Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6tmMfjINdCzm9THB4i8vpne42nw.roa
File: 6tmMfjINdCzm9THB4i8vpne42nw.roa (raw, json)
Hash identifier: KPgLwra+U83QuGqvqYbOpfVOHxhpCosq7UBYkhdqbOQ=
Subject key identifier: EA:D9:8C:7E:32:0D:74:2C:E6:F5:31:C1:E2:2F:2F:A6:77:B8:DA:7C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC79538767ECF4BDA33F999C9467BC98A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6tmMfjINdCzm9THB4i8vpne42nw.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211252
IP address blocks: 193.233.179.0/24 maxlen: 24
193.233.177.0/24 maxlen: 24
193.233.187.0/24 maxlen: 24
193.233.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 13:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:38:76:7e:cf:4b:da:33:f9:99:c9:46:7b:c9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ead98c7e320d742ce6f531c1e22f2fa677b8da7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:38:b8:03:9d:93:d4:cd:db:91:14:3a:1f:
09:2a:d6:e6:c0:ed:84:22:90:c8:dd:ae:8d:89:7f:
cf:9f:2b:67:34:3b:96:80:e9:28:60:52:6c:a6:82:
71:cb:14:57:60:11:42:b8:a5:69:39:91:8d:e1:c4:
19:ec:41:66:59:3a:1d:71:3f:c7:3a:02:85:db:bc:
85:2d:fb:77:c3:3f:ec:47:09:9f:93:d3:cc:4b:cd:
6e:08:7e:ba:17:d6:5f:2a:7d:9c:a0:da:1f:04:1a:
dc:2c:cd:cd:7e:71:e6:cc:f8:dc:35:ff:3f:57:96:
a8:a8:9b:6d:20:33:1e:e4:d9:58:9e:b4:f5:1e:c2:
e9:9e:d8:21:ed:cb:92:28:1f:83:ed:3b:59:ec:38:
7f:18:5c:6c:b8:13:ac:1f:89:d1:03:9f:8b:a8:4c:
5b:40:93:5d:61:a2:0c:74:e8:6d:2d:74:ac:52:23:
01:7b:48:bf:46:d0:4c:b1:f1:1e:d4:40:81:29:3a:
0b:7e:69:b6:34:35:15:b7:1c:dd:ed:ef:3d:91:76:
eb:18:2c:75:bd:13:da:8a:32:81:d6:57:47:d1:cd:
98:26:ab:d9:80:74:a9:23:bf:f6:2e:21:22:82:34:
5e:d0:14:cc:71:12:53:52:50:ca:73:8f:88:4e:bf:
a3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D9:8C:7E:32:0D:74:2C:E6:F5:31:C1:E2:2F:2F:A6:77:B8:DA:7C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6tmMfjINdCzm9THB4i8vpne42nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.177.0/24
193.233.179.0/24
193.233.187.0-193.233.188.255
Signature Algorithm: sha256WithRSAEncryption
31:25:e3:75:8e:14:95:21:70:9b:7c:2e:8d:4f:2a:1f:a2:24:
52:73:b3:7d:48:30:47:b8:77:44:2d:b4:c4:5b:1d:b0:56:ba:
a8:3f:81:4e:d6:65:d0:22:d3:9f:95:a8:04:16:70:88:b3:28:
3f:d4:72:fe:5c:cf:72:d4:22:8b:7e:77:3c:d9:07:5f:44:a2:
82:ae:5f:de:ac:e7:cb:39:0d:5f:5d:7e:5f:e4:7f:3d:1b:fc:
22:53:7c:28:cb:d2:11:08:ca:b3:db:fb:e8:e3:e5:f7:0d:3e:
e1:68:dd:85:4e:f1:db:7b:07:86:5b:5b:52:2c:cb:18:b2:88:
87:05:25:55:64:1e:fd:53:a4:9b:c2:7a:1c:01:39:15:c9:64:
33:90:5a:e6:f7:09:8a:5b:e1:df:ab:0a:0b:e4:16:d6:2c:70:
2d:37:a2:e6:60:f7:b9:69:6d:c2:d3:f3:7f:4e:ce:e5:e5:b5:
e0:4a:60:ae:76:87:b0:07:49:00:49:d5:bc:7b:0d:87:f7:92:
51:f0:00:a9:3a:d0:1a:63:d6:6a:a6:85:db:66:29:dd:21:33:
72:03:54:b8:a8:48:32:0c:9d:a0:de:40:64:b7:66:83:8a:64:
50:82:46:cf:c8:f9:ef:ee:e5:a1:e1:c8:76:e7:64:00:c6:13:
b8:81:aa:98
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHlTh2fs9L2jP5mclGe8mKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQ5OGM3ZTMyMGQ3NDJjZTZmNTMxYzFlMjJmMmZhNjc3YjhkYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzg4uAOdk9TN25EUOh8JKtbmwO2E
IpDI3a6NiX/PnytnNDuWgOkoYFJspoJxyxRXYBFCuKVpOZGN4cQZ7EFmWTodcT/H
OgKF27yFLft3wz/sRwmfk9PMS81uCH66F9ZfKn2coNofBBrcLM3NfnHmzPjcNf8/
V5aoqJttIDMe5NlYnrT1HsLpntgh7cuSKB+D7TtZ7Dh/GFxsuBOsH4nRA5+LqExb
QJNdYaIMdOhtLXSsUiMBe0i/RtBMsfEe1ECBKToLfmm2NDUVtxzd7e89kXbrGCx1
vRPaijKB1ldH0c2YJqvZgHSpI7/2LiEigjRe0BTMcRJTUlDKc4+ITr+juwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOrZjH4yDXQs5vUxweIvL6Z3uNp8MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNnRtTWZqSU5kQ3ptOVRIQjRpOHZwbmU0Mm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwemxAwQA
wemzMAwDBADB6bsDBADB6bwwDQYJKoZIhvcNAQELBQADggEBADEl43WOFJUhcJt8
Lo1PKh+iJFJzs31IMEe4d0QttMRbHbBWuqg/gU7WZdAi05+VqAQWcIizKD/Ucv5c
z3LUIot+dzzZB19EooKuX96s58s5DV9dfl/kfz0b/CJTfCjL0hEIyrPb++jj5fcN
PuFo3YVO8dt7B4ZbW1IsyxiyiIcFJVVkHv1TpJvCehwBORXJZDOQWub3CYpb4d+r
CgvkFtYscC03ouZg97lpbcLT839OzuXlteBKYK52h7AHSQBJ1bx7DYf3klHwAKk6
0Bpj1mqmhdtmKd0hM3IDVLioSDIMnaDeQGS3ZoOKZFCCRs/I+e/u5aHhyHbnZADG
E7iBqpg=
-----END CERTIFICATE-----
Generated at Sat May 4 21:39:10 2024 by rpki-client on console-fra.rpki-client.org