Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/cxkvmUzKj67DwiBMIEGj-WbpVLk.roa
File: cxkvmUzKj67DwiBMIEGj-WbpVLk.roa (raw, json)
Hash identifier: mpNX6NN8Y4YUDUKEP33NislJ9MlSL5O3dz2/6UdYH4o=
Subject key identifier: 73:19:2F:99:4C:CA:8F:AE:C3:C2:20:4C:20:41:A3:F9:66:E9:54:B9
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952554732BF2C9BB3779EF374E7A1E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/cxkvmUzKj67DwiBMIEGj-WbpVLk.roa
Signing time: Tue 02 Jan 2024 00:31:29 +0000
ROA not before: Tue 02 Jan 2024 00:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42745
IP address blocks: 193.233.15.0/24 maxlen: 24
193.233.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:25:54:73:2b:f2:c9:bb:37:79:ef:37:4e:7a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73192f994cca8faec3c2204c2041a3f966e954b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:53:3f:e4:12:0f:2e:b8:16:8c:92:eb:4a:64:
48:7c:e8:ae:a9:4f:8e:cb:87:35:81:23:76:c1:5c:
23:bd:5f:ea:aa:53:20:a8:9a:01:2a:e3:61:81:94:
50:f9:6b:cb:03:84:04:5a:2f:19:34:04:01:27:27:
d4:76:2b:89:4c:c1:0f:ee:7e:2e:01:dc:51:5c:57:
dc:19:9a:93:c6:a6:3f:10:99:fd:7b:9e:54:82:c3:
b5:72:93:bf:c3:37:78:af:55:1c:ef:b0:82:77:7c:
06:19:4e:31:6d:25:0b:c0:4e:c5:59:b1:60:0b:ca:
0d:40:0d:96:ca:ef:5c:a2:a2:5b:de:58:f8:6d:b6:
90:ad:b4:e6:f3:df:a1:e3:4d:fb:5c:23:0c:73:a7:
02:b3:e7:e7:87:54:1b:b4:4e:ae:2c:5d:02:c2:46:
47:ed:e6:d1:37:a9:ea:74:e6:45:fe:16:39:e8:f1:
19:27:e2:0e:4f:83:05:8d:28:76:77:85:f2:c3:00:
f1:0a:50:90:fc:85:a7:19:df:32:7f:fe:b3:37:40:
c3:98:14:e8:3d:a0:4e:cb:03:fd:70:0a:71:10:d7:
6a:8f:18:18:44:6e:aa:65:49:04:ae:f3:a2:07:72:
4a:ba:02:86:ea:30:2e:23:44:41:25:6f:8c:0f:56:
f1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:19:2F:99:4C:CA:8F:AE:C3:C2:20:4C:20:41:A3:F9:66:E9:54:B9
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/cxkvmUzKj67DwiBMIEGj-WbpVLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.15.0/24
193.233.63.0/24
Signature Algorithm: sha256WithRSAEncryption
82:99:d7:4c:a3:09:31:46:17:52:54:1b:80:af:d2:ef:d2:a3:
e3:54:bc:48:b6:78:03:2d:5d:cd:62:56:38:1e:83:8e:47:22:
5e:28:55:60:a7:19:a0:32:77:24:dd:01:a8:59:e3:12:9c:43:
d2:e4:1f:27:0a:0f:fb:34:8a:09:b4:a3:94:e4:73:88:0d:b6:
43:72:c4:8e:d3:b2:68:aa:8f:2b:7e:b4:39:b2:42:f2:0b:ff:
9d:1f:68:e9:4b:25:c9:ba:36:c1:c9:04:57:bd:66:b4:53:f8:
6a:d1:dc:7b:99:46:54:4d:2e:f6:d7:71:5a:64:14:53:d7:0f:
7d:aa:76:d7:42:ac:5d:c3:eb:e9:1e:b2:60:4f:09:01:d0:8f:
5c:c5:08:ee:30:6a:1e:14:1c:78:70:3f:6c:69:88:67:76:de:
45:11:cb:49:04:01:2f:43:a6:15:bf:05:67:27:6a:ad:f5:c5:
03:4a:a8:f4:55:64:26:66:6e:ce:bd:e4:45:30:ae:5c:c0:dc:
eb:cb:60:f8:33:98:82:a7:66:74:20:57:79:d4:96:a7:22:85:
a7:56:89:90:c9:93:64:68:1d:53:8a:51:03:8b:60:f8:a7:3e:
d6:2b:01:d2:d6:18:1b:cc:c2:07:fb:76:53:9a:60:33:a7:14:
10:b4:b4:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlSVUcyvyybs3ee83TnoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE5MmY5OTRjY2E4ZmFlYzNjMjIwNGMyMDQxYTNmOTY2ZTk1NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1M/5BIPLrgWjJLrSmRIfOiuqU+O
y4c1gSN2wVwjvV/qqlMgqJoBKuNhgZRQ+WvLA4QEWi8ZNAQBJyfUdiuJTMEP7n4u
AdxRXFfcGZqTxqY/EJn9e55UgsO1cpO/wzd4r1Uc77CCd3wGGU4xbSULwE7FWbFg
C8oNQA2Wyu9coqJb3lj4bbaQrbTm89+h4037XCMMc6cCs+fnh1QbtE6uLF0CwkZH
7ebRN6nqdOZF/hY56PEZJ+IOT4MFjSh2d4XywwDxClCQ/IWnGd8yf/6zN0DDmBTo
PaBOywP9cApxENdqjxgYRG6qZUkErvOiB3JKugKG6jAuI0RBJW+MD1bxFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHMZL5lMyo+uw8IgTCBBo/lm6VS5MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvY3hrdm1VektqNjdEd2lCTUlFR2otV2JwVkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwekPAwQA
wek/MA0GCSqGSIb3DQEBCwUAA4IBAQCCmddMowkxRhdSVBuAr9Lv0qPjVLxItngD
LV3NYlY4HoOORyJeKFVgpxmgMnck3QGoWeMSnEPS5B8nCg/7NIoJtKOU5HOIDbZD
csSO07Joqo8rfrQ5skLyC/+dH2jpSyXJujbByQRXvWa0U/hq0dx7mUZUTS7213Fa
ZBRT1w99qnbXQqxdw+vpHrJgTwkB0I9cxQjuMGoeFBx4cD9saYhndt5FEctJBAEv
Q6YVvwVnJ2qt9cUDSqj0VWQmZm7OveRFMK5cwNzry2D4M5iCp2Z0IFd51JanIoWn
VomQyZNkaB1TilEDi2D4pz7WKwHS1hgbzMIH+3ZTmmAzpxQQtLSu
-----END CERTIFICATE-----
Generated at Sun May 5 00:16:14 2024 by rpki-client on console-ams.rpki-client.org