Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/hBisYyzoGLAIdu6y5ul6AvwEVIg.roa
File: hBisYyzoGLAIdu6y5ul6AvwEVIg.roa (raw, json)
Hash identifier: EIoXuQr2Z0L+IbOs2efap0Ya5ubPoHb8/eJGJPeVcKQ=
Subject key identifier: 84:18:AC:63:2C:E8:18:B0:08:76:EE:B2:E6:E9:7A:02:FC:04:54:88
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952D2CB44913880B4D2FCBDA9784D9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/hBisYyzoGLAIdu6y5ul6AvwEVIg.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61121
IP address blocks: 193.233.236.0/23 maxlen: 24
193.233.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2d:2c:b4:49:13:88:0b:4d:2f:cb:da:97:84:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8418ac632ce818b00876eeb2e6e97a02fc045488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a3:f2:99:bd:ab:e8:1b:8e:a0:24:70:f5:b2:
51:51:9d:e1:55:4c:c7:c1:a7:f8:61:bc:e0:a2:1b:
ba:f9:85:03:2e:26:d3:d9:44:aa:d9:43:11:d6:ca:
80:39:4b:64:92:0d:22:10:65:9d:37:6b:9b:f1:85:
22:a5:25:c7:f1:71:30:9c:12:52:c3:8b:e1:61:a5:
7e:c0:92:61:92:13:8d:6b:93:c5:49:04:6a:5c:08:
75:73:ab:db:43:b4:7a:a1:a7:26:54:1d:0e:a4:26:
b4:fc:a0:52:71:08:da:51:ae:a7:23:a8:93:7e:df:
67:e2:db:fd:a9:90:4b:c7:27:de:9f:80:62:36:df:
c3:c7:b1:8d:c2:4c:9f:71:89:6e:d1:69:a9:46:bd:
ad:d0:89:3f:f7:96:be:e3:fc:75:f4:86:96:b4:17:
e4:cb:8b:72:c3:a4:f2:bb:1e:86:08:28:d1:64:e0:
75:80:4d:1a:1e:ce:ff:b1:f7:cb:02:6c:88:b1:bb:
4b:dd:ca:9e:b3:c0:a0:8b:e3:07:22:77:e4:23:4f:
fb:5e:e0:8e:70:3c:c3:b2:9c:10:8c:24:45:40:79:
78:a3:af:b6:81:20:82:29:d9:6c:9c:75:88:8e:6a:
af:fb:c5:25:04:27:67:e0:19:04:31:ac:11:32:16:
f7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:18:AC:63:2C:E8:18:B0:08:76:EE:B2:E6:E9:7A:02:FC:04:54:88
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/hBisYyzoGLAIdu6y5ul6AvwEVIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.236.0/22
Signature Algorithm: sha256WithRSAEncryption
15:bd:24:a7:d3:b9:13:a3:03:42:7b:70:89:5a:60:5b:c5:5f:
75:3d:5f:e3:e3:df:8c:e7:68:52:68:6c:35:dc:dd:c6:0a:2b:
84:78:1f:0b:94:4a:4e:1e:88:eb:32:f5:cc:84:d9:b8:db:07:
e1:c3:76:af:53:a8:80:4b:e6:58:f9:ee:3c:38:56:4a:f9:17:
fa:e9:29:05:58:89:b0:08:5d:1b:fa:e0:e3:97:21:65:cb:ad:
1b:5f:76:32:c4:d3:2b:33:f4:f3:43:b5:82:7a:0f:f5:e8:b0:
de:52:17:83:8d:2e:5d:02:7b:64:0c:3b:67:59:31:10:0d:f5:
84:ce:04:ac:32:26:a8:30:54:9a:7d:80:b5:7c:12:33:70:5f:
c4:6d:d8:b7:e0:14:c3:c1:1d:14:13:69:f4:95:d8:3d:37:e7:
3f:a7:f3:74:07:76:f5:ed:83:db:43:e9:24:70:b7:ba:be:8f:
a0:bc:4c:a5:36:79:70:41:e8:d0:1f:38:5c:d8:5c:0d:46:2a:
38:ee:d9:6a:16:66:b6:ad:ad:2e:19:1d:0a:bb:3e:db:02:fa:
f6:ec:3c:39:4f:5e:cc:e6:f7:9c:b4:ec:90:12:da:b9:74:8c:
2d:7f:b8:cf:ec:29:01:a2:9e:16:b0:d8:a9:05:ac:76:14:f8:
c3:ca:58:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlS0stEkTiAtNL8val4TZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDE4YWM2MzJjZTgxOGIwMDg3NmVlYjJlNmU5N2EwMmZjMDQ1NDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqPymb2r6BuOoCRw9bJRUZ3hVUzH
waf4Ybzgohu6+YUDLibT2USq2UMR1sqAOUtkkg0iEGWdN2ub8YUipSXH8XEwnBJS
w4vhYaV+wJJhkhONa5PFSQRqXAh1c6vbQ7R6oacmVB0OpCa0/KBScQjaUa6nI6iT
ft9n4tv9qZBLxyfen4BiNt/Dx7GNwkyfcYlu0WmpRr2t0Ik/95a+4/x19IaWtBfk
y4tyw6Tyux6GCCjRZOB1gE0aHs7/sffLAmyIsbtL3cqes8Cgi+MHInfkI0/7XuCO
cDzDspwQjCRFQHl4o6+2gSCCKdlsnHWIjmqv+8UlBCdn4BkEMawRMhb3dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQYrGMs6BiwCHbusubpegL8BFSIMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaEJpc1l5em9HTEFJZHU2eTV1bDZBdndFVklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwensMA0G
CSqGSIb3DQEBCwUAA4IBAQAVvSSn07kTowNCe3CJWmBbxV91PV/j49+M52hSaGw1
3N3GCiuEeB8LlEpOHojrMvXMhNm42wfhw3avU6iAS+ZY+e48OFZK+Rf66SkFWImw
CF0b+uDjlyFly60bX3YyxNMrM/TzQ7WCeg/16LDeUheDjS5dAntkDDtnWTEQDfWE
zgSsMiaoMFSafYC1fBIzcF/Ebdi34BTDwR0UE2n0ldg9N+c/p/N0B3b17YPbQ+kk
cLe6vo+gvEylNnlwQejQHzhc2FwNRio47tlqFma2ra0uGR0Kuz7bAvr27Dw5T17M
5vectOyQEtq5dIwtf7jP7CkBop4WsNipBax2FPjDylgd
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:22:59 2024 by rpki-client on console-ams.rpki-client.org