Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/DTyGn_pqXuVgB8Y7fC4J86WbFfc.roa
File: DTyGn_pqXuVgB8Y7fC4J86WbFfc.roa (raw, json)
Hash identifier: jKVvTemeRgPLcVZBTT3QYH7/BO42FqTppN3e/QSyEhM=
Subject key identifier: 0D:3C:86:9F:FA:6A:5E:E5:60:07:C6:3B:7C:2E:09:F3:A5:9B:15:F7
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC79528602BA56A40D0725ABA74B4196B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/DTyGn_pqXuVgB8Y7fC4J86WbFfc.roa
Signing time: Tue 02 Jan 2024 00:31:30 +0000
ROA not before: Tue 02 Jan 2024 00:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48430
IP address blocks: 193.233.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:28:60:2b:a5:6a:40:d0:72:5a:ba:74:b4:19:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d3c869ffa6a5ee56007c63b7c2e09f3a59b15f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fd:62:64:1a:9c:5d:98:49:14:a6:cc:b4:a8:
97:48:3a:8f:fa:04:e8:cd:56:84:ec:40:1f:f1:66:
a4:7d:33:cf:59:15:2f:c1:82:2c:29:b0:88:95:b5:
34:aa:8a:2c:8d:d6:a7:d7:81:5e:47:c7:47:79:d9:
cf:77:06:22:96:68:4f:80:61:ba:5e:a3:94:12:df:
5e:14:83:d1:ed:3b:77:31:a4:6b:96:6d:43:32:91:
0b:20:d9:c5:94:27:1d:3d:12:54:0a:80:9d:95:7d:
9e:86:72:0a:7d:cf:bb:ce:84:1b:26:25:64:86:34:
4d:d3:e9:e5:aa:07:46:79:a2:f2:79:47:26:90:3a:
b2:14:63:be:ee:e9:f5:d3:21:3b:69:e0:63:cd:9e:
e7:6a:54:87:6b:90:55:2e:4b:85:16:9b:2a:6e:95:
37:b7:5c:45:cc:0e:06:42:5d:9a:a2:f5:f1:6c:bb:
d7:98:76:4f:55:d3:d3:0d:25:29:ac:83:48:22:1b:
a8:a4:8a:bd:1b:e4:eb:30:9e:42:d4:0c:bf:30:ca:
bc:dd:32:69:59:4e:d7:6e:52:08:2a:b5:d5:62:cf:
9c:79:65:46:8e:0a:18:fd:49:20:55:82:63:9c:2a:
95:c9:ed:22:48:b5:cd:cd:76:52:45:5d:bb:aa:ac:
20:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3C:86:9F:FA:6A:5E:E5:60:07:C6:3B:7C:2E:09:F3:A5:9B:15:F7
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/DTyGn_pqXuVgB8Y7fC4J86WbFfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.47.0/24
Signature Algorithm: sha256WithRSAEncryption
55:1c:c5:02:18:d1:41:8e:e0:25:77:6b:f0:9f:b0:21:8f:48:
e9:43:ec:8d:81:24:83:36:b0:b5:0e:64:e1:4a:38:80:f4:ea:
53:b4:4b:b4:ba:3e:e8:98:85:07:06:95:5f:1e:22:67:fc:3a:
8b:cb:9c:59:cf:18:88:bf:f4:82:a7:bd:c2:37:98:58:3a:d1:
8f:60:1a:e4:f6:cc:07:0e:a4:33:9c:d6:6a:0c:da:a3:86:10:
0d:f1:a9:ce:35:f1:55:78:af:84:56:66:b7:b2:d4:50:30:89:
e0:48:f0:ab:84:fe:83:0d:88:48:db:b4:d5:1b:b2:8a:e9:b6:
4f:cf:1d:f4:5c:8b:e7:45:7d:6a:db:64:94:de:8f:80:f7:dc:
b6:5f:2e:39:5f:19:79:92:55:35:50:b6:df:39:ef:89:06:a8:
42:b9:26:45:90:17:af:53:49:16:b0:d6:ff:25:44:b2:56:3f:
ab:20:38:d7:70:41:11:07:e2:60:b1:75:db:41:9b:88:59:0d:
4b:8c:08:fe:b0:30:42:74:71:57:3f:23:96:3b:61:27:87:60:
4d:6a:a3:2b:f8:99:5a:f1:cb:0b:7d:a9:96:ea:0d:cc:0c:4b:
0e:07:3e:36:cd:cd:33:49:7d:f3:f9:a7:01:70:a4:7a:a4:a4:
fe:ff:8e:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlShgK6VqQNByWrp0tBlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDNjODY5ZmZhNmE1ZWU1NjAwN2M2M2I3YzJlMDlmM2E1OWIxNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/1iZBqcXZhJFKbMtKiXSDqP+gTo
zVaE7EAf8WakfTPPWRUvwYIsKbCIlbU0qoosjdan14FeR8dHednPdwYilmhPgGG6
XqOUEt9eFIPR7Tt3MaRrlm1DMpELINnFlCcdPRJUCoCdlX2ehnIKfc+7zoQbJiVk
hjRN0+nlqgdGeaLyeUcmkDqyFGO+7un10yE7aeBjzZ7nalSHa5BVLkuFFpsqbpU3
t1xFzA4GQl2aovXxbLvXmHZPVdPTDSUprINIIhuopIq9G+TrMJ5C1Ay/MMq83TJp
WU7XblIIKrXVYs+ceWVGjgoY/UkgVYJjnCqVye0iSLXNzXZSRV27qqwguQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA08hp/6al7lYAfGO3wuCfOlmxX3MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRFR5R25fcHFYdVZnQjhZN2ZDNEo4NldiRmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwekvMA0G
CSqGSIb3DQEBCwUAA4IBAQBVHMUCGNFBjuAld2vwn7Ahj0jpQ+yNgSSDNrC1DmTh
SjiA9OpTtEu0uj7omIUHBpVfHiJn/DqLy5xZzxiIv/SCp73CN5hYOtGPYBrk9swH
DqQznNZqDNqjhhAN8anONfFVeK+EVma3stRQMIngSPCrhP6DDYhI27TVG7KK6bZP
zx30XIvnRX1q22SU3o+A99y2Xy45Xxl5klU1ULbfOe+JBqhCuSZFkBevU0kWsNb/
JUSyVj+rIDjXcEERB+JgsXXbQZuIWQ1LjAj+sDBCdHFXPyOWO2Enh2BNaqMr+Jla
8csLfamW6g3MDEsOBz42zc0zSX3z+acBcKR6pKT+/44l
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:24 2024 by rpki-client on console-fra.rpki-client.org