Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fc1fcf-2c75-41a6-81f9-5fe8afa35df6/1/p5GEWhKChfQFjWTUFisBBmT5vWw.roa
File: p5GEWhKChfQFjWTUFisBBmT5vWw.roa (raw, json)
Hash identifier: IcHwjlcPsUr7yytLImz+ywc/j/fSOBGqfhhz1zNfejM=
Subject key identifier: A7:91:84:5A:12:82:85:F4:05:8D:64:D4:16:2B:01:06:64:F9:BD:6C
Certificate issuer: /CN=4999010bbb1f48709aeac02e84338a49b7774611
Certificate serial: 019034B9B9B6A346C91B8866FF24A7C26363
Authority key identifier: 49:99:01:0B:BB:1F:48:70:9A:EA:C0:2E:84:33:8A:49:B7:77:46:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SZkBC7sfSHCa6sAuhDOKSbd3RhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fc1fcf-2c75-41a6-81f9-5fe8afa35df6/1/p5GEWhKChfQFjWTUFisBBmT5vWw.roa
Signing time: Thu 20 Jun 2024 08:18:25 +0000
ROA not before: Thu 20 Jun 2024 08:18:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43960
IP address blocks: 93.187.24.0/21 maxlen: 21
93.187.24.0/24 maxlen: 24
93.187.25.0/24 maxlen: 24
93.187.26.0/24 maxlen: 24
93.187.27.0/24 maxlen: 24
93.187.28.0/24 maxlen: 24
93.187.29.0/24 maxlen: 24
93.187.30.0/24 maxlen: 24
93.187.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fc1fcf-2c75-41a6-81f9-5fe8afa35df6/1/SZkBC7sfSHCa6sAuhDOKSbd3RhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fc1fcf-2c75-41a6-81f9-5fe8afa35df6/1/SZkBC7sfSHCa6sAuhDOKSbd3RhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SZkBC7sfSHCa6sAuhDOKSbd3RhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:b9:b9:b6:a3:46:c9:1b:88:66:ff:24:a7:c2:63:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4999010bbb1f48709aeac02e84338a49b7774611
Validity
Not Before: Jun 20 08:18:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a791845a128285f4058d64d4162b010664f9bd6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:5c:9c:c6:0d:c0:a3:26:ef:16:b7:0b:56:
84:f9:10:f0:0f:24:4b:3b:8b:e2:8e:e9:c7:c1:20:
2e:80:5d:03:a0:ea:26:91:f3:b1:7e:95:f1:aa:de:
0d:d0:13:d6:24:ee:12:98:db:94:28:f3:f1:d7:87:
be:8e:41:22:f8:0d:46:9f:b2:a8:29:2a:a3:ca:19:
28:0f:b6:4b:bf:72:a3:8f:7f:01:f8:df:bc:30:ec:
3d:63:c4:50:27:f1:df:c7:04:16:22:ab:37:2c:5d:
55:b8:84:09:88:33:51:67:57:e0:1a:11:08:c6:94:
19:79:8f:b7:dc:60:0a:0f:31:51:90:8b:b3:07:1a:
d2:45:a4:78:5e:d1:14:29:e3:f5:49:32:15:32:c2:
83:0e:3b:3a:89:6c:83:8a:55:d9:36:8a:5f:c6:b4:
a3:da:46:6a:88:41:f0:01:b7:04:0a:eb:cd:31:9b:
63:52:a0:7b:ef:c0:20:79:1a:96:89:17:b8:20:db:
ef:b3:cf:d7:f3:bb:0d:21:9c:9e:ca:e7:91:a3:0e:
47:21:9b:03:e6:aa:d7:59:33:1c:59:92:bc:ab:05:
86:bb:07:e7:7a:7a:8c:ab:10:f0:6e:bf:84:c4:b2:
67:a1:a0:2e:3b:c1:86:41:84:31:81:46:59:88:85:
e2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:91:84:5A:12:82:85:F4:05:8D:64:D4:16:2B:01:06:64:F9:BD:6C
X509v3 Authority Key Identifier:
keyid:49:99:01:0B:BB:1F:48:70:9A:EA:C0:2E:84:33:8A:49:B7:77:46:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SZkBC7sfSHCa6sAuhDOKSbd3RhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fc1fcf-2c75-41a6-81f9-5fe8afa35df6/1/p5GEWhKChfQFjWTUFisBBmT5vWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fc1fcf-2c75-41a6-81f9-5fe8afa35df6/1/SZkBC7sfSHCa6sAuhDOKSbd3RhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.24.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:49:30:d2:74:62:66:6d:10:bb:08:56:5f:de:e0:d9:fc:da:
87:f3:a1:b5:b2:c2:63:2b:d4:3e:60:84:8f:f7:a3:1f:9e:98:
9d:42:b0:b9:26:46:1c:b4:69:96:65:73:e7:ac:2c:5b:41:13:
2d:b9:93:fd:d2:95:27:b3:21:5b:dc:8f:1f:71:c2:b4:ea:22:
f1:c2:1d:78:b4:4d:59:52:13:e6:27:6e:e4:da:f3:9a:8e:2e:
a5:8f:8b:ff:31:f8:b9:67:67:49:12:fe:84:99:75:82:e3:6a:
2a:08:5e:5e:a8:e5:15:4e:3a:11:45:c3:08:35:52:f0:7f:43:
31:36:81:2a:6b:b3:03:67:9d:9b:b5:e3:c7:61:0b:1a:ea:cf:
5b:ef:d9:f8:c9:dd:4b:bd:98:c3:1e:cf:1c:90:56:44:da:ed:
86:52:18:74:0d:92:cd:c3:db:06:93:91:51:93:25:f5:2a:40:
a6:4a:ae:c1:36:10:39:7b:80:ad:b5:88:7b:19:4c:a7:97:6a:
62:6e:6a:bb:67:e2:38:dd:bc:6f:55:ac:be:b8:7f:0f:13:d7:
e8:dd:9d:bf:2a:2b:5a:69:9d:54:ec:f8:1f:94:fc:43:bb:ba:
24:29:9d:f5:93:57:76:b8:12:f9:f6:42:e7:46:ed:ff:4b:ea:
a0:3b:fb:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZA0ubm2o0bJG4hm/ySnwmNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OTkwMTBiYmIxZjQ4NzA5YWVhYzAyZTg0MzM4YTQ5Yjc3
NzQ2MTEwHhcNMjQwNjIwMDgxODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzkxODQ1YTEyODI4NWY0MDU4ZDY0ZDQxNjJiMDEwNjY0ZjliZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ5cnMYNwKMm7xa3C1aE+RDwDyRL
O4vijunHwSAugF0DoOomkfOxfpXxqt4N0BPWJO4SmNuUKPPx14e+jkEi+A1Gn7Ko
KSqjyhkoD7ZLv3Kjj38B+N+8MOw9Y8RQJ/HfxwQWIqs3LF1VuIQJiDNRZ1fgGhEI
xpQZeY+33GAKDzFRkIuzBxrSRaR4XtEUKeP1STIVMsKDDjs6iWyDilXZNopfxrSj
2kZqiEHwAbcECuvNMZtjUqB778AgeRqWiRe4INvvs8/X87sNIZyeyueRow5HIZsD
5qrXWTMcWZK8qwWGuwfnenqMqxDwbr+ExLJnoaAuO8GGQYQxgUZZiIXiWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeRhFoSgoX0BY1k1BYrAQZk+b1sMB8GA1UdIwQY
MBaAFEmZAQu7H0hwmurALoQzikm3d0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1prQkM3c2ZTSENhNnNBdWhET0tTYmQzUmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mYzFmY2YtMmM3NS00MWE2LTgxZjkt
NWZlOGFmYTM1ZGY2LzEvcDVHRVdoS0NoZlFGaldUVUZpc0JCbVQ1dld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mYzFmY2YtMmM3NS00MWE2LTgxZjktNWZlOGFmYTM1ZGY2
LzEvU1prQkM3c2ZTSENhNnNBdWhET0tTYmQzUmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXbsYMA0G
CSqGSIb3DQEBCwUAA4IBAQAOSTDSdGJmbRC7CFZf3uDZ/NqH86G1ssJjK9Q+YISP
96MfnpidQrC5JkYctGmWZXPnrCxbQRMtuZP90pUnsyFb3I8fccK06iLxwh14tE1Z
UhPmJ27k2vOaji6lj4v/Mfi5Z2dJEv6EmXWC42oqCF5eqOUVTjoRRcMINVLwf0Mx
NoEqa7MDZ52btePHYQsa6s9b79n4yd1LvZjDHs8ckFZE2u2GUhh0DZLNw9sGk5FR
kyX1KkCmSq7BNhA5e4CttYh7GUynl2pibmq7Z+I43bxvVay+uH8PE9fo3Z2/Kita
aZ1U7PgflPxDu7okKZ31k1d2uBL59kLnRu3/S+qgO/tp
-----END CERTIFICATE-----
Generated at Thu Jun 27 23:35:37 2024 by rpki-client on console-ams.rpki-client.org