Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/CHwtZvXQYETOJHLIgEpPc5tDITc.roa
File: CHwtZvXQYETOJHLIgEpPc5tDITc.roa (raw, json)
Hash identifier: wW9XliQFFLgTraua+tujiHlL8qeHCerR+6fBugdJDvU=
Subject key identifier: 08:7C:2D:66:F5:D0:60:44:CE:24:72:C8:80:4A:4F:73:9B:43:21:37
Certificate issuer: /CN=d58cc8506fedbb5061de9925b07d649918a19926
Certificate serial: 018CC6B7E2028C97F4ED7EB76052C5E244BF
Authority key identifier: D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/CHwtZvXQYETOJHLIgEpPc5tDITc.roa
Signing time: Mon 01 Jan 2024 20:29:48 +0000
ROA not before: Mon 01 Jan 2024 20:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44416
IP address blocks: 193.228.2.0/24 maxlen: 24
188.239.200.0/21 maxlen: 21
188.239.208.0/21 maxlen: 21
188.239.216.0/21 maxlen: 21
188.239.224.0/21 maxlen: 21
188.239.232.0/21 maxlen: 21
188.239.240.0/21 maxlen: 21
188.239.240.0/20 maxlen: 21
188.239.192.0/21 maxlen: 21
188.239.192.0/18 maxlen: 18
2001:678:c7c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:e2:02:8c:97:f4:ed:7e:b7:60:52:c5:e2:44:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58cc8506fedbb5061de9925b07d649918a19926
Validity
Not Before: Jan 1 20:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=087c2d66f5d06044ce2472c8804a4f739b432137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:83:bb:32:2d:e7:51:65:5e:19:47:ee:88:89:
87:1a:33:2f:d3:7a:c9:ac:2f:8b:96:54:d2:07:c3:
a2:9b:9a:72:06:5b:e4:2f:4c:52:96:79:37:ca:a6:
bc:68:d9:bf:13:14:7a:12:51:dd:e0:52:56:65:c9:
93:6b:21:43:65:36:6b:26:3d:85:24:1d:11:e8:63:
9a:70:a2:eb:dc:fa:55:67:6e:4a:ba:20:ae:77:27:
90:60:e5:98:22:fb:de:a8:b7:da:3d:19:6d:e7:78:
7a:b5:f8:d0:da:08:95:56:00:2f:9c:0d:e6:0b:9d:
51:92:4f:bd:10:bc:10:c3:19:13:14:26:97:27:9f:
e1:56:a5:46:18:9d:67:ee:81:76:6b:29:8f:4c:89:
f6:b0:ef:bf:ef:8a:d9:01:9d:c6:b8:55:bc:01:86:
63:3c:e1:c5:ae:2b:10:4d:51:69:42:86:56:81:b9:
e7:e3:a1:f6:26:2f:3e:74:58:24:dd:4d:70:82:5c:
31:23:dd:4e:c8:48:16:63:c2:f2:90:32:91:f0:b6:
99:26:6a:31:73:10:14:96:74:2b:bc:d8:c8:1d:c7:
9a:f5:22:9d:43:3f:df:fe:84:c1:40:8d:4f:83:19:
a3:9f:c0:89:02:2d:4c:0f:3c:19:36:7e:53:91:9b:
b0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7C:2D:66:F5:D0:60:44:CE:24:72:C8:80:4A:4F:73:9B:43:21:37
X509v3 Authority Key Identifier:
keyid:D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/CHwtZvXQYETOJHLIgEpPc5tDITc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.239.192.0/18
193.228.2.0/24
IPv6:
2001:678:c7c::/48
Signature Algorithm: sha256WithRSAEncryption
55:59:f7:02:90:2e:10:d7:0b:98:42:98:e2:7b:b4:3c:52:98:
7f:b5:8a:b0:e1:08:a2:a0:84:44:06:c0:66:a9:f1:b0:5a:39:
f1:09:17:71:b7:1f:70:fd:9f:43:e8:54:ce:78:b0:3a:72:03:
33:a3:e3:c9:80:2d:35:64:61:db:e3:9b:31:ee:85:19:59:bc:
c8:d1:2e:9f:ca:03:8c:4e:2a:d3:1d:55:fa:de:a0:24:67:dc:
62:68:cf:8d:0a:5b:a9:86:b1:0d:aa:e2:47:7b:56:80:dd:91:
65:04:c9:06:0c:87:bd:b3:c4:a9:e3:5a:bd:e3:af:a6:8f:87:
ef:9d:76:bf:e5:ef:e8:f0:b1:7b:fe:de:d5:37:2e:57:98:28:
59:64:d0:66:5b:a0:84:4d:bf:b0:6d:35:c3:ed:e3:c7:6a:cc:
1f:5a:6b:7a:e8:55:d8:ac:07:87:4b:85:ac:fe:6e:79:16:52:
1f:f8:74:ef:c7:81:5b:e5:6a:61:a3:02:5e:32:49:c2:0e:84:
3f:78:9a:78:ab:53:9c:95:67:8f:2a:df:0f:1b:a0:89:a4:34:
0d:33:db:e5:3d:49:64:ed:7b:86:30:53:83:24:b8:04:b9:b7:
a1:f4:2b:23:1e:4c:34:a0:31:ff:72:3c:29:ab:9d:a9:eb:84:
98:98:da:9a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGt+ICjJf07X63YFLF4kS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OGNjODUwNmZlZGJiNTA2MWRlOTkyNWIwN2Q2NDk5MThh
MTk5MjYwHhcNMjQwMTAxMjAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdjMmQ2NmY1ZDA2MDQ0Y2UyNDcyYzg4MDRhNGY3MzliNDMyMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIO7Mi3nUWVeGUfuiImHGjMv03rJ
rC+LllTSB8Oim5pyBlvkL0xSlnk3yqa8aNm/ExR6ElHd4FJWZcmTayFDZTZrJj2F
JB0R6GOacKLr3PpVZ25KuiCudyeQYOWYIvveqLfaPRlt53h6tfjQ2giVVgAvnA3m
C51Rkk+9ELwQwxkTFCaXJ5/hVqVGGJ1n7oF2aymPTIn2sO+/74rZAZ3GuFW8AYZj
POHFrisQTVFpQoZWgbnn46H2Ji8+dFgk3U1wglwxI91OyEgWY8LykDKR8LaZJmox
cxAUlnQrvNjIHcea9SKdQz/f/oTBQI1Pgxmjn8CJAi1MDzwZNn5TkZuwCQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAh8LWb10GBEziRyyIBKT3ObQyE3MB8GA1UdIwQY
MBaAFNWMyFBv7btQYd6ZJbB9ZJkYoZkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVl6SVVHX3R1MUJoM3BrbHNIMWttUmlobVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80NmVmYjUtYzllNy00ZjA4LWJjNmEt
YmIzZTgxOWYzZGRjLzEvQ0h3dFp2WFFZRVRPSkhMSWdFcFBjNXRESVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80NmVmYjUtYzllNy00ZjA4LWJjNmEtYmIzZTgxOWYzZGRj
LzEvMVl6SVVHX3R1MUJoM3BrbHNIMWttUmlobVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQGvO/AAwQA
weQCMA8EAgACMAkDBwAgAQZ4DHwwDQYJKoZIhvcNAQELBQADggEBAFVZ9wKQLhDX
C5hCmOJ7tDxSmH+1irDhCKKghEQGwGap8bBaOfEJF3G3H3D9n0PoVM54sDpyAzOj
48mALTVkYdvjmzHuhRlZvMjRLp/KA4xOKtMdVfreoCRn3GJoz40KW6mGsQ2q4kd7
VoDdkWUEyQYMh72zxKnjWr3jr6aPh++ddr/l7+jwsXv+3tU3LleYKFlk0GZboIRN
v7BtNcPt48dqzB9aa3roVdisB4dLhaz+bnkWUh/4dO/HgVvlamGjAl4yScIOhD94
mnirU5yVZ48q3w8boImkNA0z2+U9SWTte4YwU4MkuAS5t6H0KyMeTDSgMf9yPCmr
nanrhJiY2po=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:00:00 2024 by rpki-client on console-fra.rpki-client.org