Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/1-51_c6HgqWfjNN3Jr2Do6SleWHk.roa
File: 1-51_c6HgqWfjNN3Jr2Do6SleWHk.roa (raw, json)
Hash identifier: 8IeL51E8sksdbK1sLGDHSWvsn6aJ80YkaFE1juEndFM=
Subject key identifier: FB:9D:7F:73:A1:E0:A9:67:E3:34:DD:C9:AF:60:E8:E9:29:5E:58:79
Certificate issuer: /CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Certificate serial: 0191F623D416D9022C4FCC7B010AD3C397EC
Authority key identifier: 98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/1-51_c6HgqWfjNN3Jr2Do6SleWHk.roa
Signing time: Sun 15 Sep 2024 14:43:48 +0000
ROA not before: Sun 15 Sep 2024 14:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.134.253.0/24 maxlen: 24
193.135.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/mGM1ShEa9tXhrRDaOK2BRLa-ho4.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/mGM1ShEa9tXhrRDaOK2BRLa-ho4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f6:23:d4:16:d9:02:2c:4f:cc:7b:01:0a:d3:c3:97:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Validity
Not Before: Sep 15 14:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb9d7f73a1e0a967e334ddc9af60e8e9295e5879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b7:8f:5b:91:5f:99:61:8c:3f:f9:8b:1d:02:
78:61:87:64:56:91:40:5e:13:fb:49:26:0a:0b:77:
5d:b9:b9:c6:75:f6:cf:2f:96:ac:14:45:7e:f3:99:
b8:f3:69:25:06:df:0b:c0:36:76:0d:70:0d:04:6e:
44:6b:07:24:e3:0b:38:5c:a5:50:7a:23:e5:5c:5e:
d9:49:eb:2c:44:bd:55:84:0a:b6:3c:b4:fd:b9:b0:
8e:66:6a:af:51:44:e9:ce:bd:d5:8c:57:8c:e6:0f:
3b:23:a2:69:1e:df:10:48:51:58:d3:08:f8:f7:36:
79:7d:77:df:96:c4:09:d2:c7:21:34:af:ec:69:10:
e9:92:58:b9:3a:e2:41:56:45:2b:20:a9:17:42:ae:
52:e4:51:cd:da:eb:3c:b8:ee:a9:92:6f:58:f3:b5:
b2:7b:d9:80:77:78:3e:b5:26:e1:b7:b1:b1:4c:73:
6e:63:8a:e7:8d:3a:be:96:4f:57:6e:6d:dc:5b:c4:
1b:7c:e0:84:9b:c9:23:7a:49:54:e5:da:52:50:2e:
0d:ee:cb:81:64:b7:15:59:c5:91:7b:d1:06:e1:7a:
0a:07:41:0e:b9:78:c4:6b:29:91:b1:a1:ac:ae:f7:
89:3d:3e:f9:9e:d1:91:6e:9a:cd:57:7c:74:ba:a7:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:9D:7F:73:A1:E0:A9:67:E3:34:DD:C9:AF:60:E8:E9:29:5E:58:79
X509v3 Authority Key Identifier:
keyid:98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/1-51_c6HgqWfjNN3Jr2Do6SleWHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/mGM1ShEa9tXhrRDaOK2BRLa-ho4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.253.0/24
193.135.101.0/24
Signature Algorithm: sha256WithRSAEncryption
19:5e:2d:85:4f:82:ad:a9:6d:29:18:52:3e:28:f1:a8:cf:b0:
7f:01:34:6e:2e:ad:7d:96:ba:46:d0:29:63:4b:ea:3a:ea:b2:
a7:32:56:4a:e4:01:19:86:19:3f:3e:59:24:60:f9:77:65:3c:
b0:98:60:5a:8d:25:78:df:90:84:18:58:f3:bd:7c:1b:8e:e6:
57:e3:c5:fa:6a:a0:6d:0f:42:f1:25:17:5d:1d:d6:56:8a:7d:
e0:1f:fd:a5:51:a6:a3:b5:c6:d5:d5:97:fb:9e:87:fa:94:db:
61:b7:52:f7:b8:1a:95:ff:aa:89:3e:16:61:19:0d:22:7a:aa:
f4:4f:22:24:73:5a:6e:04:6a:b7:34:59:60:f5:5f:86:ad:0a:
be:fd:a4:06:b8:cc:2a:7e:f1:d4:e1:3d:c2:38:37:d5:cf:aa:
99:5a:bc:d5:f1:cf:0d:f2:54:88:4b:e7:7d:7f:12:2c:69:7c:
f7:58:64:d7:fa:1c:38:06:a1:c4:ab:f3:6e:da:05:5d:85:a9:
0e:38:0d:2e:17:8c:3b:20:ba:ac:72:b8:43:a6:27:0d:22:1e:
39:05:62:c4:af:7f:78:87:20:64:30:71:31:fc:98:9b:a9:77:
09:28:28:15:2c:44:4c:1e:89:7a:f0:69:5b:ac:25:08:98:22:
5b:4e:81:c6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZH2I9QW2QIsT8x7AQrTw5fsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjMzNTRhMTExYWY2ZDVlMWFkMTBkYTM4YWQ4MTQ0YjZi
ZTg2OGUwHhcNMjQwOTE1MTQ0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjlkN2Y3M2ExZTBhOTY3ZTMzNGRkYzlhZjYwZThlOTI5NWU1ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrePW5FfmWGMP/mLHQJ4YYdkVpFA
XhP7SSYKC3ddubnGdfbPL5asFEV+85m482klBt8LwDZ2DXANBG5Eawck4ws4XKVQ
eiPlXF7ZSessRL1VhAq2PLT9ubCOZmqvUUTpzr3VjFeM5g87I6JpHt8QSFFY0wj4
9zZ5fXfflsQJ0schNK/saRDpkli5OuJBVkUrIKkXQq5S5FHN2us8uO6pkm9Y87Wy
e9mAd3g+tSbht7GxTHNuY4rnjTq+lk9Xbm3cW8QbfOCEm8kjeklU5dpSUC4N7suB
ZLcVWcWRe9EG4XoKB0EOuXjEaymRsaGsrveJPT75ntGRbprNV3x0uqdD/wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPudf3Oh4Kln4zTdya9g6OkpXlh5MB8GA1UdIwQY
MBaAFJhjNUoRGvbV4a0Q2jitgUS2voaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGIt
NTNmNTc1MDRlZjM1LzEvMS01MV9jNkhncVdmak5OM0pyMkRvNlNsZVdIay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjEvYmVhODQ3LWE3ODMtNDg5ZC1hZTRiLTUzZjU3NTA0ZWYz
NS8xL21HTTFTaEVhOXRYaHJSRGFPSzJCUkxhLWhvNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMGG/QME
AMGHZTANBgkqhkiG9w0BAQsFAAOCAQEAGV4thU+CraltKRhSPijxqM+wfwE0bi6t
fZa6RtApY0vqOuqypzJWSuQBGYYZPz5ZJGD5d2U8sJhgWo0leN+QhBhY8718G47m
V+PF+mqgbQ9C8SUXXR3WVop94B/9pVGmo7XG1dWX+56H+pTbYbdS97galf+qiT4W
YRkNInqq9E8iJHNabgRqtzRZYPVfhq0Kvv2kBrjMKn7x1OE9wjg31c+qmVq81fHP
DfJUiEvnfX8SLGl891hk1/ocOAahxKvzbtoFXYWpDjgNLheMOyC6rHK4Q6YnDSIe
OQVixK9/eIcgZDBxMfyYm6l3CSgoFSxETB6JevBpW6wlCJgiW06Bxg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:28:41 2024 by rpki-client on console-fra.rpki-client.org