Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/uX6DKhp1Uek74rwRo_P4Rd5WYr4.roa
File: uX6DKhp1Uek74rwRo_P4Rd5WYr4.roa (raw, json)
Hash identifier: vvo2mRFCLD5iRut0t3nJPkQaUXkJOsMzuKE3vrMQ3m8=
Subject key identifier: B9:7E:83:2A:1A:75:51:E9:3B:E2:BC:11:A3:F3:F8:45:DE:56:62:BE
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 019266262529950FD73B8299E660CE22D383
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/uX6DKhp1Uek74rwRo_P4Rd5WYr4.roa
Signing time: Mon 07 Oct 2024 08:43:48 +0000
ROA not before: Mon 07 Oct 2024 08:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.64.89.0/24 maxlen: 24
194.163.68.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
194.233.31.0/24 maxlen: 24
194.233.148.0/24 maxlen: 24
194.233.149.0/24 maxlen: 24
194.233.151.0/24 maxlen: 24
195.180.128.0/22 maxlen: 24
195.180.149.0/24 maxlen: 24
195.252.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.mft
rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:26:25:29:95:0f:d7:3b:82:99:e6:60:ce:22:d3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Oct 7 08:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b97e832a1a7551e93be2bc11a3f3f845de5662be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:90:33:68:aa:22:1b:49:4a:ea:cd:4a:c5:d6:
6a:a3:68:cf:94:3b:36:a3:06:1a:8f:a4:51:aa:83:
fe:c6:38:e6:84:2e:0a:94:ef:cd:00:8c:31:af:b0:
11:0e:85:86:7b:2b:e3:f3:ed:14:c9:fa:81:64:13:
cf:e6:5f:2e:54:d8:eb:23:9e:e0:74:43:72:12:c2:
7e:f0:5a:22:36:f6:24:2c:33:f2:4b:69:31:2e:3d:
13:08:6c:68:cf:c8:5a:ef:56:c4:bb:7c:57:4b:d2:
06:d4:0b:bc:2a:e8:9e:03:b7:67:a5:7e:df:ee:b7:
3a:e5:da:82:ea:11:b9:e2:be:ce:82:35:ec:d5:b0:
a5:4d:71:6c:71:b5:f1:45:ba:9e:b1:0a:3f:5e:ee:
21:f9:b4:65:58:43:dc:1c:c9:e1:8c:10:41:52:e7:
9d:9e:f5:6f:9f:98:f6:0d:0e:61:ea:17:a3:e9:8c:
5e:4c:79:b1:78:a1:6d:6d:2f:4e:a9:b3:1a:78:65:
7f:d9:d7:df:95:cf:7f:21:ce:61:33:69:69:01:e0:
ce:99:5e:42:96:10:57:a9:4d:4d:a4:41:5b:33:18:
34:bd:a1:ff:48:a0:d7:f4:9d:7c:c7:35:8a:54:1f:
27:64:b9:0e:5a:0e:aa:28:f9:39:06:e8:57:85:12:
61:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7E:83:2A:1A:75:51:E9:3B:E2:BC:11:A3:F3:F8:45:DE:56:62:BE
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/uX6DKhp1Uek74rwRo_P4Rd5WYr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.89.0/24
194.163.68.0/24
194.163.92.0/24
194.233.31.0/24
194.233.148.0/23
194.233.151.0/24
195.180.128.0/22
195.180.149.0/24
195.252.175.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:54:5c:e2:c3:66:c9:1c:76:b7:7b:bf:9f:0d:83:10:25:79:
cb:33:9d:a0:c8:d4:bd:ca:6f:85:3a:36:b0:61:8f:e7:ee:18:
64:08:af:46:31:d5:df:f7:d8:32:7a:45:b3:55:20:27:4e:c5:
48:33:ca:45:e2:c9:05:8b:86:e3:03:6c:1b:00:a4:fe:d7:f4:
38:37:ba:e6:6a:93:23:82:da:1f:0c:11:ac:3e:70:f6:ad:51:
cd:7a:c5:67:ca:b5:2e:7e:89:ae:b3:03:95:26:93:06:23:a0:
b3:a0:aa:3e:3f:38:11:68:0d:d8:29:52:f7:a1:86:b2:00:6d:
02:8c:d7:62:05:9a:4a:61:a0:69:c7:2b:9d:fe:e4:ec:5e:5e:
66:6d:1a:72:27:fd:d1:05:7b:03:95:6a:32:52:95:cc:63:b1:
e1:02:27:07:a6:27:94:1a:e6:a0:14:17:3b:cd:77:25:54:81:
1a:b3:3b:2e:92:6f:9f:58:48:d6:7a:8a:c0:23:83:c6:55:15:
e3:d0:30:72:32:81:2e:71:ea:18:71:85:2f:77:d5:57:bf:d0:
ee:c9:aa:3e:59:ea:79:00:d7:b5:f4:17:f2:d1:01:a6:f1:37:
b3:40:bc:37:65:cb:f6:38:ef:c4:d3:e8:ca:01:e1:9e:c8:70:
69:86:e2:17
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZJmJiUplQ/XO4KZ5mDOItODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQxMDA3MDg0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdlODMyYTFhNzU1MWU5M2JlMmJjMTFhM2YzZjg0NWRlNTY2MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpAzaKoiG0lK6s1KxdZqo2jPlDs2
owYaj6RRqoP+xjjmhC4KlO/NAIwxr7ARDoWGeyvj8+0UyfqBZBPP5l8uVNjrI57g
dENyEsJ+8FoiNvYkLDPyS2kxLj0TCGxoz8ha71bEu3xXS9IG1Au8KuieA7dnpX7f
7rc65dqC6hG54r7OgjXs1bClTXFscbXxRbqesQo/Xu4h+bRlWEPcHMnhjBBBUued
nvVvn5j2DQ5h6hej6YxeTHmxeKFtbS9OqbMaeGV/2dfflc9/Ic5hM2lpAeDOmV5C
lhBXqU1NpEFbMxg0vaH/SKDX9J18xzWKVB8nZLkOWg6qKPk5BuhXhRJh7QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLl+gyoadVHpO+K8EaPz+EXeVmK+MB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvdVg2REtocDFVZWs3NHJ3Um9fUDRSZDVXWXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwkBZAwQA
wqNEAwQAwqNcAwQAwukfAwQBwumUAwQAwumXAwQCw7SAAwQAw7SVAwQAw/yvMA0G
CSqGSIb3DQEBCwUAA4IBAQBsVFziw2bJHHa3e7+fDYMQJXnLM52gyNS9ym+FOjaw
YY/n7hhkCK9GMdXf99gyekWzVSAnTsVIM8pF4skFi4bjA2wbAKT+1/Q4N7rmapMj
gtofDBGsPnD2rVHNesVnyrUufomuswOVJpMGI6CzoKo+PzgRaA3YKVL3oYayAG0C
jNdiBZpKYaBpxyud/uTsXl5mbRpyJ/3RBXsDlWoyUpXMY7HhAicHpieUGuagFBc7
zXclVIEaszsukm+fWEjWeorAI4PGVRXj0DByMoEuceoYcYUvd9VXv9Duyao+Wep5
ANe19Bfy0QGm8TezQLw3Zcv2OO/E0+jKAeGeyHBphuIX
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:18:53 2024 by rpki-client on console-fra.rpki-client.org