Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6oQNw_CgBZz0KIP2ZITo254R6Q4.roa
File: 6oQNw_CgBZz0KIP2ZITo254R6Q4.roa (raw, json)
Hash identifier: a/Pym7vvKXn24fxbd69GqyvUup72E2OUCjkY1cpZdvQ=
Subject key identifier: EA:84:0D:C3:F0:A0:05:9C:F4:28:83:F6:64:84:E8:DB:9E:11:E9:0E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01917613514EDD296F2943B7252BC25F1B1E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6oQNw_CgBZz0KIP2ZITo254R6Q4.roa
Signing time: Wed 21 Aug 2024 17:54:22 +0000
ROA not before: Wed 21 Aug 2024 17:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14576
IP address blocks: 193.233.88.0/24 maxlen: 24
193.233.89.0/24 maxlen: 24
193.233.90.0/24 maxlen: 24
193.233.91.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:13:51:4e:dd:29:6f:29:43:b7:25:2b:c2:5f:1b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 21 17:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea840dc3f0a0059cf42883f66484e8db9e11e90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:1f:b1:b2:16:62:54:46:c8:e4:6a:f1:8f:
6e:dd:db:57:10:f3:f8:6b:bb:a1:78:d6:b3:1d:c7:
e9:78:51:f9:4a:de:3a:40:e1:b3:5c:d3:60:27:a3:
c9:ff:1d:ba:3e:75:e4:15:a2:91:1d:f6:66:53:a5:
72:2f:f3:59:ed:4a:62:fb:90:41:84:df:03:7e:db:
68:dd:4f:d5:8b:37:74:78:ed:3e:24:f7:23:18:e1:
7e:57:2b:f6:1d:1b:0c:b5:12:9e:c0:90:5d:90:2b:
f4:ae:77:1b:86:fe:f6:5f:54:3d:97:c8:cc:ee:1c:
15:b1:bd:5e:70:17:bb:20:71:93:cd:06:73:f2:93:
60:ff:3e:ac:b2:0e:f8:39:26:66:9a:73:63:c2:91:
1c:2e:68:b8:c9:95:b3:06:57:6b:f4:bb:a5:c8:37:
98:67:38:99:12:ad:0a:2f:47:3b:c4:b8:4b:6e:f7:
93:ec:6e:13:11:76:d0:d1:d4:dd:6e:39:78:4f:ba:
05:c2:57:fb:26:15:7d:25:60:61:9a:ce:5a:f5:f5:
22:be:85:ef:44:80:bb:d9:79:88:16:cf:04:c9:e0:
f0:c2:e6:24:a5:1a:25:e8:d5:a6:10:a0:36:5a:61:
02:26:d4:a8:80:52:81:1f:65:97:3e:30:42:a9:b1:
77:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:84:0D:C3:F0:A0:05:9C:F4:28:83:F6:64:84:E8:DB:9E:11:E9:0E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6oQNw_CgBZz0KIP2ZITo254R6Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.88.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:4a:78:10:6f:3c:a0:00:e5:6e:37:67:81:e5:0d:9c:b7:34:
dd:97:c5:1d:8b:50:af:4d:02:a0:49:86:4f:ba:0f:6a:39:61:
54:6d:13:ee:dd:d5:4f:a3:eb:10:1b:ae:a1:ef:b8:38:5a:df:
a6:3e:0f:0f:a5:06:6c:cc:08:d6:95:3a:36:1a:97:bc:78:b4:
c2:b4:3f:c9:9f:c6:11:ba:ab:a5:e5:2f:b5:68:c5:7b:60:cc:
e1:e6:bd:aa:e4:e5:1a:d0:dd:a0:5d:6c:fb:f8:37:c7:70:45:
71:e1:db:4d:af:0f:3e:dc:e9:8a:3f:0f:29:f3:7d:29:e2:a5:
c5:61:3e:91:2d:52:52:fa:16:e0:5c:af:c1:14:8d:75:d8:92:
50:a8:bf:47:0a:20:2b:ad:c8:de:bf:65:c5:b3:1b:e6:a2:9f:
a4:b9:02:2c:ff:da:f9:1e:87:b2:6e:33:85:41:5b:f6:44:25:
dc:73:df:a3:d6:88:ff:09:83:32:a9:a6:f9:81:21:3f:0a:05:
24:f2:b2:61:a4:af:52:dd:ee:04:59:67:b6:e8:52:c3:eb:99:
8c:fb:2a:77:f7:ef:a2:02:d0:41:ba:16:8b:af:50:cf:1e:41:
99:71:08:89:8c:2b:53:2d:0b:0e:96:fc:ca:26:96:0f:90:a2:
cd:00:ff:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF2E1FO3SlvKUO3JSvCXxseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwODIxMTc1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTg0MGRjM2YwYTAwNTljZjQyODgzZjY2NDg0ZThkYjllMTFlOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQMfsbIWYlRGyORq8Y9u3dtXEPP4
a7uheNazHcfpeFH5St46QOGzXNNgJ6PJ/x26PnXkFaKRHfZmU6VyL/NZ7Upi+5BB
hN8Dftto3U/Vizd0eO0+JPcjGOF+Vyv2HRsMtRKewJBdkCv0rncbhv72X1Q9l8jM
7hwVsb1ecBe7IHGTzQZz8pNg/z6ssg74OSZmmnNjwpEcLmi4yZWzBldr9LulyDeY
ZziZEq0KL0c7xLhLbveT7G4TEXbQ0dTdbjl4T7oFwlf7JhV9JWBhms5a9fUivoXv
RIC72XmIFs8EyeDwwuYkpRol6NWmEKA2WmECJtSogFKBH2WXPjBCqbF3iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOqEDcPwoAWc9CiD9mSE6NueEekOMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNm9RTndfQ2dCWnowS0lQMlpJVG8yNTRSNlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwelYAwQC
wen4MA0GCSqGSIb3DQEBCwUAA4IBAQAPSngQbzygAOVuN2eB5Q2ctzTdl8Udi1Cv
TQKgSYZPug9qOWFUbRPu3dVPo+sQG66h77g4Wt+mPg8PpQZszAjWlTo2Gpe8eLTC
tD/Jn8YRuqul5S+1aMV7YMzh5r2q5OUa0N2gXWz7+DfHcEVx4dtNrw8+3OmKPw8p
830p4qXFYT6RLVJS+hbgXK/BFI112JJQqL9HCiArrcjev2XFsxvmop+kuQIs/9r5
HoeybjOFQVv2RCXcc9+j1oj/CYMyqab5gSE/CgUk8rJhpK9S3e4EWWe26FLD65mM
+yp39++iAtBBuhaLr1DPHkGZcQiJjCtTLQsOlvzKJpYPkKLNAP9L
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:24 2024 by rpki-client on console-fra.rpki-client.org