Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLswGCr10hMywAU3uI861bN-mO4.roa
File: sLswGCr10hMywAU3uI861bN-mO4.roa (raw, json)
Hash identifier: CNf47+XNjtkCCwtunMY2PkXQkdjmoVMp2cLma2IuARQ=
Subject key identifier: B0:BB:30:18:2A:F5:D2:13:32:C0:05:37:B8:8F:3A:D5:B3:7E:98:EE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018FF79413A8C83A61F9051671CF9524E8E7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLswGCr10hMywAU3uI861bN-mO4.roa
Signing time: Sat 08 Jun 2024 11:20:27 +0000
ROA not before: Sat 08 Jun 2024 11:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202423
IP address blocks: 193.233.31.0/24 maxlen: 24
193.233.72.0/24 maxlen: 24
193.233.149.0/24 maxlen: 24
193.233.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f7:94:13:a8:c8:3a:61:f9:05:16:71:cf:95:24:e8:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 8 11:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0bb30182af5d21332c00537b88f3ad5b37e98ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2a:53:59:97:eb:ce:12:f2:08:77:8d:06:89:
23:78:0a:1b:ba:6d:4a:c5:1e:f9:fe:a5:a8:ce:12:
ce:64:b9:e4:68:33:b2:9c:55:b1:42:33:83:a0:0f:
eb:89:0e:c9:82:40:f5:65:16:d2:a2:6b:80:a2:fc:
61:a7:c5:c0:a5:94:15:9e:6e:6e:f6:3c:27:e9:f3:
1b:f6:fe:8e:ea:db:77:bb:6a:d7:94:8b:30:be:fe:
8b:b4:0b:b8:19:a4:dc:32:ef:51:71:2d:6b:63:01:
b7:2e:65:01:94:75:46:12:cb:77:3d:82:b1:6d:9e:
d6:41:2c:b9:88:e4:79:da:ba:f5:ea:60:0d:f0:13:
ff:63:25:cf:0c:e8:d3:36:cc:e9:9d:eb:c5:45:05:
ca:f6:2e:07:5c:1a:87:b6:8d:dd:1c:e0:db:95:de:
4e:a1:d8:e9:83:df:1b:88:7e:7b:6b:20:2f:0b:d0:
cc:c8:c4:4e:76:63:45:d7:b8:b2:e3:07:2d:e4:41:
76:8e:9b:bc:1a:66:1b:28:9a:2e:08:7c:0b:ac:50:
d2:db:d3:9b:a2:48:23:19:c2:5d:29:93:aa:ca:36:
c5:f6:93:9a:f3:d3:fc:0b:e8:67:a1:f4:50:8b:18:
84:21:ac:da:4c:9d:a9:2a:24:79:83:7b:50:76:7c:
07:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BB:30:18:2A:F5:D2:13:32:C0:05:37:B8:8F:3A:D5:B3:7E:98:EE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLswGCr10hMywAU3uI861bN-mO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.31.0/24
193.233.72.0/24
193.233.149.0/24
193.233.174.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:56:58:d0:4d:fb:e4:ae:ee:22:5d:04:99:a8:9c:dd:5a:3e:
5f:eb:82:8f:ff:6e:7d:3c:07:77:66:44:ca:69:6e:3b:74:24:
7c:c8:07:e9:55:02:aa:b2:a4:2c:36:45:6b:d3:ec:37:33:c0:
7c:0f:8a:ed:47:4b:d0:c7:a8:72:e2:ea:fb:ca:52:73:fc:35:
c6:8e:db:eb:49:2e:41:78:4d:ae:c8:40:af:f6:b7:f3:42:3e:
b7:ad:ca:11:cb:bc:02:9d:cf:d4:47:ea:b2:17:e3:a7:69:c3:
fe:77:90:67:09:7c:09:9e:bf:ef:8c:e8:ac:e6:dc:87:c7:6a:
13:58:89:61:3f:5b:3e:2e:55:13:e5:0c:37:90:ea:72:34:d5:
70:19:98:35:0e:a6:e3:dc:50:8d:4f:ac:0a:53:be:8c:3d:0a:
05:01:b6:86:1c:45:e8:13:fb:c2:4c:fa:92:b2:52:fe:7f:b1:
28:3f:0f:9c:cf:66:42:a3:0f:a6:86:d6:70:b8:d1:de:f0:61:
f0:76:9d:fa:38:17:96:21:54:02:e8:c9:e6:e1:3c:db:a0:46:
c6:40:77:86:10:2c:3f:63:39:95:05:6c:16:82:22:39:cb:0c:
94:16:ae:8d:7a:43:32:7a:df:d0:f0:29:b3:c1:0f:db:c3:72:
02:5d:22:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/3lBOoyDph+QUWcc+VJOjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNjA4MTEyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGJiMzAxODJhZjVkMjEzMzJjMDA1MzdiODhmM2FkNWIzN2U5OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSpTWZfrzhLyCHeNBokjeAobum1K
xR75/qWozhLOZLnkaDOynFWxQjODoA/riQ7JgkD1ZRbSomuAovxhp8XApZQVnm5u
9jwn6fMb9v6O6tt3u2rXlIswvv6LtAu4GaTcMu9RcS1rYwG3LmUBlHVGEst3PYKx
bZ7WQSy5iOR52rr16mAN8BP/YyXPDOjTNszpnevFRQXK9i4HXBqHto3dHODbld5O
odjpg98biH57ayAvC9DMyMROdmNF17iy4wct5EF2jpu8GmYbKJouCHwLrFDS29Ob
okgjGcJdKZOqyjbF9pOa89P8C+hnofRQixiEIazaTJ2pKiR5g3tQdnwHHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLC7MBgq9dITMsAFN7iPOtWzfpjuMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvc0xzd0dDcjEwaE15d0FVM3VJODYxYk4tbU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwekfAwQA
welIAwQAwemVAwQAwemuMA0GCSqGSIb3DQEBCwUAA4IBAQBPVljQTfvkru4iXQSZ
qJzdWj5f64KP/259PAd3ZkTKaW47dCR8yAfpVQKqsqQsNkVr0+w3M8B8D4rtR0vQ
x6hy4ur7ylJz/DXGjtvrSS5BeE2uyECv9rfzQj63rcoRy7wCnc/UR+qyF+OnacP+
d5BnCXwJnr/vjOis5tyHx2oTWIlhP1s+LlUT5Qw3kOpyNNVwGZg1Dqbj3FCNT6wK
U76MPQoFAbaGHEXoE/vCTPqSslL+f7EoPw+cz2ZCow+mhtZwuNHe8GHwdp36OBeW
IVQC6Mnm4TzboEbGQHeGECw/YzmVBWwWgiI5ywyUFq6NekMyet/Q8CmzwQ/bw3IC
XSI/
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:09 2024 by rpki-client on console-ams.rpki-client.org