Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tJBDzXI-WN6hi4odhaSf9uJWeZU.roa
File: tJBDzXI-WN6hi4odhaSf9uJWeZU.roa (raw, json)
Hash identifier: VBvsGhVsVhQpt9KaVLbGcNNPgGI+rsIXVAbPoEKixyk=
Subject key identifier: B4:90:43:CD:72:3E:58:DE:A1:8B:8A:1D:85:A4:9F:F6:E2:56:79:95
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7951E8FBE2E95EE80604034FE12CD1F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tJBDzXI-WN6hi4odhaSf9uJWeZU.roa
Signing time: Tue 02 Jan 2024 00:31:27 +0000
ROA not before: Tue 02 Jan 2024 00:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 193.233.251.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1e:8f:be:2e:95:ee:80:60:40:34:fe:12:cd:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b49043cd723e58dea18b8a1d85a49ff6e2567995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:76:75:cb:3c:dd:29:1e:79:0d:4f:53:5a:31:
ff:33:fe:67:2e:65:c5:af:4d:a0:0f:35:e0:e4:19:
9f:7a:5e:b9:c6:93:df:15:c5:00:07:a5:93:3c:48:
61:e5:f9:ea:62:06:bb:2d:15:4f:a9:7c:20:3c:f7:
64:3c:20:d0:3c:e2:4b:05:b1:ce:cc:ee:8a:fa:52:
36:75:e8:de:ae:13:be:ec:76:be:b3:3e:fb:6e:b3:
60:13:86:ed:3b:f2:f7:79:ee:04:18:47:05:9e:04:
d1:59:8f:c3:e2:a2:97:1a:b8:c4:84:50:0f:7a:17:
93:78:e9:84:d1:55:a1:42:ac:f7:dc:08:9d:00:d7:
a9:a4:1f:47:ba:2f:98:b6:37:03:bf:47:22:d4:d1:
4e:12:65:b3:4d:b9:07:13:45:1a:b7:4c:fe:f2:30:
22:c6:55:0b:8a:76:62:2a:65:55:fd:f1:ff:6a:59:
ed:4e:42:b1:16:a5:e0:ba:cc:bd:5a:02:f0:d1:0f:
5a:a2:aa:ea:62:12:ef:30:f0:1c:a6:7f:5a:89:fa:
c0:12:1f:ac:aa:be:08:d4:62:da:96:21:1a:54:23:
21:13:0f:00:4e:51:b0:df:d8:c3:7c:ba:15:ae:47:
03:8f:9d:b6:41:90:12:c2:7a:f2:f8:1e:cd:0f:72:
0f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:90:43:CD:72:3E:58:DE:A1:8B:8A:1D:85:A4:9F:F6:E2:56:79:95
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tJBDzXI-WN6hi4odhaSf9uJWeZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
70:8b:42:15:25:b0:7d:4b:c6:e6:45:a2:4b:80:cb:ea:a7:82:
78:6c:c4:ee:ba:84:e7:b2:25:91:fe:36:68:72:17:d4:19:e4:
21:16:ae:98:6c:99:b6:8f:1b:75:59:88:1e:cd:18:95:b3:92:
5a:84:7b:1e:58:e0:6c:fe:c7:a8:bc:67:71:5e:fc:88:16:ff:
41:c1:eb:df:68:5f:d9:d2:9e:70:5e:74:6a:ce:97:23:aa:25:
0b:9a:68:09:de:b5:27:2a:84:84:fd:46:3e:e1:10:a5:78:5c:
a0:0e:89:51:1c:83:6d:a6:03:f9:00:e2:5d:b7:27:3f:12:6c:
f0:49:78:84:24:6b:0a:23:6c:89:ba:5a:db:c3:0d:16:f0:e4:
5b:d8:fa:75:f7:2a:a9:a2:cf:60:ed:f4:60:bf:4e:9d:73:17:
fb:b5:b9:64:58:f9:64:f2:e7:47:c8:26:9a:37:9d:5f:49:3a:
2d:07:cc:4c:77:e9:cf:ef:c8:c4:be:bb:7a:5e:4e:40:dc:3f:
2b:27:7d:2d:25:31:1d:7a:97:70:8f:bf:1c:5a:d9:fa:88:98:
1e:aa:3c:9a:49:86:bd:bc:a8:d3:47:d9:d9:96:86:e2:82:13:
24:75:3a:90:bf:45:7d:ad:cc:40:bf:b2:e3:1b:94:29:49:d7:
f8:6d:8d:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlR6Pvi6V7oBgQDT+Es0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDkwNDNjZDcyM2U1OGRlYTE4YjhhMWQ4NWE0OWZmNmUyNTY3OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHZ1yzzdKR55DU9TWjH/M/5nLmXF
r02gDzXg5Bmfel65xpPfFcUAB6WTPEhh5fnqYga7LRVPqXwgPPdkPCDQPOJLBbHO
zO6K+lI2dejerhO+7Ha+sz77brNgE4btO/L3ee4EGEcFngTRWY/D4qKXGrjEhFAP
eheTeOmE0VWhQqz33AidANeppB9Hui+YtjcDv0ci1NFOEmWzTbkHE0Uat0z+8jAi
xlULinZiKmVV/fH/alntTkKxFqXgusy9WgLw0Q9aoqrqYhLvMPAcpn9aifrAEh+s
qr4I1GLaliEaVCMhEw8ATlGw39jDfLoVrkcDj522QZASwnry+B7ND3IPLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSQQ81yPljeoYuKHYWkn/biVnmVMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdEpCRHpYSS1XTjZoaTRvZGhhU2Y5dUpXZVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwen4MA0G
CSqGSIb3DQEBCwUAA4IBAQBwi0IVJbB9S8bmRaJLgMvqp4J4bMTuuoTnsiWR/jZo
chfUGeQhFq6YbJm2jxt1WYgezRiVs5JahHseWOBs/seovGdxXvyIFv9BwevfaF/Z
0p5wXnRqzpcjqiULmmgJ3rUnKoSE/UY+4RCleFygDolRHINtpgP5AOJdtyc/Emzw
SXiEJGsKI2yJulrbww0W8ORb2Pp19yqpos9g7fRgv06dcxf7tblkWPlk8udHyCaa
N51fSTotB8xMd+nP78jEvrt6Xk5A3D8rJ30tJTEdepdwj78cWtn6iJgeqjyaSYa9
vKjTR9nZlobighMkdTqQv0V9rcxAv7LjG5QpSdf4bY2+
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:46:23 2024 by rpki-client on console-ams.rpki-client.org