Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/F6tizu4T0hoap7eF_QVjoOYcw5c.roa
File: F6tizu4T0hoap7eF_QVjoOYcw5c.roa (raw, json)
Hash identifier: vWTu0gDpJmLSapg7HF+MqdxkxNcoV+T89MjHRhgMYNE=
Subject key identifier: 17:AB:62:CE:EE:13:D2:1A:1A:A7:B7:85:FD:05:63:A0:E6:1C:C3:97
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018DA2F0BB0ABC21FA1EE7F1A23A606619A9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/F6tizu4T0hoap7eF_QVjoOYcw5c.roa
Signing time: Tue 13 Feb 2024 14:48:21 +0000
ROA not before: Tue 13 Feb 2024 14:48:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202999
IP address blocks: 193.233.9.0/24 maxlen: 24
193.233.56.0/24 maxlen: 24
193.233.57.0/24 maxlen: 27
193.233.58.0/24 maxlen: 24
193.233.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 13:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:f0:bb:0a:bc:21:fa:1e:e7:f1:a2:3a:60:66:19:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 13 14:48:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17ab62ceee13d21a1aa7b785fd0563a0e61cc397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3c:bb:c4:37:b4:c6:1b:dc:f0:71:79:b3:d2:
2d:7c:ca:c0:9e:43:eb:cf:95:fb:90:5c:25:30:e8:
de:79:b3:a8:c4:d0:39:a7:d7:18:2b:74:68:bc:7e:
db:68:c5:38:44:8a:be:70:db:ac:f1:6b:41:72:4e:
60:2d:a5:9d:d2:40:f4:79:16:29:fa:34:4b:ec:bd:
03:18:22:20:16:95:d3:d3:17:ba:db:f8:7d:d1:28:
ef:7d:bb:7b:26:56:ff:fd:ad:b1:c5:06:d0:25:54:
d2:14:0d:ea:bb:d5:26:16:12:71:62:98:6b:df:18:
df:e6:6b:5f:33:b2:c1:52:db:d5:8a:5b:cd:43:d2:
4c:39:13:65:5e:c1:75:28:ad:29:1a:98:77:01:56:
42:9c:8b:3a:54:f3:a9:94:c2:4b:10:9c:9f:a4:1e:
51:be:6e:8d:d5:03:16:43:a4:0e:77:5e:57:27:6a:
67:b7:fc:12:39:3a:75:b6:4e:fa:23:61:21:8e:81:
7f:1b:9d:e7:f4:ba:54:77:3b:e6:09:97:ec:88:b5:
ec:fd:18:79:c0:42:93:2b:cb:e0:ae:b4:7c:ae:0c:
55:5b:0a:71:bf:af:8e:8b:95:a6:2c:98:3b:be:fc:
31:f0:fa:25:6d:41:8c:d6:51:f5:d0:a6:4f:fe:73:
32:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AB:62:CE:EE:13:D2:1A:1A:A7:B7:85:FD:05:63:A0:E6:1C:C3:97
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/F6tizu4T0hoap7eF_QVjoOYcw5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.9.0/24
193.233.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:e8:45:4b:ed:5b:11:e3:61:e8:fa:32:99:b6:8b:8a:b0:b4:
a1:17:a4:31:52:ff:11:66:c0:c7:3f:6b:2d:99:93:1e:1c:0f:
b7:25:b5:f5:34:40:56:bf:13:81:94:94:eb:3f:30:d7:6c:cf:
f3:13:28:7a:6c:1a:35:00:17:47:7f:77:c2:9c:8e:ab:64:19:
4f:2a:20:a7:fc:81:eb:22:82:66:b8:db:49:fb:9b:9c:d8:9f:
4b:6a:d3:17:c0:ad:63:19:e1:e8:34:10:f6:cd:23:9e:f3:95:
2a:22:fb:aa:30:a1:24:3d:f4:56:64:d9:d5:78:d3:8e:52:50:
93:f7:9f:21:b5:67:a2:33:9f:4a:71:f3:46:e8:43:3a:89:b4:
6d:c1:8f:7d:2f:11:bc:ce:af:71:98:c7:dc:95:77:47:55:ab:
3c:3b:48:0c:60:1b:e6:62:85:f5:85:3c:59:44:6c:e9:2e:a8:
7d:a9:3b:1b:17:72:36:a7:ba:15:0c:c7:3d:01:e7:44:e0:27:
47:b0:90:bc:bd:a1:91:f3:1b:35:cf:5d:29:18:36:8e:bd:fd:
e8:e2:40:3c:13:5c:90:2a:c5:6e:18:a1:c5:e0:95:23:43:cb:
11:63:39:b3:05:40:74:b7:f3:42:1b:a0:81:e4:d8:3b:cd:ee:
a8:49:f4:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2i8LsKvCH6HufxojpgZhmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjEzMTQ0ODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FiNjJjZWVlMTNkMjFhMWFhN2I3ODVmZDA1NjNhMGU2MWNjMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dy7xDe0xhvc8HF5s9ItfMrAnkPr
z5X7kFwlMOjeebOoxNA5p9cYK3RovH7baMU4RIq+cNus8WtBck5gLaWd0kD0eRYp
+jRL7L0DGCIgFpXT0xe62/h90Sjvfbt7Jlb//a2xxQbQJVTSFA3qu9UmFhJxYphr
3xjf5mtfM7LBUtvVilvNQ9JMORNlXsF1KK0pGph3AVZCnIs6VPOplMJLEJyfpB5R
vm6N1QMWQ6QOd15XJ2pnt/wSOTp1tk76I2EhjoF/G53n9LpUdzvmCZfsiLXs/Rh5
wEKTK8vgrrR8rgxVWwpxv6+Oi5WmLJg7vvwx8PolbUGM1lH10KZP/nMyOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBerYs7uE9IaGqe3hf0FY6DmHMOXMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRjZ0aXp1NFQwaG9hcDdlRl9RVmpvT1ljdzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwekJAwQC
wek4MA0GCSqGSIb3DQEBCwUAA4IBAQA96EVL7VsR42Ho+jKZtouKsLShF6QxUv8R
ZsDHP2stmZMeHA+3JbX1NEBWvxOBlJTrPzDXbM/zEyh6bBo1ABdHf3fCnI6rZBlP
KiCn/IHrIoJmuNtJ+5uc2J9LatMXwK1jGeHoNBD2zSOe85UqIvuqMKEkPfRWZNnV
eNOOUlCT958htWeiM59KcfNG6EM6ibRtwY99LxG8zq9xmMfclXdHVas8O0gMYBvm
YoX1hTxZRGzpLqh9qTsbF3I2p7oVDMc9AedE4CdHsJC8vaGR8xs1z10pGDaOvf3o
4kA8E1yQKsVuGKHF4JUjQ8sRYzmzBUB0t/NCG6CB5Ng7ze6oSfS0
-----END CERTIFICATE-----
Generated at Sat May 4 21:39:10 2024 by rpki-client on console-fra.rpki-client.org