Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dW9pDCJYxVo6W--BLV3Z6S_FyuI.roa
File: dW9pDCJYxVo6W--BLV3Z6S_FyuI.roa (raw, json)
Hash identifier: YZHx+mliZrvLpvZwTL5E0XwfnJyqQ8Pjrtxh5j2vZQo=
Subject key identifier: 75:6F:69:0C:22:58:C5:5A:3A:5B:EF:81:2D:5D:D9:E9:2F:C5:CA:E2
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018F0C412BFE1F444FF5955D051F51CFC3F6
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dW9pDCJYxVo6W--BLV3Z6S_FyuI.roa
Signing time: Tue 23 Apr 2024 18:39:08 +0000
ROA not before: Tue 23 Apr 2024 18:39:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207967
IP address blocks: 147.45.160.0/22 maxlen: 22
147.45.164.0/22 maxlen: 22
147.45.168.0/22 maxlen: 22
147.45.172.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:41:2b:fe:1f:44:4f:f5:95:5d:05:1f:51:cf:c3:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 23 18:39:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=756f690c2258c55a3a5bef812d5dd9e92fc5cae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dd:08:6c:b4:ac:19:b9:8b:68:57:af:4e:a8:
00:2c:e1:a7:ec:51:a3:64:f1:7f:83:b4:bb:af:df:
4c:31:31:b6:02:bc:9a:c0:12:aa:48:a1:1d:15:f9:
84:e9:4b:c1:b1:87:c1:33:06:8b:b8:53:40:07:5d:
e3:0c:5e:69:df:78:71:45:ee:64:2a:db:e2:6c:a6:
27:ef:fb:7d:53:ac:47:da:c2:e2:2c:0f:85:6b:2f:
2d:25:33:14:d7:2b:bc:a9:f2:42:93:ec:37:c8:53:
48:af:6b:fd:08:08:d8:41:12:8f:40:b0:15:b3:3a:
ef:1f:75:d0:c2:1d:65:82:f4:bb:86:28:15:82:27:
1e:e4:c8:4d:9e:1e:7b:24:96:49:46:5f:ee:a8:a7:
44:76:4e:e0:b4:b4:b3:a0:24:31:7f:f7:e0:7c:e4:
c5:b7:8c:63:ad:00:b6:e3:33:cf:00:e1:7d:9a:cc:
4f:bd:63:48:6c:af:71:b2:1d:4b:58:4e:f4:ca:63:
2b:42:d8:63:c4:aa:bc:ae:73:ab:ea:90:df:73:04:
36:d6:7d:32:8e:f9:91:1f:af:6e:af:7d:fc:43:e6:
df:60:02:a2:7a:d0:9f:a5:37:99:cc:a7:00:06:cb:
c2:2d:ca:b5:c9:e7:b6:18:79:df:83:3f:63:da:b6:
0c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6F:69:0C:22:58:C5:5A:3A:5B:EF:81:2D:5D:D9:E9:2F:C5:CA:E2
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dW9pDCJYxVo6W--BLV3Z6S_FyuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.160.0/20
193.233.108.0/22
193.233.116.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:d7:b2:d4:da:20:d9:25:d9:01:bc:26:af:19:16:03:34:4e:
4f:b1:df:db:12:79:94:49:94:1c:be:c5:9d:69:db:ff:7d:e5:
a0:8c:bf:4f:34:84:50:81:f5:a6:06:3a:67:c4:4d:fb:f6:48:
02:3a:fc:89:6d:26:7b:4e:9e:a2:15:e3:db:9e:b9:6c:1e:2a:
a1:a3:fd:08:82:c5:f2:c8:ac:fb:94:59:fd:17:35:26:b2:cf:
29:2a:fa:b6:03:2b:ce:1a:03:f4:a9:da:fd:fe:95:69:9a:88:
df:b5:17:a6:f0:22:a2:d4:42:85:76:3d:bc:37:37:84:14:05:
df:1a:35:52:26:5a:ad:f7:f3:8e:3d:e5:24:71:e3:31:fc:97:
1f:ab:d4:94:b9:97:95:df:40:bb:73:41:54:a4:30:7d:9e:bd:
b8:eb:17:18:b5:9b:19:3d:5b:7c:f1:c1:6c:10:9c:bb:58:36:
50:ab:8c:95:df:03:62:77:f5:bb:5e:9d:28:34:b3:bf:5a:6f:
94:77:2b:de:88:85:c1:19:30:22:d5:ce:0d:d8:76:c0:56:bd:
29:c0:f8:fb:35:ab:f2:3d:b2:51:51:7a:26:9a:8a:60:72:ad:
82:2f:d4:d9:52:a4:81:8f:16:00:7f:c6:ba:19:26:f6:86:a8:
cd:9a:35:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8MQSv+H0RP9ZVdBR9Rz8P2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDIzMTgzOTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZmNjkwYzIyNThjNTVhM2E1YmVmODEyZDVkZDllOTJmYzVjYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt0IbLSsGbmLaFevTqgALOGn7FGj
ZPF/g7S7r99MMTG2AryawBKqSKEdFfmE6UvBsYfBMwaLuFNAB13jDF5p33hxRe5k
KtvibKYn7/t9U6xH2sLiLA+Fay8tJTMU1yu8qfJCk+w3yFNIr2v9CAjYQRKPQLAV
szrvH3XQwh1lgvS7higVgice5MhNnh57JJZJRl/uqKdEdk7gtLSzoCQxf/fgfOTF
t4xjrQC24zPPAOF9msxPvWNIbK9xsh1LWE70ymMrQthjxKq8rnOr6pDfcwQ21n0y
jvmRH69ur338Q+bfYAKietCfpTeZzKcABsvCLcq1yee2GHnfgz9j2rYM3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHVvaQwiWMVaOlvvgS1d2ekvxcriMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZFc5cERDSll4Vm82Vy0tQkxWM1o2U19GeXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEky2gAwQC
welsAwQCwel0MA0GCSqGSIb3DQEBCwUAA4IBAQAr17LU2iDZJdkBvCavGRYDNE5P
sd/bEnmUSZQcvsWdadv/feWgjL9PNIRQgfWmBjpnxE379kgCOvyJbSZ7Tp6iFePb
nrlsHiqho/0IgsXyyKz7lFn9FzUmss8pKvq2AyvOGgP0qdr9/pVpmojftRem8CKi
1EKFdj28NzeEFAXfGjVSJlqt9/OOPeUkceMx/Jcfq9SUuZeV30C7c0FUpDB9nr24
6xcYtZsZPVt88cFsEJy7WDZQq4yV3wNid/W7Xp0oNLO/Wm+UdyveiIXBGTAi1c4N
2HbAVr0pwPj7NavyPbJRUXommopgcq2CL9TZUqSBjxYAf8a6GSb2hqjNmjVj
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:20:55 2024 by rpki-client on console-ams.rpki-client.org