Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/yCiI03ZFWujAGO3OjB1j3TafZKI.roa
File: yCiI03ZFWujAGO3OjB1j3TafZKI.roa (raw, json)
Hash identifier: vT6eOB4HUmD7iFGCAoQiY3i0+D7HXQGJq0pAUnkWZKE=
Subject key identifier: C8:28:88:D3:76:45:5A:E8:C0:18:ED:CE:8C:1D:63:DD:36:9F:64:A2
Certificate issuer: /CN=d7498cd327ea33bff8629d7f49d6be3adc5ff32c
Certificate serial: 018CC7271F217D0B11059222063AF01C5C63
Authority key identifier: D7:49:8C:D3:27:EA:33:BF:F8:62:9D:7F:49:D6:BE:3A:DC:5F:F3:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10mM0yfqM7_4Yp1_Sda-Otxf8yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/yCiI03ZFWujAGO3OjB1j3TafZKI.roa
Signing time: Mon 01 Jan 2024 22:31:18 +0000
ROA not before: Mon 01 Jan 2024 22:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 193.247.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/10mM0yfqM7_4Yp1_Sda-Otxf8yw.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/10mM0yfqM7_4Yp1_Sda-Otxf8yw.mft
rsync://rpki.ripe.net/repository/DEFAULT/10mM0yfqM7_4Yp1_Sda-Otxf8yw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1f:21:7d:0b:11:05:92:22:06:3a:f0:1c:5c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7498cd327ea33bff8629d7f49d6be3adc5ff32c
Validity
Not Before: Jan 1 22:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c82888d376455ae8c018edce8c1d63dd369f64a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0d:34:f9:08:db:27:70:f2:6f:71:40:72:ff:
c3:96:1b:57:35:40:aa:6a:dd:76:8a:32:8a:02:ab:
42:07:97:29:cd:25:16:71:c1:fd:09:ef:ef:fa:71:
fd:47:84:bb:52:41:04:ac:79:95:2d:70:77:00:ca:
4a:27:37:2b:30:4a:3f:f9:1f:8c:b6:a2:ff:3b:c9:
d1:06:49:21:66:a9:c6:88:39:d6:d2:78:0c:a1:c4:
32:1f:b4:10:3d:cd:40:b6:a3:b0:a8:b6:eb:cf:68:
a1:b1:cd:de:7a:27:b3:60:67:c5:50:a8:dc:62:8e:
9b:77:da:ac:7c:de:98:e4:12:17:ae:4b:ad:25:0e:
ae:e5:cb:19:f2:2b:f7:26:29:22:05:ef:6b:a2:7e:
e7:a3:78:4a:01:f0:48:4e:78:6b:ec:67:6b:ca:46:
42:12:26:09:28:74:cc:a6:b2:c0:2f:72:cc:98:69:
23:fe:ef:b9:0a:e7:63:13:95:11:f9:41:6d:28:c3:
a9:ae:4b:8f:13:96:f7:83:d0:a5:35:d1:b5:a5:93:
35:6c:e5:4b:78:f7:5b:5e:c7:47:df:b3:17:06:da:
2d:6f:b8:81:96:7c:54:a8:b3:9c:58:64:1d:81:a1:
56:16:00:bb:e7:68:3c:a1:9b:f4:47:7b:df:bf:bf:
48:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:28:88:D3:76:45:5A:E8:C0:18:ED:CE:8C:1D:63:DD:36:9F:64:A2
X509v3 Authority Key Identifier:
keyid:D7:49:8C:D3:27:EA:33:BF:F8:62:9D:7F:49:D6:BE:3A:DC:5F:F3:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10mM0yfqM7_4Yp1_Sda-Otxf8yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/yCiI03ZFWujAGO3OjB1j3TafZKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/27c4c1-1577-4ee1-aa24-ade2babcb8d0/1/10mM0yfqM7_4Yp1_Sda-Otxf8yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.190.0/23
Signature Algorithm: sha256WithRSAEncryption
33:db:4c:ac:15:32:b5:51:04:2a:33:3d:8f:08:60:7b:1f:d5:
89:5c:78:d2:36:4f:f5:5a:80:76:31:fc:a0:1e:95:e8:5f:7e:
31:fc:da:8a:73:6c:55:52:30:15:ac:ed:7e:dc:56:1b:0a:ce:
2c:ae:62:1c:c6:3c:89:42:63:49:12:96:7e:cc:51:ae:b7:64:
f3:f0:ee:09:0f:b2:10:8d:3e:e7:be:10:93:81:30:ec:f7:e8:
d1:2f:39:04:ad:bb:fc:5e:2d:f2:15:b9:85:f7:0c:9e:b2:66:
69:db:37:1b:e2:7a:76:d4:4f:98:07:96:b1:29:61:bd:8f:20:
41:d6:0d:74:07:7f:4d:4b:07:45:3d:3b:cb:6d:ed:4e:89:cf:
4f:ab:e2:92:f2:08:f7:91:aa:e1:1d:21:c1:c3:50:db:48:6d:
01:67:8d:53:27:c5:4f:1b:9d:e1:e9:f4:ed:c9:84:3a:e3:cc:
b7:77:b0:27:cf:f4:26:e1:4b:46:b7:8d:c8:b2:a8:cf:77:65:
0e:6f:79:d3:18:f1:7f:7c:7b:3d:0f:99:3e:2e:16:86:ab:43:
f7:09:d1:93:ed:b1:8d:c6:df:13:cd:3a:8c:e3:da:91:11:7d:
fe:55:6d:c5:f6:74:61:20:e5:ac:cf:49:b8:ea:88:61:6a:97:
0d:be:72:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJx8hfQsRBZIiBjrwHFxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDk4Y2QzMjdlYTMzYmZmODYyOWQ3ZjQ5ZDZiZTNhZGM1
ZmYzMmMwHhcNMjQwMTAxMjIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI4ODhkMzc2NDU1YWU4YzAxOGVkY2U4YzFkNjNkZDM2OWY2NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA00+QjbJ3Dyb3FAcv/DlhtXNUCq
at12ijKKAqtCB5cpzSUWccH9Ce/v+nH9R4S7UkEErHmVLXB3AMpKJzcrMEo/+R+M
tqL/O8nRBkkhZqnGiDnW0ngMocQyH7QQPc1AtqOwqLbrz2ihsc3eeiezYGfFUKjc
Yo6bd9qsfN6Y5BIXrkutJQ6u5csZ8iv3JikiBe9ron7no3hKAfBITnhr7GdrykZC
EiYJKHTMprLAL3LMmGkj/u+5CudjE5UR+UFtKMOprkuPE5b3g9ClNdG1pZM1bOVL
ePdbXsdH37MXBtotb7iBlnxUqLOcWGQdgaFWFgC752g8oZv0R3vfv79I7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgoiNN2RVrowBjtzowdY902n2SiMB8GA1UdIwQY
MBaAFNdJjNMn6jO/+GKdf0nWvjrcX/MsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBtTTB5ZnFNN180WXAxX1NkYS1PdHhmOHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yN2M0YzEtMTU3Ny00ZWUxLWFhMjQt
YWRlMmJhYmNiOGQwLzEveUNpSTAzWkZXdWpBR08zT2pCMWozVGFmWktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yN2M0YzEtMTU3Ny00ZWUxLWFhMjQtYWRlMmJhYmNiOGQw
LzEvMTBtTTB5ZnFNN180WXAxX1NkYS1PdHhmOHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwfe+MA0G
CSqGSIb3DQEBCwUAA4IBAQAz20ysFTK1UQQqMz2PCGB7H9WJXHjSNk/1WoB2Mfyg
HpXoX34x/NqKc2xVUjAVrO1+3FYbCs4srmIcxjyJQmNJEpZ+zFGut2Tz8O4JD7IQ
jT7nvhCTgTDs9+jRLzkErbv8Xi3yFbmF9wyesmZp2zcb4np21E+YB5axKWG9jyBB
1g10B39NSwdFPTvLbe1Oic9Pq+KS8gj3karhHSHBw1DbSG0BZ41TJ8VPG53h6fTt
yYQ648y3d7Anz/Qm4UtGt43IsqjPd2UOb3nTGPF/fHs9D5k+LhaGq0P3CdGT7bGN
xt8TzTqM49qREX3+VW3F9nRhIOWsz0m46ohhapcNvnIL
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:09 2024 by rpki-client on console-ams.rpki-client.org