Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/u9xyCBdP7B_Z_iu_16TbVRl-9NY.roa
File: u9xyCBdP7B_Z_iu_16TbVRl-9NY.roa (raw, json)
Hash identifier: IVAQGbqPHsg63piIkLwHuEKbfq3PFMWZHAb5uz7fTTo=
Subject key identifier: BB:DC:72:08:17:4F:EC:1F:D9:FE:2B:BF:D7:A4:DB:55:19:7E:F4:D6
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC50073EEA2FDFCDE4E3A9B6DFB566588
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/u9xyCBdP7B_Z_iu_16TbVRl-9NY.roa
Signing time: Mon 01 Jan 2024 12:29:50 +0000
ROA not before: Mon 01 Jan 2024 12:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207886
IP address blocks: 193.104.67.0/24 maxlen: 24
193.104.7.0/24 maxlen: 24
193.104.12.0/24 maxlen: 24
193.104.41.0/24 maxlen: 24
2a10:8140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:73:ee:a2:fd:fc:de:4e:3a:9b:6d:fb:56:65:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbdc7208174fec1fd9fe2bbfd7a4db55197ef4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:63:87:dd:6f:06:6a:b9:2b:d8:3b:03:95:0d:
de:e2:cc:37:61:b4:64:a5:34:f6:0c:88:7d:ac:ce:
a6:bd:54:fd:5b:f8:e7:ce:64:80:2a:81:b5:d6:d6:
fa:1b:1d:cf:14:b3:a9:50:71:29:68:c0:a5:ec:08:
ec:ed:89:c2:fd:ec:11:4b:22:71:60:15:31:4c:ae:
07:86:76:e4:bd:22:b4:fe:7a:1b:f5:3e:0b:4d:0e:
72:6d:2e:6a:3b:54:26:33:eb:e8:1f:34:9b:cf:22:
ed:c0:a9:9b:32:ca:72:bf:18:ed:42:78:8c:53:f6:
70:35:39:ce:6e:73:71:69:a8:ae:6f:97:2b:34:cb:
1c:72:72:c9:5f:6c:2b:8d:60:46:c3:a9:48:9d:d3:
85:25:21:de:1c:e1:8a:8f:a3:cc:94:fa:16:30:77:
cb:4d:37:c8:bd:b7:75:3e:e3:91:05:89:04:9d:db:
7d:3d:1e:b0:86:f4:a7:ea:46:41:bb:36:07:4b:5c:
88:15:1b:cf:27:b6:8e:1c:3b:42:8c:53:06:ac:99:
e1:ec:c2:62:1e:42:75:f1:d7:cd:7e:5d:0a:a6:84:
ff:bb:93:9c:f3:4e:d4:ac:04:34:a0:12:fa:87:a6:
69:88:c8:b8:81:c1:1c:4f:ad:fa:f2:0a:5a:5c:d9:
c1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DC:72:08:17:4F:EC:1F:D9:FE:2B:BF:D7:A4:DB:55:19:7E:F4:D6
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/u9xyCBdP7B_Z_iu_16TbVRl-9NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.7.0/24
193.104.12.0/24
193.104.41.0/24
193.104.67.0/24
IPv6:
2a10:8140::/29
Signature Algorithm: sha256WithRSAEncryption
5a:0e:71:e5:75:b0:d1:3a:a3:8b:99:f0:d6:48:9a:07:ae:71:
99:a4:2f:9f:6e:58:3f:69:ad:de:29:26:47:bb:ec:82:1c:a1:
80:05:bd:5b:f4:1f:ae:1e:ec:bb:a1:09:a9:4f:c3:71:a9:67:
1e:59:4c:88:64:7f:bc:5d:f1:fa:75:50:40:24:e7:5e:0e:6a:
b9:f3:67:9f:23:a3:96:be:1a:07:fa:f2:4b:81:2d:10:d3:88:
d9:00:26:c0:53:8d:c7:2c:95:27:96:05:15:dd:6c:33:bc:ac:
d3:67:8c:a2:fa:08:64:6c:68:22:49:8a:2f:65:af:52:63:dd:
99:1b:97:94:6d:6f:d3:74:98:e1:df:6d:25:5a:99:0f:8e:f9:
5f:02:50:71:d0:05:7f:37:1a:04:de:3d:0d:96:3f:4d:af:bc:
48:bc:1d:aa:26:15:a6:31:89:aa:97:e1:9d:f6:77:36:7f:00:
57:ad:bb:eb:5d:3b:2b:c3:66:25:49:f5:28:40:ef:48:f2:0c:
20:25:85:6a:ab:fe:ed:55:30:aa:e6:f3:ef:fb:cf:d2:1d:f7:
81:cb:31:f9:1c:8f:1f:eb:e0:66:05:de:68:b1:f3:03:f2:c7:
e7:98:ab:19:b2:07:b8:83:89:82:7b:72:e6:ea:a0:50:24:b4:
3e:f7:64:b9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAHPuov383k46m237VmWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmRjNzIwODE3NGZlYzFmZDlmZTJiYmZkN2E0ZGI1NTE5N2VmNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmOH3W8Garkr2DsDlQ3e4sw3YbRk
pTT2DIh9rM6mvVT9W/jnzmSAKoG11tb6Gx3PFLOpUHEpaMCl7Ajs7YnC/ewRSyJx
YBUxTK4HhnbkvSK0/nob9T4LTQ5ybS5qO1QmM+voHzSbzyLtwKmbMspyvxjtQniM
U/ZwNTnObnNxaaiub5crNMsccnLJX2wrjWBGw6lIndOFJSHeHOGKj6PMlPoWMHfL
TTfIvbd1PuORBYkEndt9PR6whvSn6kZBuzYHS1yIFRvPJ7aOHDtCjFMGrJnh7MJi
HkJ18dfNfl0KpoT/u5Oc807UrAQ0oBL6h6ZpiMi4gcEcT6368gpaXNnBkQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLvccggXT+wf2f4rv9ek21UZfvTWMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvdTl4eUNCZFA3Ql9aX2l1XzE2VGJWUmwtOU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwWgHAwQA
wWgMAwQAwWgpAwQAwWhDMA0EAgACMAcDBQMqEIFAMA0GCSqGSIb3DQEBCwUAA4IB
AQBaDnHldbDROqOLmfDWSJoHrnGZpC+fblg/aa3eKSZHu+yCHKGABb1b9B+uHuy7
oQmpT8NxqWceWUyIZH+8XfH6dVBAJOdeDmq582efI6OWvhoH+vJLgS0Q04jZACbA
U43HLJUnlgUV3WwzvKzTZ4yi+ghkbGgiSYovZa9SY92ZG5eUbW/TdJjh320lWpkP
jvlfAlBx0AV/NxoE3j0Nlj9Nr7xIvB2qJhWmMYmql+Gd9nc2fwBXrbvrXTsrw2Yl
SfUoQO9I8gwgJYVqq/7tVTCq5vPv+8/SHfeByzH5HI8f6+BmBd5osfMD8sfnmKsZ
sge4g4mCe3Lm6qBQJLQ+92S5
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:09:08 2024 by rpki-client on console-fra.rpki-client.org