Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/mINx1L8KAoEtJZraLyLslEdWORI.roa
File: mINx1L8KAoEtJZraLyLslEdWORI.roa (raw, json)
Hash identifier: /p0SqpKIUWNmZnDmaAsh6GEA81SefzYBxURcn0YxBms=
Subject key identifier: 98:83:71:D4:BF:0A:02:81:2D:25:9A:DA:2F:22:EC:94:47:56:39:12
Certificate issuer: /CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Certificate serial: 018CC64ABE1E239C8939D4CEEE059A631E06
Authority key identifier: 16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/mINx1L8KAoEtJZraLyLslEdWORI.roa
Signing time: Mon 01 Jan 2024 18:30:36 +0000
ROA not before: Mon 01 Jan 2024 18:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25482
IP address blocks: 193.151.240.0/22 maxlen: 22
193.151.240.0/24 maxlen: 24
193.151.240.0/23 maxlen: 23
193.151.241.0/24 maxlen: 24
193.151.242.0/23 maxlen: 23
193.151.242.0/24 maxlen: 24
193.151.243.0/24 maxlen: 24
2001:678:2d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:be:1e:23:9c:89:39:d4:ce:ee:05:9a:63:1e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Validity
Not Before: Jan 1 18:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=988371d4bf0a02812d259ada2f22ec9447563912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:c2:6d:6d:8e:31:53:38:a6:59:57:4a:3e:
45:fd:59:8f:c6:65:85:65:11:fe:72:6a:d7:9c:9e:
ea:1b:c2:cd:6e:c7:12:61:8e:25:ba:a8:7d:be:c2:
94:78:b5:95:72:aa:49:bc:0c:6c:00:e7:05:a1:81:
9f:03:3e:ff:1f:92:e5:77:05:99:5b:ab:df:8d:d5:
88:3c:32:43:79:40:8f:f7:62:bd:32:ef:17:c6:77:
aa:c3:9d:5c:46:f5:06:23:40:d1:12:f4:a6:3c:ce:
f6:b8:a6:fe:9e:57:fc:33:6a:85:25:4a:53:9d:40:
66:51:b8:13:b0:ee:67:c8:73:35:93:1b:9a:0e:88:
20:a3:c4:bc:7b:a3:74:0d:08:9a:56:28:8f:63:36:
70:7d:12:a3:5d:1e:62:ea:be:0e:1b:07:6a:05:9e:
bd:45:50:ad:34:21:1a:fa:98:49:22:2a:b1:e8:7a:
76:68:b2:3b:9e:df:e6:bb:89:59:2a:7a:cf:f7:45:
6c:ba:fe:5f:77:18:37:a5:e0:d7:aa:fa:61:11:f6:
11:c6:4c:29:10:27:64:b0:e6:f1:85:a9:c2:b0:b3:
95:dc:60:57:22:a1:d9:f6:22:81:c2:64:7d:0b:0f:
ef:8e:12:99:b2:2a:e2:73:1f:a9:82:c0:5b:42:2d:
37:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:83:71:D4:BF:0A:02:81:2D:25:9A:DA:2F:22:EC:94:47:56:39:12
X509v3 Authority Key Identifier:
keyid:16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/mINx1L8KAoEtJZraLyLslEdWORI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.240.0/22
IPv6:
2001:678:2d0::/48
Signature Algorithm: sha256WithRSAEncryption
17:00:a8:f0:01:65:28:36:71:66:4e:1c:dd:a6:b7:0b:b7:a7:
69:8f:6d:d7:57:c4:ec:97:c4:92:12:d2:ad:e1:f1:2e:d2:5a:
0e:bb:e3:80:28:b1:fc:dc:db:6a:6c:e4:6e:51:ff:0f:7a:83:
9e:02:4b:0c:86:69:29:7c:0c:3f:69:35:e1:00:1b:b0:06:e4:
0e:11:93:44:5d:7e:c1:5b:9e:55:61:f5:80:45:38:5d:86:94:
2d:81:54:6a:49:0e:6e:ed:7a:08:f9:e3:87:e3:05:ae:e5:95:
21:d8:a5:4e:d9:c6:6b:c5:12:44:54:f6:6a:bd:b6:16:91:06:
18:d4:b7:f2:ba:2a:1f:ec:9f:a6:90:31:6e:71:9a:e0:c5:31:
8f:24:4e:21:4b:13:8f:3c:55:1c:07:c3:20:a3:ef:7f:f1:cc:
8a:c7:73:08:d2:ed:86:bf:af:85:36:a6:c8:62:8e:b0:eb:8a:
e6:63:0c:06:84:97:de:78:f7:42:a9:2e:1f:8b:f8:9c:8d:8d:
ac:35:66:dd:ce:0d:49:bd:57:65:ae:ee:73:78:aa:6d:40:a9:
39:4c:e3:27:f7:2b:98:32:fa:68:04:6e:be:d1:32:b7:ae:bf:
d7:71:47:bc:3b:e7:21:e4:09:a1:24:4e:07:f9:d4:e3:d6:0e:
6e:c4:f8:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSr4eI5yJOdTO7gWaYx4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OWY0ZWQ2NjIwYzg5NjA1MjFmYmI4MWZmNzJlODM3ZGMw
MDM4YWYwHhcNMjQwMTAxMTgzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODgzNzFkNGJmMGEwMjgxMmQyNTlhZGEyZjIyZWM5NDQ3NTYzOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpjCbW2OMVM4pllXSj5F/VmPxmWF
ZRH+cmrXnJ7qG8LNbscSYY4luqh9vsKUeLWVcqpJvAxsAOcFoYGfAz7/H5LldwWZ
W6vfjdWIPDJDeUCP92K9Mu8Xxneqw51cRvUGI0DREvSmPM72uKb+nlf8M2qFJUpT
nUBmUbgTsO5nyHM1kxuaDoggo8S8e6N0DQiaViiPYzZwfRKjXR5i6r4OGwdqBZ69
RVCtNCEa+phJIiqx6Hp2aLI7nt/mu4lZKnrP90Vsuv5fdxg3peDXqvphEfYRxkwp
ECdksObxhanCsLOV3GBXIqHZ9iKBwmR9Cw/vjhKZsiricx+pgsBbQi035wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJiDcdS/CgKBLSWa2i8i7JRHVjkSMB8GA1UdIwQY
MBaAFBafTtZiDIlgUh+7gf9y6DfcADivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWIt
Y2Y1ZmIwNDI1NjZhLzEvbUlOeDFMOEtBb0V0SlpyYUx5THNsRWRXT1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWItY2Y1ZmIwNDI1NjZh
LzEvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwZfwMA8E
AgACMAkDBwAgAQZ4AtAwDQYJKoZIhvcNAQELBQADggEBABcAqPABZSg2cWZOHN2m
twu3p2mPbddXxOyXxJIS0q3h8S7SWg6744Aosfzc22ps5G5R/w96g54CSwyGaSl8
DD9pNeEAG7AG5A4Rk0RdfsFbnlVh9YBFOF2GlC2BVGpJDm7tegj544fjBa7llSHY
pU7ZxmvFEkRU9mq9thaRBhjUt/K6Kh/sn6aQMW5xmuDFMY8kTiFLE488VRwHwyCj
73/xzIrHcwjS7Ya/r4U2pshijrDriuZjDAaEl95490KpLh+L+JyNjaw1Zt3ODUm9
V2Wu7nN4qm1AqTlM4yf3K5gy+mgEbr7RMreuv9dxR7w75yHkCaEkTgf51OPWDm7E
+IQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:09 2024 by rpki-client on console-ams.rpki-client.org