Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/R-HMUS1wAz2GgVitiFppy9XCxJk.roa
File: R-HMUS1wAz2GgVitiFppy9XCxJk.roa (raw, json)
Hash identifier: 7cqs1ugb2GM41rWy/QlvuDjIWxEYkoCGcvd/HxcB6L4=
Subject key identifier: 47:E1:CC:51:2D:70:03:3D:86:81:58:AD:88:5A:69:CB:D5:C2:C4:99
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018FE3B567CE62B89A01592928F534768F69
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/R-HMUS1wAz2GgVitiFppy9XCxJk.roa
Signing time: Tue 04 Jun 2024 14:44:27 +0000
ROA not before: Tue 04 Jun 2024 14:44:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 93.190.8.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:b5:67:ce:62:b8:9a:01:59:29:28:f5:34:76:8f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jun 4 14:44:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47e1cc512d70033d868158ad885a69cbd5c2c499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0b:31:36:60:5c:7a:3d:94:2e:9e:92:e7:9e:
5b:c4:5c:61:1c:1c:af:44:d2:b2:4d:6a:e1:e6:1c:
4b:b9:00:f9:d0:5c:ed:cd:37:4a:12:89:c5:a9:4f:
98:76:ee:fc:95:b2:91:50:a8:89:0d:88:ff:4d:c2:
3d:ce:cd:64:c3:19:7e:1e:61:89:49:e8:8e:a2:ef:
d8:77:fb:66:66:85:4a:e7:75:a4:23:a4:de:05:fc:
35:38:a6:ee:02:b3:47:64:e4:4b:f6:6e:bf:76:3e:
1b:cb:91:7b:d8:0c:29:20:01:c3:80:fb:34:f7:69:
0a:2b:98:f3:cb:ac:5d:8d:22:36:1c:53:a2:20:70:
2f:03:04:13:26:f7:66:ab:e5:2e:e3:48:ba:2b:81:
1a:de:e1:5b:90:8e:b6:fa:46:e8:f7:60:a7:15:6f:
1b:ff:2e:6e:a1:f7:7c:65:5b:fe:4b:7b:b1:23:6e:
61:f3:6a:2f:a6:94:db:d2:ee:62:a1:f4:81:35:4b:
87:67:de:4a:7a:cc:9d:0f:e9:1a:46:81:7e:cd:5a:
bf:70:32:2e:95:ae:51:1b:25:99:04:2e:13:ef:db:
80:f7:80:58:96:5f:dc:3a:d9:ed:6d:21:fb:48:f9:
42:3b:35:91:05:ed:b2:f4:64:2e:76:3d:f5:fc:fe:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E1:CC:51:2D:70:03:3D:86:81:58:AD:88:5A:69:CB:D5:C2:C4:99
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/R-HMUS1wAz2GgVitiFppy9XCxJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.8.0/24
193.17.5.0/24
193.111.76.0/24
193.111.78.0/24
Signature Algorithm: sha256WithRSAEncryption
66:84:90:48:05:0e:bb:98:e6:ff:4f:39:b1:c2:97:61:7b:75:
1b:5d:b1:8a:3e:5e:f2:e1:8f:f6:c3:5e:22:96:29:94:e3:fb:
d0:fd:b1:19:b1:78:46:86:54:46:0e:79:44:3b:59:7e:68:a2:
59:9c:da:99:8c:ac:98:5f:30:64:1c:2a:de:f0:b7:e5:72:32:
7d:f5:60:89:4f:c3:20:06:29:d4:ce:b2:8c:34:5c:ae:d1:78:
97:9a:86:36:0a:ae:92:a7:a9:57:df:f0:1d:53:c4:54:fe:df:
15:ec:de:13:b3:b4:b9:80:d9:7e:f2:43:d7:00:1f:b9:b4:71:
e6:8e:b3:21:64:e9:a6:3c:ef:8f:b5:0b:bd:6c:5c:0d:5d:da:
9a:a8:02:94:06:c2:bb:f0:ed:ee:6f:83:62:fc:c1:40:ab:24:
59:aa:7f:5b:3d:64:c5:a6:14:d1:94:8a:13:21:a0:78:9f:4f:
c7:87:84:47:ba:f0:b5:c8:5b:ec:e2:a1:ba:34:5f:39:74:23:
2f:4e:e4:69:f5:63:f4:c7:24:0f:e7:5c:ed:ba:ac:8b:e6:f8:
d5:f8:fe:5c:02:3c:c8:51:4b:6b:e6:81:28:c5:40:e1:35:1f:
c7:64:5e:15:1e:a6:39:2e:e2:f1:d5:c9:fd:ec:20:aa:9d:cc:
bb:7e:07:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/jtWfOYriaAVkpKPU0do9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNjA0MTQ0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2UxY2M1MTJkNzAwMzNkODY4MTU4YWQ4ODVhNjljYmQ1YzJjNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QsxNmBcej2ULp6S555bxFxhHByv
RNKyTWrh5hxLuQD50FztzTdKEonFqU+Ydu78lbKRUKiJDYj/TcI9zs1kwxl+HmGJ
SeiOou/Yd/tmZoVK53WkI6TeBfw1OKbuArNHZORL9m6/dj4by5F72AwpIAHDgPs0
92kKK5jzy6xdjSI2HFOiIHAvAwQTJvdmq+Uu40i6K4Ea3uFbkI62+kbo92CnFW8b
/y5uofd8ZVv+S3uxI25h82ovppTb0u5iofSBNUuHZ95KesydD+kaRoF+zVq/cDIu
la5RGyWZBC4T79uA94BYll/cOtntbSH7SPlCOzWRBe2y9GQudj31/P7lIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEfhzFEtcAM9hoFYrYhaacvVwsSZMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUi1ITVVTMXdBejJHZ1ZpdGlGcHB5OVhDeEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXb4IAwQA
wREFAwQAwW9MAwQAwW9OMA0GCSqGSIb3DQEBCwUAA4IBAQBmhJBIBQ67mOb/Tzmx
wpdhe3UbXbGKPl7y4Y/2w14ilimU4/vQ/bEZsXhGhlRGDnlEO1l+aKJZnNqZjKyY
XzBkHCre8LflcjJ99WCJT8MgBinUzrKMNFyu0XiXmoY2Cq6Sp6lX3/AdU8RU/t8V
7N4Ts7S5gNl+8kPXAB+5tHHmjrMhZOmmPO+PtQu9bFwNXdqaqAKUBsK78O3ub4Ni
/MFAqyRZqn9bPWTFphTRlIoTIaB4n0/Hh4RHuvC1yFvs4qG6NF85dCMvTuRp9WP0
xyQP51ztuqyL5vjV+P5cAjzIUUtr5oEoxUDhNR/HZF4VHqY5LuLx1cn97CCqncy7
fgcL
-----END CERTIFICATE-----
Generated at Wed Jun 26 13:34:36 2024 by rpki-client on console-fra.rpki-client.org