Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Dw2LyqvBn4fPmATFfMGYa5PkFy0.roa
File: Dw2LyqvBn4fPmATFfMGYa5PkFy0.roa (raw, json)
Hash identifier: 1lME3WHVTVrLnthdaQPW1r9kETjKDBbomyOEjXBKu5E=
Subject key identifier: 0F:0D:8B:CA:AB:C1:9F:87:CF:98:04:C5:7C:C1:98:6B:93:E4:17:2D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01917DD601F4F8EB5C2C491D6E8D9CAC625A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Dw2LyqvBn4fPmATFfMGYa5PkFy0.roa
Signing time: Fri 23 Aug 2024 06:04:22 +0000
ROA not before: Fri 23 Aug 2024 06:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43444
IP address blocks: 193.233.128.0/22 maxlen: 22
193.233.208.0/23 maxlen: 23
193.233.216.0/22 maxlen: 22
193.233.220.0/23 maxlen: 23
193.233.222.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7d:d6:01:f4:f8:eb:5c:2c:49:1d:6e:8d:9c:ac:62:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 23 06:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f0d8bcaabc19f87cf9804c57cc1986b93e4172d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ec:fb:e6:94:59:ab:75:eb:e3:81:5c:8c:18:
ea:02:ec:69:10:44:0a:98:53:2c:4b:8e:67:ef:97:
47:f7:f6:39:30:0d:38:84:1c:8e:b8:07:8f:56:db:
71:1b:f6:d1:45:b0:8b:cc:6f:22:1b:f2:a2:f3:9b:
7b:c8:86:cf:60:d7:ec:71:7b:39:33:58:08:9d:e5:
17:b3:27:c5:6e:3d:52:78:af:d6:af:d5:64:28:35:
e3:b4:c1:a7:93:02:71:50:f2:69:7c:7f:a8:46:fa:
cb:24:8a:24:18:71:14:61:73:10:f7:6f:06:1e:68:
6a:b9:1c:4b:ca:c4:c4:f3:cf:e8:60:1e:f5:b9:af:
d8:21:7d:df:2d:d4:fa:78:87:f9:b1:2f:92:5e:10:
cc:0f:4a:8f:75:6a:9d:27:64:cb:91:9f:b3:f1:b9:
d9:eb:7f:45:88:c8:ab:d0:a8:90:8f:ec:8f:26:b2:
c9:e9:a2:00:ff:03:7c:48:03:6f:93:4f:29:88:27:
c8:39:eb:c3:b1:7f:dd:1b:b6:55:f4:1f:7d:f0:4e:
70:52:86:7e:87:52:de:8a:61:08:c2:aa:48:3c:ac:
b2:7c:45:17:89:40:ad:43:8e:f6:79:f6:bb:71:29:
bd:26:d7:c1:02:c9:29:6e:66:d1:39:1f:1a:62:e7:
87:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:0D:8B:CA:AB:C1:9F:87:CF:98:04:C5:7C:C1:98:6B:93:E4:17:2D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Dw2LyqvBn4fPmATFfMGYa5PkFy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.128.0/22
193.233.208.0/23
193.233.216.0/21
Signature Algorithm: sha256WithRSAEncryption
23:84:7f:89:92:43:40:0c:57:d4:9e:e9:e0:ad:9f:65:66:2c:
27:57:44:1e:c8:9a:80:15:df:b8:64:6b:9c:b3:2b:f5:bc:0a:
a4:52:83:0b:16:cf:cf:db:c1:8e:51:c6:86:7e:63:86:c5:38:
b4:52:b2:67:ac:d7:7a:dc:29:f5:0f:ee:6f:05:b0:57:53:2f:
8a:01:e1:1b:06:f5:af:ff:c7:d8:20:aa:fe:c7:87:c6:61:a3:
d8:1f:ec:eb:18:67:fa:fd:d3:8a:79:e4:19:fc:ec:84:42:dd:
1a:56:7e:57:8d:78:d5:9d:07:2b:e9:ae:63:7f:81:78:7c:47:
9e:34:25:3f:f2:52:f2:7b:df:03:82:73:03:53:55:7d:4d:a4:
4f:24:b9:9a:8d:91:e7:01:4a:09:0a:f8:9b:db:c4:eb:28:c4:
5a:24:e0:e9:97:63:6d:00:3a:58:b2:6d:c6:fa:22:e2:06:23:
58:15:7d:da:ef:37:fd:82:2f:d3:9f:13:2f:ef:e6:68:f7:3a:
0c:13:a6:1d:53:4d:1e:2a:b1:c8:4b:8c:b0:ff:81:b4:90:0c:
31:a8:62:d5:3c:2e:0e:c6:08:24:45:5f:9b:f2:5a:ca:7b:fb:
bc:a7:9b:c2:7f:86:1e:2d:4c:2c:94:bb:1c:3e:4b:b5:14:06:
28:02:6e:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF91gH0+OtcLEkdbo2crGJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwODIzMDYwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjBkOGJjYWFiYzE5Zjg3Y2Y5ODA0YzU3Y2MxOTg2YjkzZTQxNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ez75pRZq3Xr44FcjBjqAuxpEEQK
mFMsS45n75dH9/Y5MA04hByOuAePVttxG/bRRbCLzG8iG/Ki85t7yIbPYNfscXs5
M1gIneUXsyfFbj1SeK/Wr9VkKDXjtMGnkwJxUPJpfH+oRvrLJIokGHEUYXMQ928G
HmhquRxLysTE88/oYB71ua/YIX3fLdT6eIf5sS+SXhDMD0qPdWqdJ2TLkZ+z8bnZ
639FiMir0KiQj+yPJrLJ6aIA/wN8SANvk08piCfIOevDsX/dG7ZV9B998E5wUoZ+
h1LeimEIwqpIPKyyfEUXiUCtQ472efa7cSm9JtfBAskpbmbROR8aYueHYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA8Ni8qrwZ+Hz5gExXzBmGuT5BctMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRHcyTHlxdkJuNGZQbUFURmZNR1lhNVBrRnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwemAAwQB
wenQAwQDwenYMA0GCSqGSIb3DQEBCwUAA4IBAQAjhH+JkkNADFfUnungrZ9lZiwn
V0QeyJqAFd+4ZGucsyv1vAqkUoMLFs/P28GOUcaGfmOGxTi0UrJnrNd63Cn1D+5v
BbBXUy+KAeEbBvWv/8fYIKr+x4fGYaPYH+zrGGf6/dOKeeQZ/OyEQt0aVn5XjXjV
nQcr6a5jf4F4fEeeNCU/8lLye98DgnMDU1V9TaRPJLmajZHnAUoJCvib28TrKMRa
JODpl2NtADpYsm3G+iLiBiNYFX3a7zf9gi/TnxMv7+Zo9zoME6YdU00eKrHIS4yw
/4G0kAwxqGLVPC4OxggkRV+b8lrKe/u8p5vCf4YeLUwslLscPku1FAYoAm4p
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:24 2024 by rpki-client on console-fra.rpki-client.org