Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/V5NkaBM7oeyF1p26zQlUs-ueB54.roa
File: V5NkaBM7oeyF1p26zQlUs-ueB54.roa (raw, json)
Hash identifier: OE2nn3AyNx4nCkHCX4r7bwsV03SCtyYxxEQMSDMjBsM=
Subject key identifier: 57:93:64:68:13:3B:A1:EC:85:D6:9D:BA:CD:09:54:B3:EB:9E:07:9E
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348DD3C06F1A062426F9ABB76CA8736
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/V5NkaBM7oeyF1p26zQlUs-ueB54.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60633
IP address blocks: 193.246.32.0/21 maxlen: 21
193.246.40.0/21 maxlen: 21
193.246.208.0/20 maxlen: 20
2a02:a90:c405::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:dd:3c:06:f1:a0:62:42:6f:9a:bb:76:ca:87:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57936468133ba1ec85d69dbacd0954b3eb9e079e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:29:ea:d9:b8:88:00:d3:96:34:43:8e:35:5b:
bf:25:18:23:c7:ff:b7:dc:40:19:e7:e9:9b:1f:d5:
68:2a:e2:bd:5d:5c:df:43:fe:95:fd:a4:b6:e5:9e:
44:c3:fb:83:62:8b:e6:f2:21:14:e6:20:17:20:6c:
38:e0:72:3d:06:04:42:23:d2:65:2e:a1:25:89:6d:
33:be:84:ff:c0:76:a2:91:6c:2e:f3:3f:0f:54:61:
6d:a7:4a:74:0f:5c:cc:a9:9a:4f:f9:b8:fe:ec:1f:
dc:4a:6b:3b:d5:29:d2:f8:5d:6e:89:03:e3:49:2c:
28:26:4e:fc:4e:ac:60:58:ea:ad:7a:d9:22:0f:63:
6c:28:84:db:05:35:ff:e9:27:a4:5c:87:64:b6:b4:
73:47:4a:1d:2f:a2:86:a9:1c:45:fd:6e:a4:b6:2e:
0d:f5:a1:31:7b:44:0e:af:84:38:5e:f6:df:1d:80:
ae:25:a2:43:d6:84:7d:65:53:68:e3:3f:b2:f0:84:
c2:c8:16:ef:c5:f9:17:09:da:42:de:e2:8c:36:63:
9d:d2:0c:0d:be:0d:b0:52:fc:53:9f:7c:a5:c4:5c:
29:4f:34:5e:b6:03:36:9b:13:47:02:2d:6a:fd:1f:
97:ff:6f:9e:72:47:27:e7:b0:f3:0a:9a:7d:69:c2:
2d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:93:64:68:13:3B:A1:EC:85:D6:9D:BA:CD:09:54:B3:EB:9E:07:9E
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/V5NkaBM7oeyF1p26zQlUs-ueB54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.32.0/20
193.246.208.0/20
IPv6:
2a02:a90:c405::/48
Signature Algorithm: sha256WithRSAEncryption
80:6c:bd:8f:29:24:3e:d6:b8:66:c3:ba:73:32:0a:95:d4:ea:
ab:43:84:9d:0c:76:30:fb:81:88:41:8e:ce:f1:16:8a:0b:96:
84:c3:67:70:83:56:a5:42:61:67:1d:9f:f9:0d:f5:02:27:6e:
d1:2d:15:f0:91:9f:74:6f:ce:90:ee:fe:24:28:5e:a2:71:78:
0c:a0:02:ce:62:30:c5:ac:0a:f6:f1:bf:14:74:85:c3:2b:6e:
50:6a:58:58:6c:8a:c7:fb:7e:3d:27:69:d4:86:fd:ed:91:29:
cf:94:9d:b7:b8:2b:bd:06:0e:85:67:9c:21:b4:e4:6a:8b:25:
e9:36:c6:60:3e:55:96:10:7e:38:82:1c:2f:e1:f7:1c:a5:17:
62:49:20:79:8d:b3:5c:1b:75:95:c0:3f:07:6f:52:6d:51:df:
42:98:bf:b5:47:8a:d7:e6:01:70:32:af:87:c1:8e:3b:13:63:
d3:a5:5b:7c:b6:6b:13:3b:87:4c:79:cc:ec:95:20:4b:60:30:
6b:a5:8f:35:36:c0:38:61:55:cf:0d:c5:05:cf:33:27:81:fe:
9e:98:9f:64:88:bb:89:c0:7d:41:92:f1:a9:8c:ab:c1:f4:eb:
05:3a:63:a7:b7:75:83:02:3a:2f:1d:50:bd:90:33:01:47:00:
35:0a:03:9c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSN08BvGgYkJvmrt2yoc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzkzNjQ2ODEzM2JhMWVjODVkNjlkYmFjZDA5NTRiM2ViOWUwNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCnq2biIANOWNEOONVu/JRgjx/+3
3EAZ5+mbH9VoKuK9XVzfQ/6V/aS25Z5Ew/uDYovm8iEU5iAXIGw44HI9BgRCI9Jl
LqEliW0zvoT/wHaikWwu8z8PVGFtp0p0D1zMqZpP+bj+7B/cSms71SnS+F1uiQPj
SSwoJk78TqxgWOqtetkiD2NsKITbBTX/6SekXIdktrRzR0odL6KGqRxF/W6kti4N
9aExe0QOr4Q4XvbfHYCuJaJD1oR9ZVNo4z+y8ITCyBbvxfkXCdpC3uKMNmOd0gwN
vg2wUvxTn3ylxFwpTzRetgM2mxNHAi1q/R+X/2+eckcn57DzCpp9acItSwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFeTZGgTO6Hshdadus0JVLPrngeeMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvVjVOa2FCTTdvZXlGMXAyNnpRbFVzLXVlQjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQEwfYgAwQE
wfbQMA8EAgACMAkDBwAqAgqQxAUwDQYJKoZIhvcNAQELBQADggEBAIBsvY8pJD7W
uGbDunMyCpXU6qtDhJ0MdjD7gYhBjs7xFooLloTDZ3CDVqVCYWcdn/kN9QInbtEt
FfCRn3RvzpDu/iQoXqJxeAygAs5iMMWsCvbxvxR0hcMrblBqWFhsisf7fj0nadSG
/e2RKc+Unbe4K70GDoVnnCG05GqLJek2xmA+VZYQfjiCHC/h9xylF2JJIHmNs1wb
dZXAPwdvUm1R30KYv7VHitfmAXAyr4fBjjsTY9OlW3y2axM7h0x5zOyVIEtgMGul
jzU2wDhhVc8NxQXPMyeB/p6Yn2SIu4nAfUGS8amMq8H06wU6Y6e3dYMCOi8dUL2Q
MwFHADUKA5w=
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:08:19 2024 by rpki-client on console-fra.rpki-client.org