWAwMDWHgDAwRboAMEBtQ+gAMDANUkMA0GCSqGSIb3DQEBCwUAA4IB
AQBRoykNDFGsu2VU5m0IE9Xip9stJ3I6KY2GDRUN7FpOGeUzhaScKmNqSiwqhnD7
CWNMf945QkpVFRaEF66VV/dJBGxG3JYCQh9TcV12530sMY4ZJw4c8VDQefIiamzu
QQZfMh9Q8wU84bz6MLKLKz8aZ9K/9EMaXL+5DDZxSz82SEXuEA0CYx2eEPSEHZr6
ECsoUhUUeepMzoAPvrMsox/BQk1OAume5rpTtUxZKt2aTRTNCfo2Tr6NxrWyC7jo
+/aH/XKL0Y00RmTgw9ccLjwFjr4cKAMFsVhZKGv57ead09dCNrXIzybNRWjuIMof
+TLb+4e4aaj+iyp0lli/SdUm
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:11:23 2024 by rpki-client on console-fra.rpki-client.org