Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/9lqNTB-Sy4YR1Ab0XI57a66X9Bg.roa
File: 9lqNTB-Sy4YR1Ab0XI57a66X9Bg.roa (raw, json)
Hash identifier: Aq5VEaDTAfSmxn/0pxATZ4zrvvQwH4BRl0xMdXrXbuw=
Subject key identifier: F6:5A:8D:4C:1F:92:CB:86:11:D4:06:F4:5C:8E:7B:6B:AE:97:F4:18
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 018CC50143C4C690DA58D4CA993FEFEA8321
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/9lqNTB-Sy4YR1Ab0XI57a66X9Bg.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44957
IP address blocks: 93.151.0.0/17 maxlen: 17
93.179.185.0/24 maxlen: 24
2.33.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 18:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:43:c4:c6:90:da:58:d4:ca:99:3f:ef:ea:83:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f65a8d4c1f92cb8611d406f45c8e7b6bae97f418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:75:ae:11:0b:63:04:2b:3a:8c:b7:34:f0:64:
1e:fa:f8:fc:92:2b:4d:09:90:a8:17:52:91:11:93:
2a:ba:41:68:35:1b:47:5f:c9:1d:52:92:21:f5:62:
6d:68:fa:0d:9e:6c:d7:ba:dc:de:67:ad:a7:9e:fc:
c0:5e:e2:4a:ae:e4:96:88:8c:21:2d:5b:6a:2c:50:
f3:bb:7c:1a:e8:3d:4d:9f:d9:7d:37:1c:dc:b8:23:
38:94:f0:71:e7:40:08:a4:0a:3b:62:32:e5:17:25:
dd:11:39:23:79:f1:f6:b4:6f:90:77:7b:b9:d2:6d:
17:a0:5c:dc:91:96:db:cf:0e:27:ec:ee:3e:42:26:
70:02:c1:eb:89:41:ae:9f:35:d6:f5:80:29:a7:1f:
36:06:95:fc:b8:a8:0e:94:8e:09:5a:a7:59:13:e9:
d7:b1:fd:51:a5:4c:64:9c:6c:31:00:1e:9e:a8:a1:
9d:03:c4:a1:5c:11:74:61:ff:39:ec:0f:9b:66:ff:
3a:9a:54:b7:f2:28:92:07:e4:26:0c:9e:16:a8:22:
29:96:57:7c:64:b6:fe:b4:79:76:6e:75:f1:b8:47:
3b:71:a5:1c:97:e0:2f:18:e8:c1:f2:63:24:ab:63:
d3:22:60:4e:2a:74:88:04:00:ba:44:f0:4b:22:ac:
de:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5A:8D:4C:1F:92:CB:86:11:D4:06:F4:5C:8E:7B:6B:AE:97:F4:18
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/9lqNTB-Sy4YR1Ab0XI57a66X9Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.33.0.0/16
93.151.0.0/17
93.179.185.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a8:04:d6:b0:7b:88:70:f8:99:84:a5:93:df:0e:7c:eb:30:
98:3b:08:12:86:98:14:55:c2:a6:73:52:79:dc:9f:8c:59:38:
ce:e0:e5:de:13:b7:f0:d3:da:a9:a2:ed:08:35:8f:cb:d9:4c:
0d:36:19:6c:66:48:db:89:0c:ee:8f:46:ca:2d:cf:b7:6d:1d:
17:75:f2:dd:b1:c3:d1:a3:ed:49:93:96:24:b5:e7:39:c8:6f:
3a:12:d4:cb:1c:ba:4c:10:ae:ae:e7:b6:ba:67:fa:1c:95:ee:
3f:22:7b:cd:5b:ff:9b:1f:72:1c:12:f2:bd:44:c1:17:c2:d1:
d0:6d:2f:47:6f:b0:dc:18:65:04:7f:f9:74:9e:7c:3b:12:d7:
de:ec:fc:0d:89:5d:d9:60:eb:b8:54:23:ed:d8:47:e7:f5:a3:
fc:71:9f:e4:86:2c:fd:f4:94:7f:d8:ae:f5:aa:16:4a:f9:d3:
a0:04:0c:e7:d1:04:e8:c5:a0:3d:c0:02:4c:82:61:22:8b:f7:
76:16:0b:a8:11:28:e8:9e:00:e8:2c:14:0c:6b:4b:41:5b:eb:
a9:59:b9:be:3f:4a:de:f8:00:51:20:ce:79:27:57:50:24:66:
6a:3e:39:31:a1:8b:e4:e9:22:52:81:53:dc:46:53:d7:db:29:
52:2e:03:05
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzFAUPExpDaWNTKmT/v6oMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVhOGQ0YzFmOTJjYjg2MTFkNDA2ZjQ1YzhlN2I2YmFlOTdmNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3WuEQtjBCs6jLc08GQe+vj8kitN
CZCoF1KREZMqukFoNRtHX8kdUpIh9WJtaPoNnmzXutzeZ62nnvzAXuJKruSWiIwh
LVtqLFDzu3wa6D1Nn9l9NxzcuCM4lPBx50AIpAo7YjLlFyXdETkjefH2tG+Qd3u5
0m0XoFzckZbbzw4n7O4+QiZwAsHriUGunzXW9YAppx82BpX8uKgOlI4JWqdZE+nX
sf1RpUxknGwxAB6eqKGdA8ShXBF0Yf857A+bZv86mlS38iiSB+QmDJ4WqCIplld8
ZLb+tHl2bnXxuEc7caUcl+AvGOjB8mMkq2PTImBOKnSIBAC6RPBLIqzevwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPZajUwfksuGEdQG9FyOe2uul/QYMB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvOWxxTlRCLVN5NFlSMUFiMFhJNTdhNjZYOUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAAiEDBAdd
lwADBABds7kwDQYJKoZIhvcNAQELBQADggEBABWoBNawe4hw+JmEpZPfDnzrMJg7
CBKGmBRVwqZzUnncn4xZOM7g5d4Tt/DT2qmi7Qg1j8vZTA02GWxmSNuJDO6PRsot
z7dtHRd18t2xw9Gj7UmTliS15znIbzoS1MscukwQrq7ntrpn+hyV7j8ie81b/5sf
chwS8r1EwRfC0dBtL0dvsNwYZQR/+XSefDsS197s/A2JXdlg67hUI+3YR+f1o/xx
n+SGLP30lH/YrvWqFkr506AEDOfRBOjFoD3AAkyCYSKL93YWC6gRKOieAOgsFAxr
S0Fb66lZub4/St74AFEgznknV1AkZmo+OTGhi+TpIlKBU9xGU9fbKVIuAwU=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:00:21 2024 by rpki-client on console-fra.rpki-client.org