Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/iBlZ7i1gQR0s9uQ615Vxb1oHfpg.roa
File: iBlZ7i1gQR0s9uQ615Vxb1oHfpg.roa (raw, json)
Hash identifier: /aKFtH8po/XZiMo+Lqvk+uIA6zkgf356H7RI1lWRkm8=
Subject key identifier: 88:19:59:EE:2D:60:41:1D:2C:F6:E4:3A:D7:95:71:6F:5A:07:7E:98
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC795331953A68651E8D1D33065449C58
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/iBlZ7i1gQR0s9uQ615Vxb1oHfpg.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204898
IP address blocks: 193.233.151.0/24 maxlen: 24
193.233.7.0/24 maxlen: 24
193.233.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 22:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:33:19:53:a6:86:51:e8:d1:d3:30:65:44:9c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=881959ee2d60411d2cf6e43ad795716f5a077e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:06:17:2c:90:8f:6f:8a:60:78:1f:c9:26:
09:fc:59:9c:14:2d:63:de:6a:3a:ca:7d:b7:fd:2e:
00:b0:27:94:7e:fd:48:08:98:b5:93:8a:82:08:2c:
01:10:95:18:f9:65:d7:23:d6:a1:59:a7:a7:9f:b0:
8c:f0:59:53:51:55:17:23:17:54:68:7e:ba:24:9d:
d9:29:35:1d:99:cf:65:f5:3c:f4:88:93:33:98:96:
6e:25:82:7a:44:f0:cf:df:87:fe:ec:6b:fc:10:4e:
d7:26:24:73:6d:b5:29:69:2d:4b:b7:bb:67:fe:45:
7b:68:3e:e6:c5:b2:0b:57:55:5d:0e:49:d1:6a:e1:
67:b1:fd:11:7f:3d:a6:38:04:d4:89:56:14:a7:ca:
08:79:15:63:a7:53:bf:e7:35:93:60:27:25:1a:3c:
ed:06:fb:83:54:67:c9:41:7d:fb:0e:cd:08:5b:a2:
8c:ab:69:1b:36:30:07:41:64:f4:48:7c:49:27:c5:
08:63:33:39:ee:38:fe:c1:6b:12:72:f1:63:0e:5c:
8c:fe:c4:d7:07:74:a5:f9:0e:b1:1c:8e:54:06:b6:
52:cd:13:05:d3:f4:ac:48:78:2c:9d:f1:b4:a4:0c:
df:ac:57:bd:c3:54:7e:2d:7b:35:fb:d4:ac:e0:bd:
3f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:19:59:EE:2D:60:41:1D:2C:F6:E4:3A:D7:95:71:6F:5A:07:7E:98
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/iBlZ7i1gQR0s9uQ615Vxb1oHfpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.5.0/24
193.233.7.0/24
193.233.151.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:d9:84:48:b2:56:68:e2:7d:9b:62:79:51:ad:7e:02:4d:78:
45:b8:bc:76:f3:73:da:51:9f:5f:40:75:1e:89:e7:13:6f:66:
72:37:e9:15:e4:18:de:ce:76:e9:31:e4:c5:dd:41:44:94:9e:
8f:3a:4c:28:b4:7f:f7:d2:58:f4:a8:ed:8f:f3:b8:94:f3:d4:
9d:9c:20:8d:98:de:a1:04:bc:94:4c:e0:b9:4a:ed:31:b9:84:
2a:4c:54:28:53:b4:2d:0f:62:11:b0:48:86:47:2d:75:8b:bf:
db:5d:a9:99:b4:64:52:76:b2:fa:f5:6d:ba:d2:7a:6d:e0:ca:
ff:20:b9:77:3a:97:81:8d:65:e5:ce:62:0d:f0:23:f5:92:a8:
95:4d:ba:a6:ea:02:99:68:ae:57:c0:e2:dc:5f:b4:1f:e8:d7:
48:b0:cd:b8:6a:8c:23:eb:bc:49:20:16:98:a3:fc:ac:0b:3f:
61:db:02:97:f9:3f:0a:e8:1f:1e:11:2f:99:84:2f:09:9f:19:
c5:d5:3f:ff:5e:65:cb:44:75:9b:23:dd:fe:8d:03:28:7b:39:
8c:e5:2f:16:93:77:62:95:1c:0a:50:b1:bf:37:9a:63:39:8e:
f0:46:c4:2c:ac:7c:3a:80:76:2e:46:00:15:14:6f:2e:95:f3:
d8:5e:38:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlTMZU6aGUejR0zBlRJxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODE5NTllZTJkNjA0MTFkMmNmNmU0M2FkNzk1NzE2ZjVhMDc3ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6sGFyyQj2+KYHgfySYJ/FmcFC1j
3mo6yn23/S4AsCeUfv1ICJi1k4qCCCwBEJUY+WXXI9ahWaenn7CM8FlTUVUXIxdU
aH66JJ3ZKTUdmc9l9Tz0iJMzmJZuJYJ6RPDP34f+7Gv8EE7XJiRzbbUpaS1Lt7tn
/kV7aD7mxbILV1VdDknRauFnsf0Rfz2mOATUiVYUp8oIeRVjp1O/5zWTYCclGjzt
BvuDVGfJQX37Ds0IW6KMq2kbNjAHQWT0SHxJJ8UIYzM57jj+wWsScvFjDlyM/sTX
B3Sl+Q6xHI5UBrZSzRMF0/SsSHgsnfG0pAzfrFe9w1R+LXs1+9Ss4L0/GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIgZWe4tYEEdLPbkOteVcW9aB36YMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaUJsWjdpMWdRUjBzOXVRNjE1VnhiMW9IZnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekFAwQA
wekHAwQAwemXMA0GCSqGSIb3DQEBCwUAA4IBAQB+2YRIslZo4n2bYnlRrX4CTXhF
uLx283PaUZ9fQHUeiecTb2ZyN+kV5BjeznbpMeTF3UFElJ6POkwotH/30lj0qO2P
87iU89SdnCCNmN6hBLyUTOC5Su0xuYQqTFQoU7QtD2IRsEiGRy11i7/bXamZtGRS
drL69W260npt4Mr/ILl3OpeBjWXlzmIN8CP1kqiVTbqm6gKZaK5XwOLcX7Qf6NdI
sM24aowj67xJIBaYo/ysCz9h2wKX+T8K6B8eES+ZhC8JnxnF1T//XmXLRHWbI93+
jQMoezmM5S8Wk3dilRwKULG/N5pjOY7wRsQsrHw6gHYuRgAVFG8ulfPYXjg4
-----END CERTIFICATE-----
Generated at Sun May 5 06:05:05 2024 by rpki-client on console-fra.rpki-client.org