Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aZfw8GGkd_5a46hKK6XOht5EZnc.roa
File: aZfw8GGkd_5a46hKK6XOht5EZnc.roa (raw, json)
Hash identifier: athPdLsZVX0H3yhq+iJxYAKZAa4g3wHQB+JcSK1ptqc=
Subject key identifier: 69:97:F0:F0:61:A4:77:FE:5A:E3:A8:4A:2B:A5:CE:86:DE:44:66:77
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE661B7BB9A469196B32D27D060DB1245
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aZfw8GGkd_5a46hKK6XOht5EZnc.roa
Signing time: Tue 16 Apr 2024 10:09:07 +0000
ROA not before: Tue 16 Apr 2024 10:09:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42548
IP address blocks: 62.183.76.0/22 maxlen: 22
83.239.112.0/20 maxlen: 20
85.172.176.0/20 maxlen: 20
85.173.160.0/19 maxlen: 19
178.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:61:b7:bb:9a:46:91:96:b3:2d:27:d0:60:db:12:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 10:09:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6997f0f061a477fe5ae3a84a2ba5ce86de446677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fc:13:a9:df:eb:a5:48:cf:51:de:57:2e:e7:
89:70:bd:5c:86:d7:d2:35:62:db:ff:81:ff:b8:13:
58:ca:98:c4:60:e4:a3:79:bf:53:0b:36:67:fd:4c:
c2:75:0d:a4:05:c0:30:43:17:52:a8:2d:7c:86:38:
90:e0:fd:54:db:f8:43:6f:64:d4:de:48:8b:10:34:
9b:7d:d9:4a:f0:11:d9:6b:c2:ee:5d:9c:bf:dd:01:
4c:70:c0:18:36:49:69:38:53:c6:13:85:2f:c3:94:
f6:5f:3d:01:51:f2:ec:7e:c1:e0:20:a0:38:8a:a3:
8a:d6:3c:27:e7:19:e3:75:a1:57:39:c5:ae:ad:21:
bc:87:87:35:23:34:2c:03:73:26:2a:b2:ce:f5:71:
8c:ea:40:e6:fb:0e:c3:49:fb:5a:55:06:20:b9:83:
97:b4:be:e5:63:64:78:87:d5:e8:4d:65:17:13:a8:
11:00:80:0b:02:a1:0c:41:61:29:24:78:e3:3d:4c:
58:19:3d:86:7d:e3:c0:ab:fd:89:83:c4:28:c9:95:
09:21:b1:0b:8a:92:f2:a7:dd:a5:43:f6:08:e4:7d:
01:e9:c3:3a:59:38:10:32:d4:66:22:d9:18:0b:1d:
f8:b3:3f:db:b8:4a:59:eb:d7:5c:38:cb:da:22:27:
ab:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:97:F0:F0:61:A4:77:FE:5A:E3:A8:4A:2B:A5:CE:86:DE:44:66:77
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aZfw8GGkd_5a46hKK6XOht5EZnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.183.76.0/22
83.239.112.0/20
85.172.176.0/20
85.173.160.0/19
178.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:7b:1a:cb:1a:63:19:c2:e9:2e:99:c5:25:23:c4:9c:6f:9a:
6e:27:70:03:41:58:f5:26:a3:99:b8:bd:6c:3b:d2:6d:bd:5e:
53:e1:21:35:e2:d1:79:b0:9b:9b:2d:02:0e:d2:13:20:33:66:
73:0e:f8:5b:8a:cb:78:a0:89:dc:6e:19:7a:07:3a:84:67:d7:
19:d9:19:18:9b:f0:15:67:94:85:0f:b9:4b:02:4b:2b:f6:27:
ac:57:d2:4a:21:28:d7:3f:a9:76:d9:cb:2d:cd:10:46:7e:b3:
49:7e:66:c5:28:c1:e4:72:70:6a:0c:db:02:56:ce:59:6b:81:
7f:6d:31:86:a6:88:f5:19:16:ca:dd:c4:b0:a4:6b:ca:a1:eb:
78:76:10:7b:77:ba:e6:f7:dd:98:55:c5:78:5a:3a:da:b9:c7:
47:38:26:d6:e6:65:26:74:8f:c2:01:cd:96:08:38:02:40:ad:
89:1c:27:b1:12:c6:fe:aa:2f:e2:c0:f1:f9:a8:76:db:f9:ab:
48:e7:32:57:0f:44:52:ff:6f:1c:db:17:f3:9d:29:dd:75:ba:
f1:5b:c2:dc:b5:62:d3:bd:d5:47:65:31:a7:b9:42:c6:4c:19:
55:69:5e:2d:3d:26:e1:f8:be:50:e9:11:90:94:d6:77:72:97:
2b:88:8d:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7mYbe7mkaRlrMtJ9Bg2xJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MTAwOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk3ZjBmMDYxYTQ3N2ZlNWFlM2E4NGEyYmE1Y2U4NmRlNDQ2Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfwTqd/rpUjPUd5XLueJcL1chtfS
NWLb/4H/uBNYypjEYOSjeb9TCzZn/UzCdQ2kBcAwQxdSqC18hjiQ4P1U2/hDb2TU
3kiLEDSbfdlK8BHZa8LuXZy/3QFMcMAYNklpOFPGE4Uvw5T2Xz0BUfLsfsHgIKA4
iqOK1jwn5xnjdaFXOcWurSG8h4c1IzQsA3MmKrLO9XGM6kDm+w7DSftaVQYguYOX
tL7lY2R4h9XoTWUXE6gRAIALAqEMQWEpJHjjPUxYGT2GfePAq/2Jg8QoyZUJIbEL
ipLyp92lQ/YI5H0B6cM6WTgQMtRmItkYCx34sz/buEpZ69dcOMvaIierZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGmX8PBhpHf+WuOoSiulzobeRGZ3MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvYVpmdzhHR2tkXzVhNDZoS0s2WE9odDVFWm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCPrdMAwQE
U+9wAwQEVaywAwQFVa2gAwQFsiLgMA0GCSqGSIb3DQEBCwUAA4IBAQB7exrLGmMZ
wukumcUlI8Scb5puJ3ADQVj1JqOZuL1sO9JtvV5T4SE14tF5sJubLQIO0hMgM2Zz
Dvhbist4oIncbhl6BzqEZ9cZ2RkYm/AVZ5SFD7lLAksr9iesV9JKISjXP6l22cst
zRBGfrNJfmbFKMHkcnBqDNsCVs5Za4F/bTGGpoj1GRbK3cSwpGvKoet4dhB7d7rm
992YVcV4WjraucdHOCbW5mUmdI/CAc2WCDgCQK2JHCexEsb+qi/iwPH5qHbb+atI
5zJXD0RS/28c2xfznSnddbrxW8LctWLTvdVHZTGnuULGTBlVaV4tPSbh+L5Q6RGQ
lNZ3cpcriI2e
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:08:53 2024 by rpki-client on console-ams.rpki-client.org