Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MHUwwjqwMAsyvh15bV7nyttyo2c.roa
File: MHUwwjqwMAsyvh15bV7nyttyo2c.roa (raw, json)
Hash identifier: iCiVotTrqH4HLhNy9D8S+fvoUHTQb1T1LzAJ8qQMcaM=
Subject key identifier: 30:75:30:C2:3A:B0:30:0B:32:BE:1D:79:6D:5E:E7:CA:DB:72:A3:67
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018DB144567018157629889B37C0E037CAFE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MHUwwjqwMAsyvh15bV7nyttyo2c.roa
Signing time: Fri 16 Feb 2024 09:34:22 +0000
ROA not before: Fri 16 Feb 2024 09:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.22.0/24 maxlen: 24
193.233.72.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:44:56:70:18:15:76:29:88:9b:37:c0:e0:37:ca:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 16 09:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=307530c23ab0300b32be1d796d5ee7cadb72a367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ea:6d:20:82:d3:1f:da:67:7e:91:4c:42:6e:
96:fc:a5:81:a3:40:cc:c0:8d:3a:c9:76:b6:f4:d5:
94:5c:ea:36:3f:c5:25:10:7e:57:f0:15:39:77:db:
d4:df:48:d3:a5:0e:a2:0d:f7:e2:fe:3c:e4:22:94:
0a:be:de:33:73:18:83:a7:63:4d:88:1b:55:7f:ff:
b4:0e:f4:6e:46:44:90:28:5d:9d:00:30:02:3c:17:
35:38:9e:74:55:89:64:47:ea:73:e1:52:50:a7:ea:
5c:39:c5:a3:5e:17:68:a0:e6:ad:f8:97:20:f0:ce:
23:f3:55:25:f9:19:ed:0c:78:52:a1:a1:e7:09:24:
1c:de:da:0d:41:98:48:7f:de:af:bb:cf:0a:ad:e8:
00:cc:0a:8b:86:5f:e3:d8:86:03:30:c6:43:49:7c:
a5:e0:1f:39:6e:5a:3a:b3:71:88:5c:bf:12:40:43:
1f:c9:3a:f2:0a:ef:d9:ed:08:ec:7c:3d:db:23:3f:
e3:b8:e6:6a:90:a0:f2:23:46:91:e8:8c:db:7d:84:
7f:6c:4f:cc:76:ce:98:98:a4:51:25:a8:92:a4:18:
fc:37:f5:50:d7:c3:f3:7f:95:e3:d1:db:10:03:62:
55:53:79:e2:b9:e0:44:ac:cd:1c:90:5d:2f:b0:07:
4a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:75:30:C2:3A:B0:30:0B:32:BE:1D:79:6D:5E:E7:CA:DB:72:A3:67
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MHUwwjqwMAsyvh15bV7nyttyo2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.22.0/24
193.233.72.0/24
193.233.88.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
81:06:c9:11:20:0a:dc:29:00:61:c5:27:8d:c7:60:4c:9c:d9:
c4:54:63:06:11:d0:54:3a:8c:c6:ab:c6:31:4d:58:67:23:29:
d9:19:33:0f:89:de:c3:ea:38:8b:a5:d7:74:b0:b0:bc:c7:e5:
7d:95:6b:97:3c:c9:61:e7:a2:9f:7e:79:bb:4e:59:3a:37:d5:
fe:2d:6c:d8:c3:76:19:f5:8c:08:82:f0:4b:43:d6:84:21:ae:
da:86:c3:03:6a:d0:69:d7:d5:8b:8e:e8:49:e9:95:a8:00:31:
ee:91:ae:fc:d0:07:f5:05:ef:40:3f:af:03:d3:3c:a7:87:af:
9c:20:bd:58:3e:6c:62:08:62:e5:c2:1e:32:9e:34:31:a8:df:
87:c9:44:8d:32:73:73:93:b5:4a:e1:30:96:f0:9b:09:09:80:
0e:5d:50:1b:67:11:29:8c:8b:51:f9:f1:3a:f5:e9:ca:38:6e:
65:51:7d:14:5e:84:a1:47:e8:43:fc:3b:a1:34:14:db:d3:08:
63:f6:49:4b:a8:a9:97:70:16:8a:4d:c8:71:f6:a7:f7:26:53:
b9:77:5b:9c:e0:df:70:a5:38:ff:f7:a1:bc:6a:11:0f:81:b4:
53:b8:9f:f2:4f:54:21:40:b4:d3:d0:3e:c7:d5:12:8e:36:a8:
69:12:b1:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2xRFZwGBV2KYibN8DgN8r+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjE2MDkzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDc1MzBjMjNhYjAzMDBiMzJiZTFkNzk2ZDVlZTdjYWRiNzJhMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquptIILTH9pnfpFMQm6W/KWBo0DM
wI06yXa29NWUXOo2P8UlEH5X8BU5d9vU30jTpQ6iDffi/jzkIpQKvt4zcxiDp2NN
iBtVf/+0DvRuRkSQKF2dADACPBc1OJ50VYlkR+pz4VJQp+pcOcWjXhdooOat+Jcg
8M4j81Ul+RntDHhSoaHnCSQc3toNQZhIf96vu88KregAzAqLhl/j2IYDMMZDSXyl
4B85blo6s3GIXL8SQEMfyTryCu/Z7QjsfD3bIz/juOZqkKDyI0aR6IzbfYR/bE/M
ds6YmKRRJaiSpBj8N/VQ18Pzf5Xj0dsQA2JVU3niueBErM0ckF0vsAdKQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDB1MMI6sDALMr4deW1e58rbcqNnMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTUhVd3dqcXdNQXN5dmgxNWJWN255dHR5bzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwekWAwQA
welIAwQCwelYAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQCBBskRIArcKQBhxSeN
x2BMnNnEVGMGEdBUOozGq8YxTVhnIynZGTMPid7D6jiLpdd0sLC8x+V9lWuXPMlh
56Kffnm7Tlk6N9X+LWzYw3YZ9YwIgvBLQ9aEIa7ahsMDatBp19WLjuhJ6ZWoADHu
ka780Af1Be9AP68D0zynh6+cIL1YPmxiCGLlwh4ynjQxqN+HyUSNMnNzk7VK4TCW
8JsJCYAOXVAbZxEpjItR+fE69enKOG5lUX0UXoShR+hD/DuhNBTb0whj9klLqKmX
cBaKTchx9qf3JlO5d1uc4N9wpTj/96G8ahEPgbRTuJ/yT1QhQLTT0D7H1RKONqhp
ErHg
-----END CERTIFICATE-----
Generated at Sun May 5 00:16:14 2024 by rpki-client on console-ams.rpki-client.org