Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/kZP6MCw0QIKlmDn280ska7mo4XU.roa
File: kZP6MCw0QIKlmDn280ska7mo4XU.roa (raw, json)
Hash identifier: 61p1PWgE1/QLEDUpWO8SZlN6/NpIW53FIObOwZb1Djo=
Subject key identifier: 91:93:FA:30:2C:34:40:82:A5:98:39:F6:F3:4B:24:6B:B9:A8:E1:75
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018CC64B6B773734E4508E71DFC46AABC0AD
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/kZP6MCw0QIKlmDn280ska7mo4XU.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395886
IP address blocks: 193.227.121.0/24 maxlen: 24
45.153.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6b:77:37:34:e4:50:8e:71:df:c4:6a:ab:c0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9193fa302c344082a59839f6f34b246bb9a8e175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:08:b0:33:97:6d:2d:6c:31:cb:0e:5e:a1:
f0:16:22:e9:3e:6f:ae:3e:3c:8e:bc:b5:26:dc:28:
09:d2:80:4b:44:ee:62:67:02:e2:13:22:6e:98:2b:
27:67:70:4e:ae:d6:36:0a:d0:77:32:bf:1a:31:90:
42:c8:0b:0d:e4:cd:1d:bb:b9:a7:d7:1b:f5:e3:09:
8a:98:75:aa:a2:64:72:b0:ee:9b:4e:8b:64:d1:7a:
8f:ec:3a:e2:e8:b5:64:7c:52:0f:93:89:ba:28:e7:
84:41:8c:1c:3b:f1:2e:66:41:54:96:f1:f0:25:2a:
ca:4e:00:f6:f1:c7:20:3b:4f:1c:0b:7e:fb:11:1d:
09:bd:a8:19:f9:93:4e:d3:bc:94:74:bb:19:3c:34:
fc:0b:ad:95:9d:be:d8:fe:28:f1:d1:db:bf:f1:4f:
68:cd:5e:e6:a1:1c:4c:4c:56:0f:4f:46:1a:50:f0:
9f:07:78:e9:43:67:8a:78:e1:90:40:30:56:df:78:
b9:07:f5:ea:38:00:7f:aa:ce:5d:29:6c:1b:a8:6c:
64:a1:f7:1e:a4:76:bf:95:d9:8c:90:b0:db:34:2e:
73:4f:91:ce:58:3c:80:0e:c7:c3:f0:49:09:79:44:
cc:f4:34:e2:92:ea:33:6a:62:95:d7:79:9f:5e:60:
ad:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:93:FA:30:2C:34:40:82:A5:98:39:F6:F3:4B:24:6B:B9:A8:E1:75
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/kZP6MCw0QIKlmDn280ska7mo4XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.8.0/23
193.227.121.0/24
Signature Algorithm: sha256WithRSAEncryption
21:79:4a:28:4e:fa:fd:94:23:c5:23:5b:81:43:bc:5b:c1:ad:
94:3e:8a:d8:b3:bf:52:f3:55:1a:c9:c0:26:69:c4:e1:94:ab:
39:05:10:a5:d0:72:b5:3b:7e:00:ba:08:79:8e:26:b1:f7:e3:
48:b3:68:4c:7f:45:13:3b:a8:7f:24:d4:f9:b5:d9:ec:ef:43:
20:26:b2:18:a9:24:89:c0:a8:3f:e0:41:7d:50:7b:77:37:83:
41:d0:7f:ea:10:98:73:03:7b:0c:9c:a1:1e:51:9e:32:72:5d:
32:f2:5b:1c:67:bf:6a:7b:68:cf:75:26:5e:eb:14:20:ea:80:
6a:ec:7e:fd:29:dc:42:aa:df:49:26:c5:df:59:52:be:de:8d:
68:0a:85:84:41:09:bb:69:49:b7:20:de:b9:be:13:70:31:59:
54:56:0a:25:90:14:88:01:1f:a9:b4:eb:9c:ee:b8:0a:fd:0b:
21:1b:b4:3c:d2:47:e3:83:c3:7d:90:a2:2b:45:a9:37:08:3c:
7a:c2:a0:92:13:c4:c6:4e:9e:74:64:5e:3b:92:00:fd:34:ac:
59:83:8a:9a:47:79:51:33:b3:06:b9:24:a0:cd:69:cf:e0:82:
b2:40:a9:59:e8:df:26:65:03:44:71:a4:18:f8:79:ea:48:5a:
f2:bf:61:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS2t3NzTkUI5x38Rqq8CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTkzZmEzMDJjMzQ0MDgyYTU5ODM5ZjZmMzRiMjQ2YmI5YThlMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndAIsDOXbS1sMcsOXqHwFiLpPm+u
PjyOvLUm3CgJ0oBLRO5iZwLiEyJumCsnZ3BOrtY2CtB3Mr8aMZBCyAsN5M0du7mn
1xv14wmKmHWqomRysO6bTotk0XqP7Dri6LVkfFIPk4m6KOeEQYwcO/EuZkFUlvHw
JSrKTgD28ccgO08cC377ER0JvagZ+ZNO07yUdLsZPDT8C62Vnb7Y/ijx0du/8U9o
zV7moRxMTFYPT0YaUPCfB3jpQ2eKeOGQQDBW33i5B/XqOAB/qs5dKWwbqGxkofce
pHa/ldmMkLDbNC5zT5HOWDyADsfD8EkJeUTM9DTikuozamKV13mfXmCtqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGT+jAsNECCpZg59vNLJGu5qOF1MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEva1pQNk1DdzBRSUtsbURuMjgwc2thN21vNFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZkIAwQA
weN5MA0GCSqGSIb3DQEBCwUAA4IBAQAheUooTvr9lCPFI1uBQ7xbwa2UPorYs79S
81UaycAmacThlKs5BRCl0HK1O34Augh5jiax9+NIs2hMf0UTO6h/JNT5tdns70Mg
JrIYqSSJwKg/4EF9UHt3N4NB0H/qEJhzA3sMnKEeUZ4ycl0y8lscZ79qe2jPdSZe
6xQg6oBq7H79KdxCqt9JJsXfWVK+3o1oCoWEQQm7aUm3IN65vhNwMVlUVgolkBSI
AR+ptOuc7rgK/QshG7Q80kfjg8N9kKIrRak3CDx6wqCSE8TGTp50ZF47kgD9NKxZ
g4qaR3lRM7MGuSSgzWnP4IKyQKlZ6N8mZQNEcaQY+HnqSFryv2HS
-----END CERTIFICATE-----
Generated at Sun May 19 20:27:44 2024 by rpki-client on console-fra.rpki-client.org