Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8qFEBx6wrYHv-9r94bsic8BDhKA.roa
File: 8qFEBx6wrYHv-9r94bsic8BDhKA.roa (raw, json)
Hash identifier: SCb4rrnmrHIq4QqnvzvJMZYXcSyb5SGzogNC1KQsnV8=
Subject key identifier: F2:A1:44:07:1E:B0:AD:81:EF:FB:DA:FD:E1:BB:22:73:C0:43:84:A0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952C2623890F9F4AAEF641963BB50C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8qFEBx6wrYHv-9r94bsic8BDhKA.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56690
IP address blocks: 193.233.150.0/24 maxlen: 24
193.233.166.0/23 maxlen: 23
193.233.168.0/23 maxlen: 23
193.233.73.0/24 maxlen: 24
193.233.92.0/22 maxlen: 22
193.233.12.0/23 maxlen: 23
193.233.24.0/23 maxlen: 23
193.233.240.0/22 maxlen: 22
193.233.26.0/23 maxlen: 23
193.233.28.0/23 maxlen: 23
193.233.54.0/23 maxlen: 23
193.233.176.0/20 maxlen: 20
193.233.212.0/22 maxlen: 22
193.233.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 22:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2c:26:23:89:0f:9f:4a:ae:f6:41:96:3b:b5:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a144071eb0ad81effbdafde1bb2273c04384a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:01:66:f7:9f:ba:79:15:a0:90:60:30:be:
a6:b1:b2:1e:60:42:23:6b:d1:de:8a:49:e3:4f:3a:
82:c4:1a:40:c3:3e:05:2e:b6:eb:98:47:60:61:a5:
20:7a:4e:a1:5f:af:ef:d2:50:47:fd:06:b5:5e:87:
6d:80:06:84:b8:f8:56:68:0c:ee:65:4e:db:ec:50:
d2:b4:c4:9f:dc:05:2b:13:32:e3:fd:ae:84:83:23:
49:db:9b:90:cf:fa:fd:9c:24:3d:d5:c1:39:60:57:
ed:ce:1b:78:10:04:4f:69:06:4d:32:4a:72:7d:1b:
60:bd:5f:5d:93:da:60:2e:6d:cf:9a:4c:e1:7b:9f:
5e:a7:18:f4:21:ed:d2:93:72:b9:f6:ca:e4:bf:3c:
4f:ab:bd:b3:f9:58:9d:4d:f4:82:27:b2:03:f9:ba:
4e:84:60:64:d1:96:fc:ca:aa:04:ad:87:fa:c0:cb:
39:c7:b8:7b:02:c6:fc:fa:d1:93:8e:b8:69:12:4a:
6f:f5:71:02:55:76:7e:43:7f:d5:e1:00:4c:df:c1:
1f:db:79:e9:22:b7:9e:4d:4e:c6:72:2d:a2:f4:03:
b0:0a:93:a3:b7:ee:38:8d:ec:50:fa:66:e8:7f:16:
19:31:4b:ab:c1:ef:c7:09:db:ed:09:cd:a5:81:47:
7d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A1:44:07:1E:B0:AD:81:EF:FB:DA:FD:E1:BB:22:73:C0:43:84:A0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8qFEBx6wrYHv-9r94bsic8BDhKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.12.0/23
193.233.24.0-193.233.29.255
193.233.54.0/23
193.233.73.0/24
193.233.92.0/22
193.233.150.0/24
193.233.166.0-193.233.169.255
193.233.176.0/20
193.233.212.0/22
193.233.224.0/22
193.233.240.0/22
Signature Algorithm: sha256WithRSAEncryption
03:9d:da:fb:73:40:fa:f1:ad:b9:33:3f:80:a7:a6:74:cf:d2:
ed:13:04:fc:86:97:b8:3e:5f:5c:f6:e9:fc:a9:63:b0:a2:3a:
79:6e:03:d0:df:d7:09:93:87:4d:e0:3c:87:d3:22:ae:80:20:
36:76:3b:89:29:4d:a4:ad:8d:a4:00:17:ff:09:85:bb:91:d3:
e6:00:d6:20:b4:21:23:7d:a4:c9:5c:1d:32:f5:37:a6:f4:4c:
3d:2f:8d:b6:79:8d:42:ec:fe:81:e7:03:6a:ab:f3:5f:9a:ee:
43:15:2f:a8:84:50:36:7d:5e:ad:6b:4d:c5:77:92:1e:97:23:
c0:b5:7a:3f:3e:1c:4d:bb:6a:8f:34:03:4f:4b:50:56:9f:76:
de:81:65:03:a6:a6:16:d7:40:8e:4c:21:03:9c:b6:a1:41:ba:
db:7e:42:a3:f3:0a:28:8e:92:47:5c:21:98:d2:f6:e1:cb:3e:
1d:c0:44:a5:fb:77:ff:74:1f:2d:cd:cb:18:e9:e8:fe:dd:24:
db:e6:8f:fb:32:5a:30:80:64:d3:d9:88:b2:b0:91:e6:77:b6:
2b:9e:9f:69:12:d8:48:96:b2:78:86:e5:70:a0:8e:86:18:61:
9a:bf:d2:0d:37:8a:e8:8c:37:3c:7b:e1:da:59:24:fe:63:74:
a9:fa:cf:64
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzHlSwmI4kPn0qu9kGWO7UMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmExNDQwNzFlYjBhZDgxZWZmYmRhZmRlMWJiMjI3M2MwNDM4NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cYBZvefunkVoJBgML6msbIeYEIj
a9HeiknjTzqCxBpAwz4FLrbrmEdgYaUgek6hX6/v0lBH/Qa1XodtgAaEuPhWaAzu
ZU7b7FDStMSf3AUrEzLj/a6EgyNJ25uQz/r9nCQ91cE5YFftzht4EARPaQZNMkpy
fRtgvV9dk9pgLm3Pmkzhe59epxj0Ie3Sk3K59srkvzxPq72z+VidTfSCJ7ID+bpO
hGBk0Zb8yqoErYf6wMs5x7h7Asb8+tGTjrhpEkpv9XECVXZ+Q3/V4QBM38Ef23np
IreeTU7Gci2i9AOwCpOjt+44jexQ+mbofxYZMUurwe/HCdvtCc2lgUd9TwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFPKhRAcesK2B7/va/eG7InPAQ4SgMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOHFGRUJ4NndyWUh2LTlyOTRic2ljOEJEaEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBwekMMAwD
BAPB6RgDBAHB6RwDBAHB6TYDBADB6UkDBALB6VwDBADB6ZYwDAMEAcHppgMEAcHp
qAMEBMHpsAMEAsHp1AMEAsHp4AMEAsHp8DANBgkqhkiG9w0BAQsFAAOCAQEAA53a
+3NA+vGtuTM/gKemdM/S7RME/IaXuD5fXPbp/KljsKI6eW4D0N/XCZOHTeA8h9Mi
roAgNnY7iSlNpK2NpAAX/wmFu5HT5gDWILQhI32kyVwdMvU3pvRMPS+NtnmNQuz+
gecDaqvzX5ruQxUvqIRQNn1erWtNxXeSHpcjwLV6Pz4cTbtqjzQDT0tQVp923oFl
A6amFtdAjkwhA5y2oUG6235Co/MKKI6SR1whmNL24cs+HcBEpft3/3QfLc3LGOno
/t0k2+aP+zJaMIBk09mIsrCR5ne2K56faRLYSJayeIblcKCOhhhhmr/SDTeK6Iw3
PHvh2lkk/mN0qfrPZA==
-----END CERTIFICATE-----
Generated at Sun May 5 06:05:05 2024 by rpki-client on console-fra.rpki-client.org