Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/1-Ug7WL13pQvdwmlLYWotLajKMhE.roa
File: 1-Ug7WL13pQvdwmlLYWotLajKMhE.roa (raw, json)
Hash identifier: gHCKgfRWYgrol0hIvSX7jRq8n0TG6FgDcQX+N4ME5WI=
Subject key identifier: F9:48:3B:58:BD:77:A5:0B:DD:C2:69:4B:61:6A:2D:2D:A8:CA:32:11
Certificate issuer: /CN=11184fb6503a760657f90270e276a3fcb50b8e8f
Certificate serial: 018CC8DEF20A63592C91998EF7B2E42F9F25
Authority key identifier: 11:18:4F:B6:50:3A:76:06:57:F9:02:70:E2:76:A3:FC:B5:0B:8E:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERhPtlA6dgZX-QJw4naj_LULjo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/1-Ug7WL13pQvdwmlLYWotLajKMhE.roa
Signing time: Tue 02 Jan 2024 06:31:43 +0000
ROA not before: Tue 02 Jan 2024 06:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12891
IP address blocks: 193.110.210.0/24 maxlen: 24
193.110.213.0/24 maxlen: 24
193.110.211.0/24 maxlen: 24
193.110.208.0/24 maxlen: 24
193.110.212.0/24 maxlen: 24
193.110.214.0/24 maxlen: 24
193.110.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/ERhPtlA6dgZX-QJw4naj_LULjo8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/ERhPtlA6dgZX-QJw4naj_LULjo8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ERhPtlA6dgZX-QJw4naj_LULjo8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f2:0a:63:59:2c:91:99:8e:f7:b2:e4:2f:9f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11184fb6503a760657f90270e276a3fcb50b8e8f
Validity
Not Before: Jan 2 06:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9483b58bd77a50bddc2694b616a2d2da8ca3211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:65:0c:9d:17:73:dc:6a:2e:19:18:8e:6e:
25:a3:85:4d:15:22:b5:ee:ea:53:02:cd:a2:83:54:
ab:da:ba:1f:30:93:c3:8d:f7:bf:84:d1:fd:2b:b0:
2b:19:bf:2c:19:13:b8:61:1f:b5:fb:a2:a8:3e:d4:
32:ee:ff:5b:68:00:c7:7e:93:57:62:b0:96:59:5a:
f8:d8:f4:a6:ba:d8:cf:9d:da:12:3f:c5:16:22:db:
78:75:c1:5b:4c:b3:8e:c3:95:a6:6f:5a:79:55:0a:
47:1a:e6:81:a8:46:2a:5f:75:4d:74:8c:f3:65:d1:
e7:2f:9d:b9:c9:be:7d:0d:cf:ae:1f:dc:60:40:91:
5f:61:6b:84:3c:d6:79:38:5b:09:7e:40:6c:11:ed:
3a:48:1d:d7:e4:f9:32:6b:8e:cc:aa:fc:68:c4:cc:
50:3f:98:99:eb:04:29:af:60:b6:63:13:a2:5e:f9:
f2:8e:fb:d7:ca:15:b5:51:87:06:7e:45:d5:66:1d:
a6:41:f2:fb:e0:ba:64:eb:a3:9a:1d:b5:63:2a:7e:
f1:ab:9c:0e:5b:af:69:f0:bf:90:58:f8:f1:82:c4:
39:28:2f:87:ba:30:51:e4:cd:42:77:d0:14:04:91:
b1:f7:23:50:93:18:fa:a9:c0:97:0b:a6:f1:ba:50:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:48:3B:58:BD:77:A5:0B:DD:C2:69:4B:61:6A:2D:2D:A8:CA:32:11
X509v3 Authority Key Identifier:
keyid:11:18:4F:B6:50:3A:76:06:57:F9:02:70:E2:76:A3:FC:B5:0B:8E:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERhPtlA6dgZX-QJw4naj_LULjo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/1-Ug7WL13pQvdwmlLYWotLajKMhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/ERhPtlA6dgZX-QJw4naj_LULjo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.208.0/24
193.110.210.0-193.110.215.255
Signature Algorithm: sha256WithRSAEncryption
26:8f:46:67:96:b9:23:78:4b:44:a5:c4:a1:34:7b:40:ba:f3:
86:c1:4f:38:44:78:44:0c:b8:b3:fd:ad:f0:98:09:a1:0e:30:
79:36:c2:d3:a4:87:83:69:eb:6f:cb:f1:c8:d7:5f:f3:82:58:
9f:d0:39:6e:55:0b:a2:b9:8e:01:48:2f:98:1a:ef:f6:dc:99:
ca:17:3f:35:f9:f1:31:cc:0a:44:9f:45:f5:39:07:2e:7f:79:
6c:0b:3a:34:d4:1b:65:b9:70:8c:f3:54:99:7c:67:2e:ac:4d:
5e:5c:85:4c:60:25:ec:2e:4c:35:3b:59:72:1d:69:f0:90:78:
56:ef:ca:a0:fe:01:59:6a:91:b7:4f:e3:4b:af:78:b1:78:03:
af:84:ed:c0:f1:a4:d3:99:c9:32:68:11:07:6d:47:1f:97:b1:
29:b3:03:d6:79:48:de:01:70:dc:08:1e:bb:b3:17:d9:37:cd:
33:6b:87:ec:44:23:c5:47:64:1b:d7:b9:2e:e1:6f:9f:e8:fd:
49:ca:ec:a2:b8:f8:6d:80:1e:da:be:dd:be:4a:e3:a4:6a:a8:
ca:91:d7:44:4f:e8:d1:75:8d:e4:41:ca:f7:2f:93:de:04:92:
25:af:e6:8f:ed:70:82:97:50:31:13:d3:bf:f2:9e:88:c4:7c:
2a:85:94:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3vIKY1kskZmO97LkL58lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMTg0ZmI2NTAzYTc2MDY1N2Y5MDI3MGUyNzZhM2ZjYjUw
YjhlOGYwHhcNMjQwMTAyMDYzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ4M2I1OGJkNzdhNTBiZGRjMjY5NGI2MTZhMmQyZGE4Y2EzMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApstlDJ0Xc9xqLhkYjm4lo4VNFSK1
7upTAs2ig1Sr2rofMJPDjfe/hNH9K7ArGb8sGRO4YR+1+6KoPtQy7v9baADHfpNX
YrCWWVr42PSmutjPndoSP8UWItt4dcFbTLOOw5Wmb1p5VQpHGuaBqEYqX3VNdIzz
ZdHnL525yb59Dc+uH9xgQJFfYWuEPNZ5OFsJfkBsEe06SB3X5Pkya47MqvxoxMxQ
P5iZ6wQpr2C2YxOiXvnyjvvXyhW1UYcGfkXVZh2mQfL74Lpk66OaHbVjKn7xq5wO
W69p8L+QWPjxgsQ5KC+HujBR5M1Cd9AUBJGx9yNQkxj6qcCXC6bxulB9SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPlIO1i9d6UL3cJpS2FqLS2oyjIRMB8GA1UdIwQY
MBaAFBEYT7ZQOnYGV/kCcOJ2o/y1C46PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJoUHRsQTZkZ1pYLVFKdzRuYWpfTFVMam84LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zM2E3MzMtZWYwNS00YWYwLTg1MzUt
MTk2ZDY2NmQyYjJiLzEvMS1VZzdXTDEzcFF2ZHdtbExZV290TGFqS01oRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMzNhNzMzLWVmMDUtNGFmMC04NTM1LTE5NmQ2NjZkMmIy
Yi8xL0VSaFB0bEE2ZGdaWC1RSnc0bmFqX0xVTGpvOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAMFu0DAM
AwQBwW7SAwQDwW7QMA0GCSqGSIb3DQEBCwUAA4IBAQAmj0ZnlrkjeEtEpcShNHtA
uvOGwU84RHhEDLiz/a3wmAmhDjB5NsLTpIeDaetvy/HI11/zglif0DluVQuiuY4B
SC+YGu/23JnKFz81+fExzApEn0X1OQcuf3lsCzo01BtluXCM81SZfGcurE1eXIVM
YCXsLkw1O1lyHWnwkHhW78qg/gFZapG3T+NLr3ixeAOvhO3A8aTTmckyaBEHbUcf
l7EpswPWeUjeAXDcCB67sxfZN80za4fsRCPFR2Qb17ku4W+f6P1JyuyiuPhtgB7a
vt2+SuOkaqjKkddET+jRdY3kQcr3L5PeBJIlr+aP7XCCl1AxE9O/8p6IxHwqhZQl
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:54:40 2024 by rpki-client on console-fra.rpki-client.org