Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/FyRfmMIZ6N9E_HScfjT3wXPD27o.roa
File: FyRfmMIZ6N9E_HScfjT3wXPD27o.roa (raw, json)
Hash identifier: gs9QslYg7QLyCM+NsBCJaWp8Hu11paaxtHFpwchTcfI=
Subject key identifier: 17:24:5F:98:C2:19:E8:DF:44:FC:74:9C:7E:34:F7:C1:73:C3:DB:BA
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC795225652C636E9E16819A77C5E14B9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/FyRfmMIZ6N9E_HScfjT3wXPD27o.roa
Signing time: Tue 02 Jan 2024 00:31:28 +0000
ROA not before: Tue 02 Jan 2024 00:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8480
IP address blocks: 193.233.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:22:56:52:c6:36:e9:e1:68:19:a7:7c:5e:14:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17245f98c219e8df44fc749c7e34f7c173c3dbba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a9:1c:fa:ab:56:67:23:67:c0:e3:6c:08:a0:
87:f5:50:0f:f0:35:e3:66:44:2e:26:63:ce:ac:0c:
17:0f:4d:f1:ea:26:2e:a8:d2:d0:a2:15:02:b5:af:
f9:ab:d2:94:0e:14:cd:06:69:43:ea:5a:0b:5a:35:
e9:d5:1a:0a:cc:e7:a7:bd:39:b1:66:9e:54:6a:80:
ca:76:7a:a5:1c:b2:c2:e0:9b:d2:b3:21:08:62:9d:
6f:da:5f:30:9e:a2:b3:95:ce:dd:d3:03:ad:73:6c:
60:9f:50:9a:aa:33:51:ca:0b:a3:b6:cf:dd:bf:ee:
42:08:54:52:f3:f9:f9:3d:42:7a:08:3a:28:21:50:
fb:ac:bc:99:af:75:59:78:fc:09:3a:52:68:2a:ba:
76:92:dc:f8:ff:eb:23:9c:76:9b:3d:ad:91:a9:ec:
09:4f:61:2c:b9:67:90:ce:15:5b:87:cd:8e:c8:1b:
e4:53:70:5d:6e:ca:93:4e:f9:b9:8e:6e:98:21:07:
45:4b:3f:4f:cc:0e:4a:e5:e1:4d:86:36:a7:6b:b1:
6a:2d:37:ca:d4:54:26:c5:6b:54:9c:b1:55:ed:33:
4a:d0:74:61:be:1d:a1:f1:bb:f4:84:9b:ef:71:fd:
a5:a5:29:5e:70:ff:28:ef:4f:c2:de:97:9f:f7:8b:
1a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:24:5F:98:C2:19:E8:DF:44:FC:74:9C:7E:34:F7:C1:73:C3:DB:BA
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/FyRfmMIZ6N9E_HScfjT3wXPD27o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.144.0/22
Signature Algorithm: sha256WithRSAEncryption
13:ea:fb:0c:95:aa:20:60:7e:bd:6e:4a:50:2a:9f:2a:8f:b6:
8c:96:6f:f3:b8:02:55:eb:83:70:4b:6c:e0:d4:9a:cb:98:b7:
97:c3:fa:07:d8:50:88:70:17:6d:8e:ab:e8:aa:51:20:3d:0b:
e5:97:67:ad:66:be:4e:ae:14:f7:f6:b3:39:d1:de:c2:91:88:
97:73:3c:1d:10:ce:55:aa:8b:54:f4:7a:1a:fe:19:45:80:a3:
38:48:7b:b3:78:b2:5d:89:63:73:87:97:45:97:9c:ff:17:f5:
f4:e7:22:dd:2d:ed:6f:91:2e:5a:0f:fe:c7:42:8a:f5:86:47:
1b:6e:e9:44:6e:f9:82:b9:42:81:c7:fb:79:ee:d7:c7:c7:0d:
c2:6d:b0:05:31:56:cf:94:de:96:67:51:05:d7:39:b2:1c:1c:
b0:c5:35:15:5b:fb:96:b2:b7:0d:4c:dc:84:16:aa:82:74:d1:
84:5c:57:70:9a:52:de:62:87:ad:28:f3:f4:b6:62:e4:9f:de:
49:d1:12:61:09:f9:74:c0:ce:48:71:e9:48:5c:98:7f:d4:3c:
68:0d:32:e2:f9:3b:93:bc:21:aa:ef:d7:00:45:84:0f:d7:8e:
2f:97:ad:56:b7:ba:fa:9c:56:b2:d5:11:e3:6d:21:2f:c9:e2:
bb:8a:48:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlSJWUsY26eFoGad8XhS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzI0NWY5OGMyMTllOGRmNDRmYzc0OWM3ZTM0ZjdjMTczYzNkYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArakc+qtWZyNnwONsCKCH9VAP8DXj
ZkQuJmPOrAwXD03x6iYuqNLQohUCta/5q9KUDhTNBmlD6loLWjXp1RoKzOenvTmx
Zp5UaoDKdnqlHLLC4JvSsyEIYp1v2l8wnqKzlc7d0wOtc2xgn1CaqjNRygujts/d
v+5CCFRS8/n5PUJ6CDooIVD7rLyZr3VZePwJOlJoKrp2ktz4/+sjnHabPa2RqewJ
T2EsuWeQzhVbh82OyBvkU3BdbsqTTvm5jm6YIQdFSz9PzA5K5eFNhjana7FqLTfK
1FQmxWtUnLFV7TNK0HRhvh2h8bv0hJvvcf2lpSlecP8o70/C3pef94samQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBckX5jCGejfRPx0nH4098Fzw9u6MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRnlSZm1NSVo2TjlFX0hTY2ZqVDN3WFBEMjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwemQMA0G
CSqGSIb3DQEBCwUAA4IBAQAT6vsMlaogYH69bkpQKp8qj7aMlm/zuAJV64NwS2zg
1JrLmLeXw/oH2FCIcBdtjqvoqlEgPQvll2etZr5OrhT39rM50d7CkYiXczwdEM5V
qotU9Hoa/hlFgKM4SHuzeLJdiWNzh5dFl5z/F/X05yLdLe1vkS5aD/7HQor1hkcb
bulEbvmCuUKBx/t57tfHxw3CbbAFMVbPlN6WZ1EF1zmyHBywxTUVW/uWsrcNTNyE
FqqCdNGEXFdwmlLeYoetKPP0tmLkn95J0RJhCfl0wM5IcelIXJh/1DxoDTLi+TuT
vCGq79cARYQP144vl61Wt7r6nFay1RHjbSEvyeK7ikj3
-----END CERTIFICATE-----
Generated at Sun May 5 00:15:45 2024 by rpki-client on console-fra.rpki-client.org