Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/URZMTEpUEMEsjMx5nRVkQlPmFXI.roa
File: URZMTEpUEMEsjMx5nRVkQlPmFXI.roa (raw, json)
Hash identifier: onN52774UW6ajf5meheHLJfd0zqwlPAfcBLAYyE4Zd8=
Subject key identifier: 51:16:4C:4C:4A:54:10:C1:2C:8C:CC:79:9D:15:64:42:53:E6:15:72
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D595A85863379D051BA64289D8EDF
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/URZMTEpUEMEsjMx5nRVkQlPmFXI.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44718
IP address blocks: 83.228.87.0/24 maxlen: 24
83.228.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:59:5a:85:86:33:79:d0:51:ba:64:28:9d:8e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51164c4c4a5410c12c8ccc799d15644253e61572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:8d:f1:08:29:6b:ff:c5:00:96:18:f8:d6:
e3:0d:bd:9a:93:75:3e:f9:e1:5f:23:31:5f:f6:95:
7f:e7:1f:bb:59:4a:e4:bc:1c:6a:d0:48:c7:db:d4:
c9:08:a5:41:42:8e:f4:2c:7d:5e:9d:cb:c4:fe:9f:
4c:9b:6b:79:d8:c0:41:ba:ff:a0:89:2b:33:bf:59:
b1:7c:90:73:14:8c:da:dc:2c:fb:9b:88:5b:eb:2e:
e0:94:c3:a2:7e:63:6d:3f:a9:74:5a:0d:98:c3:a4:
ec:3f:43:54:6f:70:1e:12:ad:da:f9:38:c0:17:17:
7d:8c:e9:fa:dd:f1:9f:a4:a2:09:ab:89:57:8b:5e:
cb:86:f7:75:9c:a8:72:bb:01:36:ba:59:ac:eb:6a:
18:a9:84:59:f9:bc:f4:28:17:13:d1:29:29:46:bd:
fe:e9:7f:47:37:16:25:63:3b:20:98:4f:16:9f:86:
20:f6:55:e9:ca:62:11:70:35:3c:07:d7:3d:37:e1:
57:53:c1:00:7d:74:c1:ed:c7:08:e3:76:a8:a9:56:
49:56:f8:0d:b3:66:df:6a:b5:fc:ea:11:5e:54:41:
50:69:4b:08:f0:32:f1:02:da:12:7f:fc:38:fd:cb:
cc:93:5e:1d:18:6d:ed:af:d5:1f:7a:21:7b:9d:61:
62:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:16:4C:4C:4A:54:10:C1:2C:8C:CC:79:9D:15:64:42:53:E6:15:72
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/URZMTEpUEMEsjMx5nRVkQlPmFXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.86.0/23
Signature Algorithm: sha256WithRSAEncryption
25:ab:1a:5f:2a:35:96:6c:33:e1:8a:96:a8:f3:48:20:35:d9:
8d:e8:ab:cd:65:7c:54:e1:ca:d5:bd:bd:cb:13:9b:59:b6:54:
f1:84:d9:9e:2a:bd:16:bb:9f:bb:8b:6e:ed:a2:17:63:04:38:
6b:21:67:4f:c0:3c:bc:9b:b4:4d:63:b9:7c:76:02:ad:e5:68:
12:19:f2:e4:ef:eb:92:2d:53:a8:09:f1:6c:c1:92:e3:b5:a8:
ba:e3:d0:71:a2:54:6e:bd:86:2e:b7:70:d6:71:97:9a:da:8e:
25:86:63:e8:60:e3:2e:0f:27:2f:ad:0f:97:60:0f:0d:8e:c9:
b8:33:c9:24:92:c3:22:ff:97:46:67:20:7a:8f:2f:1c:d4:ac:
0c:2e:9e:bd:89:f4:43:be:d2:ac:d2:72:10:f0:63:03:bf:92:
22:a9:b2:99:7e:d1:01:b0:f4:a5:3a:eb:28:5e:e4:84:02:87:
8b:6e:08:15:29:3f:cd:cc:c9:bd:57:35:3e:57:4d:50:79:84:
a0:59:4c:7d:b9:74:26:21:89:35:9c:7e:ee:31:df:d8:aa:41:
38:23:5d:ff:a9:cd:56:48:99:c7:58:cc:30:65:83:b8:d4:03:
c9:c8:ee:3a:a8:97:d1:31:2d:1a:45:03:ea:17:8c:f2:fc:63:
f5:ed:23:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVlahYYzedBRumQonY7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTE2NGM0YzRhNTQxMGMxMmM4Y2NjNzk5ZDE1NjQ0MjUzZTYxNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+iN8Qgpa//FAJYY+NbjDb2ak3U+
+eFfIzFf9pV/5x+7WUrkvBxq0EjH29TJCKVBQo70LH1encvE/p9Mm2t52MBBuv+g
iSszv1mxfJBzFIza3Cz7m4hb6y7glMOifmNtP6l0Wg2Yw6TsP0NUb3AeEq3a+TjA
Fxd9jOn63fGfpKIJq4lXi17Lhvd1nKhyuwE2ulms62oYqYRZ+bz0KBcT0SkpRr3+
6X9HNxYlYzsgmE8Wn4Yg9lXpymIRcDU8B9c9N+FXU8EAfXTB7ccI43aoqVZJVvgN
s2bfarX86hFeVEFQaUsI8DLxAtoSf/w4/cvMk14dGG3tr9UfeiF7nWFiQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEWTExKVBDBLIzMeZ0VZEJT5hVyMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvVVJaTVRFcFVFTUVzak14NW5SVmtRbFBtRlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU+RWMA0G
CSqGSIb3DQEBCwUAA4IBAQAlqxpfKjWWbDPhipao80ggNdmN6KvNZXxU4crVvb3L
E5tZtlTxhNmeKr0Wu5+7i27tohdjBDhrIWdPwDy8m7RNY7l8dgKt5WgSGfLk7+uS
LVOoCfFswZLjtai649BxolRuvYYut3DWcZea2o4lhmPoYOMuDycvrQ+XYA8Njsm4
M8kkksMi/5dGZyB6jy8c1KwMLp69ifRDvtKs0nIQ8GMDv5IiqbKZftEBsPSlOuso
XuSEAoeLbggVKT/NzMm9VzU+V01QeYSgWUx9uXQmIYk1nH7uMd/YqkE4I13/qc1W
SJnHWMwwZYO41APJyO46qJfRMS0aRQPqF4zy/GP17SM/
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:31:54 2024 by rpki-client on console-fra.rpki-client.org