Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/KcMa0luHHWDkPQffB0Xycte45Yk.roa
File: KcMa0luHHWDkPQffB0Xycte45Yk.roa (raw, json)
Hash identifier: 2lw/Tm8q1RwkBsbdSDl3Occ48NCeAdchr8rqxOSUlR4=
Subject key identifier: 29:C3:1A:D2:5B:87:1D:60:E4:3D:07:DF:07:45:F2:72:D7:B8:E5:89
Certificate issuer: /CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Certificate serial: 018CC725A166C4F073AB1E0C7EEF494526B5
Authority key identifier: AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/KcMa0luHHWDkPQffB0Xycte45Yk.roa
Signing time: Mon 01 Jan 2024 22:29:41 +0000
ROA not before: Mon 01 Jan 2024 22:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206720
IP address blocks: 193.56.32.0/24 maxlen: 24
193.56.36.0/24 maxlen: 24
193.56.35.0/24 maxlen: 24
185.187.246.0/24 maxlen: 24
193.56.40.0/24 maxlen: 24
185.187.245.0/24 maxlen: 24
193.56.39.0/24 maxlen: 24
185.187.244.0/24 maxlen: 24
193.56.45.0/24 maxlen: 24
185.187.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 19:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a1:66:c4:f0:73:ab:1e:0c:7e:ef:49:45:26:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Validity
Not Before: Jan 1 22:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c31ad25b871d60e43d07df0745f272d7b8e589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1c:87:f0:a8:93:47:7a:36:c0:f2:cc:42:9a:
33:0f:da:4e:0e:08:87:37:87:f0:c5:58:91:02:fe:
68:f5:ad:1e:53:1a:97:0d:ac:88:07:2c:a0:0a:94:
61:9f:07:e0:cf:94:67:84:eb:2c:fb:cf:2c:58:8c:
6a:0e:f7:a2:0a:02:60:32:e1:c9:1f:53:89:14:83:
10:7a:c9:41:dc:fc:f0:c9:a1:b7:3b:88:ee:8c:2d:
e3:65:2e:4d:92:97:c8:cf:4f:29:e4:3d:0b:45:26:
b3:c1:25:cb:06:5f:e1:cc:f1:d8:8a:e8:ba:fa:69:
ff:33:33:70:5b:a6:54:86:49:55:03:b6:23:01:b9:
c3:ef:83:04:21:e4:9b:7e:28:b7:94:87:37:25:bd:
1b:5a:e0:bc:5a:29:b5:a4:fb:75:39:2a:f9:a7:3c:
99:91:01:13:22:83:a5:f5:7b:36:74:5e:cf:82:ed:
b2:49:e3:d6:35:dd:ce:39:a7:6f:97:c1:4b:71:45:
5f:2f:94:14:85:8d:7c:b1:f9:20:1c:25:3a:2d:7e:
cc:aa:87:ef:c0:0c:26:f4:76:bd:e7:a7:2d:48:4a:
e9:e4:76:de:a0:ac:b0:34:27:01:c5:c8:10:d3:36:
0f:74:45:91:8f:41:5f:98:83:39:74:e1:5f:72:c3:
38:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C3:1A:D2:5B:87:1D:60:E4:3D:07:DF:07:45:F2:72:D7:B8:E5:89
X509v3 Authority Key Identifier:
keyid:AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/KcMa0luHHWDkPQffB0Xycte45Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.244.0/22
193.56.32.0/24
193.56.35.0-193.56.36.255
193.56.39.0-193.56.40.255
193.56.45.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c3:72:ba:71:92:14:cb:60:b2:cd:34:e0:cc:e6:68:0d:e0:
be:77:a3:4d:f0:5f:db:80:5e:e8:3e:b2:11:18:0c:6c:d2:94:
a9:91:ac:76:9d:c6:48:df:a9:70:0d:7c:be:41:e9:64:43:6a:
51:03:08:63:9a:da:aa:ca:de:e5:ae:5a:47:a9:30:8c:0e:fb:
2b:a9:3a:d8:8d:35:25:a2:8e:50:a2:c5:62:bb:3c:7e:ad:1a:
dd:0d:d6:bd:8c:02:aa:4c:01:63:7f:60:b9:49:cd:78:97:c5:
e0:83:62:e2:93:44:d1:83:aa:be:11:f1:22:97:53:7d:f9:d5:
30:2e:ad:c0:c2:bd:99:38:89:b1:9c:ba:39:b1:b6:1c:35:c3:
9b:56:1c:c2:fe:c6:84:af:b2:ca:85:06:f7:8f:f3:98:59:a9:
6b:ea:be:35:74:3c:88:c9:7a:8b:12:6a:81:c6:c1:42:b7:80:
79:fe:f9:a8:d8:4d:7e:71:b3:77:1c:ed:f4:33:51:66:ff:17:
0e:08:88:66:ea:de:a0:e5:52:06:c4:a8:24:e6:06:d4:83:d2:
68:c6:db:cd:72:33:75:83:0e:3b:73:ee:08:93:01:95:af:f7:
5b:56:12:4d:68:bf:8b:46:13:de:7c:ed:30:3f:f6:d5:b9:80:
4b:67:76:54
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzHJaFmxPBzqx4Mfu9JRSa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzQ4ZjdhNTkxMjA1ODhkNDE3MGVhMjgxNWU2YWU1MWJl
NmJjZmYwHhcNMjQwMTAxMjIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMzMWFkMjViODcxZDYwZTQzZDA3ZGYwNzQ1ZjI3MmQ3YjhlNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRyH8KiTR3o2wPLMQpozD9pODgiH
N4fwxViRAv5o9a0eUxqXDayIByygCpRhnwfgz5RnhOss+88sWIxqDveiCgJgMuHJ
H1OJFIMQeslB3PzwyaG3O4jujC3jZS5NkpfIz08p5D0LRSazwSXLBl/hzPHYiui6
+mn/MzNwW6ZUhklVA7YjAbnD74MEIeSbfii3lIc3Jb0bWuC8Wim1pPt1OSr5pzyZ
kQETIoOl9Xs2dF7Pgu2ySePWNd3OOadvl8FLcUVfL5QUhY18sfkgHCU6LX7Mqofv
wAwm9Ha956ctSErp5HbeoKywNCcBxcgQ0zYPdEWRj0FfmIM5dOFfcsM4PwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCnDGtJbhx1g5D0H3wdF8nLXuOWJMB8GA1UdIwQY
MBaAFKzEj3pZEgWI1BcOooFeauUb5rz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTIt
YjUyYjNhMjM2ZmE3LzEvS2NNYTBsdUhIV0RrUFFmZkIwWHljdGU0NVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTItYjUyYjNhMjM2ZmE3
LzEvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCubv0AwQA
wTggMAwDBADBOCMDBADBOCQwDAMEAME4JwMEAME4KAMEAME4LTANBgkqhkiG9w0B
AQsFAAOCAQEAHMNyunGSFMtgss004MzmaA3gvnejTfBf24Be6D6yERgMbNKUqZGs
dp3GSN+pcA18vkHpZENqUQMIY5raqsre5a5aR6kwjA77K6k62I01JaKOUKLFYrs8
fq0a3Q3WvYwCqkwBY39guUnNeJfF4INi4pNE0YOqvhHxIpdTffnVMC6twMK9mTiJ
sZy6ObG2HDXDm1Ycwv7GhK+yyoUG94/zmFmpa+q+NXQ8iMl6ixJqgcbBQreAef75
qNhNfnGzdxzt9DNRZv8XDgiIZureoOVSBsSoJOYG1IPSaMbbzXIzdYMOO3PuCJMB
la/3W1YSTWi/i0YT3nztMD/21bmAS2d2VA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:03:27 2024 by rpki-client on console-fra.rpki-client.org