Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/tKcJ7cK8YTDpJbcUUK_4eURk_X4.roa
File: tKcJ7cK8YTDpJbcUUK_4eURk_X4.roa (raw, json)
Hash identifier: IzsPIF5RtaP+WwJ3d64OUgSLbl03PGkJlsk3ktJx3X0=
Subject key identifier: B4:A7:09:ED:C2:BC:61:30:E9:25:B7:14:50:AF:F8:79:44:64:FD:7E
Certificate issuer: /CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Certificate serial: 018CC7257F71448BE56532F0F516E194C534
Authority key identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/tKcJ7cK8YTDpJbcUUK_4eURk_X4.roa
Signing time: Mon 01 Jan 2024 22:29:32 +0000
ROA not before: Mon 01 Jan 2024 22:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212774
IP address blocks: 193.46.58.0/24 maxlen: 24
193.46.59.0/24 maxlen: 24
2001:67c:960::/48 maxlen: 48
2001:67c:478::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7f:71:44:8b:e5:65:32:f0:f5:16:e1:94:c5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Validity
Not Before: Jan 1 22:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4a709edc2bc6130e925b71450aff8794464fd7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0d:d8:c2:13:16:8e:40:48:f4:69:2d:c2:fc:
c0:a3:05:48:0d:f3:d1:7f:a1:0a:e5:e4:06:95:23:
b7:23:bc:ed:20:fb:27:fb:a8:b9:fa:db:6f:d1:58:
ba:c5:f0:46:fa:9a:f9:28:f1:88:f9:0e:5f:a3:15:
4a:41:07:64:9f:8c:29:f3:00:15:d0:75:27:0e:21:
54:c5:38:4a:89:1f:fb:ab:85:a2:24:ce:6a:25:ae:
39:df:15:dc:eb:29:13:16:20:16:22:0e:41:71:57:
e2:76:d1:e1:6a:39:e8:68:e7:f5:32:d4:91:a0:05:
87:f9:c8:6a:6e:d4:af:19:c4:07:a2:f6:5e:f3:d7:
79:4c:67:ea:38:77:2e:01:dc:41:66:06:52:58:cf:
c4:38:d3:6b:e6:b4:08:54:1b:50:82:4d:91:92:d0:
ab:de:35:ec:8a:fa:f7:0f:ec:f5:44:9e:22:e0:54:
7b:50:35:7f:b1:a0:48:04:37:22:01:37:35:e4:87:
d5:e6:91:94:c3:03:9d:ca:b4:ee:59:ef:45:c0:a9:
50:d7:3e:67:41:88:87:c0:a9:58:cf:cf:95:96:d4:
43:73:39:04:63:6b:a2:1f:37:ee:b2:ad:e0:2f:95:
ec:da:ef:50:54:36:ba:39:b7:3c:55:fc:b4:20:97:
99:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A7:09:ED:C2:BC:61:30:E9:25:B7:14:50:AF:F8:79:44:64:FD:7E
X509v3 Authority Key Identifier:
keyid:98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/tKcJ7cK8YTDpJbcUUK_4eURk_X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.58.0/23
IPv6:
2001:67c:478::/48
2001:67c:960::/48
Signature Algorithm: sha256WithRSAEncryption
11:7e:ca:05:30:5a:53:99:68:99:77:fb:0c:64:07:f4:63:d0:
18:4d:d5:bc:86:c6:94:53:29:b8:94:6c:3f:e4:58:32:d7:78:
db:c2:db:8b:60:e0:f5:d8:a5:1e:00:85:ed:ea:c7:a2:f8:da:
36:c5:32:bc:3a:f9:06:b0:6e:40:29:c6:26:c9:44:ac:33:ff:
1b:63:31:a8:96:0a:e2:8c:bf:ec:18:40:c5:4d:3b:2c:ce:c8:
9e:82:69:d8:35:03:65:79:69:76:50:b1:55:17:24:c9:8e:a2:
68:43:19:42:55:64:48:5f:80:01:37:1c:50:bd:5a:2f:dc:2b:
56:37:bb:20:92:71:22:45:49:86:f2:ba:9e:67:2b:b4:c5:7a:
81:c3:60:48:ca:4b:35:ef:83:0f:d7:ca:a6:f6:0b:52:9a:6f:
76:34:6c:54:6d:30:3d:04:44:a9:26:06:f3:e4:f3:02:39:07:
f2:48:e9:3d:85:a4:37:ff:1b:af:b2:ca:09:49:f1:a9:79:49:
6b:b4:da:52:42:34:27:7a:70:a8:31:bb:4a:5b:81:6b:d7:51:
96:29:6c:25:63:be:7c:c8:3f:43:1f:b4:4e:1e:27:98:f1:67:
bf:56:6e:cc:41:ef:46:f2:6d:bc:50:3b:7c:cc:28:47:dc:80:
b6:c8:fa:4f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJX9xRIvlZTLw9RbhlMU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NTRiZDhhODYzYTMxODk1Y2M2Y2I5MjJmMzAwOGIzZjA4
YWFkYWUwHhcNMjQwMTAxMjIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE3MDllZGMyYmM2MTMwZTkyNWI3MTQ1MGFmZjg3OTQ0NjRmZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA3YwhMWjkBI9GktwvzAowVIDfPR
f6EK5eQGlSO3I7ztIPsn+6i5+ttv0Vi6xfBG+pr5KPGI+Q5foxVKQQdkn4wp8wAV
0HUnDiFUxThKiR/7q4WiJM5qJa453xXc6ykTFiAWIg5BcVfidtHhajnoaOf1MtSR
oAWH+chqbtSvGcQHovZe89d5TGfqOHcuAdxBZgZSWM/EONNr5rQIVBtQgk2RktCr
3jXsivr3D+z1RJ4i4FR7UDV/saBIBDciATc15IfV5pGUwwOdyrTuWe9FwKlQ1z5n
QYiHwKlYz8+VltRDczkEY2uiHzfusq3gL5Xs2u9QVDa6Obc8Vfy0IJeZ+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLSnCe3CvGEw6SW3FFCv+HlEZP1+MB8GA1UdIwQY
MBaAFJhUvYqGOjGJXMbLki8wCLPwiq2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODIt
YzUyMmI3NGRkY2ZkLzEvdEtjSjdjSzhZVERwSmJjVVVLXzRlVVJrX1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODItYzUyMmI3NGRkY2Zk
LzEvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwS46MBgE
AgACMBIDBwAgAQZ8BHgDBwAgAQZ8CWAwDQYJKoZIhvcNAQELBQADggEBABF+ygUw
WlOZaJl3+wxkB/Rj0BhN1byGxpRTKbiUbD/kWDLXeNvC24tg4PXYpR4Ahe3qx6L4
2jbFMrw6+QawbkApxibJRKwz/xtjMaiWCuKMv+wYQMVNOyzOyJ6Cadg1A2V5aXZQ
sVUXJMmOomhDGUJVZEhfgAE3HFC9Wi/cK1Y3uyCScSJFSYbyup5nK7TFeoHDYEjK
SzXvgw/Xyqb2C1Kab3Y0bFRtMD0ERKkmBvPk8wI5B/JI6T2FpDf/G6+yyglJ8al5
SWu02lJCNCd6cKgxu0pbgWvXUZYpbCVjvnzIP0MftE4eJ5jxZ79WbsxB70bybbxQ
O3zMKEfcgLbI+k8=
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:53:55 2024 by rpki-client on console-fra.rpki-client.org