Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UBJs1Cyo1ZBqG-kM5uTTZtjxXYk.roa
File: UBJs1Cyo1ZBqG-kM5uTTZtjxXYk.roa (raw, json)
Hash identifier: FCK07RqeUsp8kBJrInh67Di5SuWunkBlvyM+GqJA0xc=
Subject key identifier: 50:12:6C:D4:2C:A8:D5:90:6A:1B:E9:0C:E6:E4:D3:66:D8:F1:5D:89
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD12BEC1FB719F6BF492EE8EE0FA3C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UBJs1Cyo1ZBqG-kM5uTTZtjxXYk.roa
Signing time: Tue 02 Jan 2024 06:29:40 +0000
ROA not before: Tue 02 Jan 2024 06:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216398
IP address blocks: 193.222.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:12:be:c1:fb:71:9f:6b:f4:92:ee:8e:e0:fa:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50126cd42ca8d5906a1be90ce6e4d366d8f15d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:de:7d:9d:5d:13:ad:77:87:75:e7:01:88:
6b:20:60:41:7f:9c:64:a5:d9:64:7d:d9:26:30:d3:
13:1e:2c:b9:94:f2:ee:a2:52:d1:e3:b9:13:5e:5e:
2f:6a:65:2d:c2:d5:1b:1f:f0:f7:56:fa:60:78:9b:
0e:04:d0:63:7f:94:1a:83:90:b0:77:4d:29:b6:df:
38:db:2b:10:cc:25:63:a9:a7:4d:18:56:db:68:46:
86:d4:92:7c:36:76:1a:de:89:db:4f:8f:e1:53:b1:
39:c9:8e:92:fc:47:d4:09:58:b7:52:8e:d5:62:64:
bc:54:68:e2:b3:4c:2f:d0:2d:1f:28:92:c8:47:be:
dc:91:79:8b:18:33:84:9e:8b:ed:ba:34:bf:bf:7e:
78:71:29:4c:13:0d:85:c7:5d:f7:1c:8b:ca:d2:c0:
61:94:ee:a5:8f:47:e9:a9:18:7a:79:64:d8:5a:cf:
11:17:05:9f:87:95:56:cd:37:de:83:ed:41:a3:ae:
1d:2c:29:07:c8:fa:df:4e:ab:f0:c1:4e:a2:e3:7d:
12:35:c6:d3:21:3d:2d:bd:50:3e:df:54:e4:06:1b:
ed:8a:fc:9e:06:a7:f1:a8:a1:ba:4b:2d:17:df:70:
2a:34:f9:78:2e:3e:8c:cb:41:e0:f3:05:92:fa:6e:
06:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:12:6C:D4:2C:A8:D5:90:6A:1B:E9:0C:E6:E4:D3:66:D8:F1:5D:89
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UBJs1Cyo1ZBqG-kM5uTTZtjxXYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
14:7d:47:e6:db:4d:0a:1a:bf:3a:75:b8:23:47:a4:47:6e:05:
e1:45:98:7b:94:6d:2e:25:74:17:c5:93:91:0b:1a:15:f3:5c:
dc:cb:7a:a9:ab:07:b9:62:e1:3f:94:cf:ad:2d:f0:5f:60:a2:
1c:a9:b2:b9:a0:ab:ae:75:b5:32:46:c1:6a:30:6c:43:4d:5c:
02:40:b5:7a:c5:37:c2:78:2e:03:c5:89:fc:be:96:45:c6:aa:
f9:e1:99:08:df:f2:1c:84:5b:cc:79:fa:0c:91:6d:87:e6:ed:
1b:3b:cd:3c:77:b3:2c:06:2e:aa:00:87:c3:e5:f2:40:c1:b3:
fa:f8:8f:68:75:30:1f:83:10:be:1c:9b:8c:e0:88:e9:ea:ca:
75:fa:68:30:d1:fd:d4:67:b6:5d:93:15:6b:69:ee:8f:bf:6f:
f7:86:b1:49:38:09:29:9d:28:0b:b5:27:b8:c7:f5:4d:d4:28:
94:4f:24:03:30:4f:55:0c:25:62:c1:17:37:e5:c9:f8:86:00:
eb:32:fb:b6:84:2a:9d:95:c2:59:44:9a:9d:d3:83:22:ff:64:
57:ef:59:86:9d:89:49:43:86:05:31:b2:dd:ed:bb:e0:8d:5c:
01:d7:a8:58:25:4b:67:d6:cc:67:9e:8e:d6:11:80:17:c9:04:
a3:e8:16:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3RK+wftxn2v0ku6O4Po8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDEyNmNkNDJjYThkNTkwNmExYmU5MGNlNmU0ZDM2NmQ4ZjE1ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+fefZ1dE613h3XnAYhrIGBBf5xk
pdlkfdkmMNMTHiy5lPLuolLR47kTXl4vamUtwtUbH/D3VvpgeJsOBNBjf5Qag5Cw
d00ptt842ysQzCVjqadNGFbbaEaG1JJ8NnYa3onbT4/hU7E5yY6S/EfUCVi3Uo7V
YmS8VGjis0wv0C0fKJLIR77ckXmLGDOEnovtujS/v354cSlMEw2Fx133HIvK0sBh
lO6lj0fpqRh6eWTYWs8RFwWfh5VWzTfeg+1Bo64dLCkHyPrfTqvwwU6i430SNcbT
IT0tvVA+31TkBhvtivyeBqfxqKG6Sy0X33AqNPl4Lj6My0Hg8wWS+m4GKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFASbNQsqNWQahvpDObk02bY8V2JMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVUJKczFDeW8xWkJxRy1rTTV1VFRadGp4WFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwd5gMA0G
CSqGSIb3DQEBCwUAA4IBAQAUfUfm200KGr86dbgjR6RHbgXhRZh7lG0uJXQXxZOR
CxoV81zcy3qpqwe5YuE/lM+tLfBfYKIcqbK5oKuudbUyRsFqMGxDTVwCQLV6xTfC
eC4DxYn8vpZFxqr54ZkI3/IchFvMefoMkW2H5u0bO808d7MsBi6qAIfD5fJAwbP6
+I9odTAfgxC+HJuM4Ijp6sp1+mgw0f3UZ7ZdkxVrae6Pv2/3hrFJOAkpnSgLtSe4
x/VN1CiUTyQDME9VDCViwRc35cn4hgDrMvu2hCqdlcJZRJqd04Mi/2RX71mGnYlJ
Q4YFMbLd7bvgjVwB16hYJUtn1sxnno7WEYAXyQSj6BYh
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:44:39 2024 by rpki-client on console-ams.rpki-client.org