Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/580769-a9c4-499a-b9db-bc5ab81987f0/1/M_tR2X10EX-4-S704IWpXen8yog.roa
File: M_tR2X10EX-4-S704IWpXen8yog.roa (raw, json)
Hash identifier: 4HD/71bbT17LEJPQhCm3IuLNj8atAquwxF1iQ+f+p8c=
Subject key identifier: 33:FB:51:D9:7D:74:11:7F:B8:F9:2E:F4:E0:85:A9:5D:E9:FC:CA:88
Certificate issuer: /CN=d2f9789e1b59fa2f2c50ce1e8e12eb97655bbcdd
Certificate serial: 018CC8DDA4CBB4E0599BD9F29F55F4AE9D3F
Authority key identifier: D2:F9:78:9E:1B:59:FA:2F:2C:50:CE:1E:8E:12:EB:97:65:5B:BC:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vl4nhtZ-i8sUM4ejhLrl2VbvN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/580769-a9c4-499a-b9db-bc5ab81987f0/1/M_tR2X10EX-4-S704IWpXen8yog.roa
Signing time: Tue 02 Jan 2024 06:30:17 +0000
ROA not before: Tue 02 Jan 2024 06:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 193.53.174.0/24 maxlen: 24
193.53.185.0/24 maxlen: 24
193.53.186.0/24 maxlen: 24
193.53.190.0/24 maxlen: 24
193.53.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/580769-a9c4-499a-b9db-bc5ab81987f0/1/0vl4nhtZ-i8sUM4ejhLrl2VbvN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/580769-a9c4-499a-b9db-bc5ab81987f0/1/0vl4nhtZ-i8sUM4ejhLrl2VbvN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/0vl4nhtZ-i8sUM4ejhLrl2VbvN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:a4:cb:b4:e0:59:9b:d9:f2:9f:55:f4:ae:9d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f9789e1b59fa2f2c50ce1e8e12eb97655bbcdd
Validity
Not Before: Jan 2 06:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33fb51d97d74117fb8f92ef4e085a95de9fcca88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:94:ea:b8:93:7d:39:69:79:84:4a:20:4f:77:
d3:87:6e:c9:5e:2e:f7:ce:70:dc:ea:3e:7b:2e:ad:
cf:7b:9e:f4:2f:0f:7b:2b:bf:bc:73:57:d5:a4:c3:
ab:b7:6d:30:cb:c6:37:95:98:16:dd:81:9c:5a:6f:
f7:24:f1:46:8a:31:b3:ca:2e:e4:cf:fa:8d:7a:45:
43:8b:3c:4d:72:86:c0:29:27:6b:d7:41:dc:88:1e:
0c:7e:11:e1:f5:8f:93:3a:7b:ec:d7:f6:d7:d6:e8:
04:33:e3:32:50:dd:ec:dc:60:0a:f9:a7:87:67:52:
d3:18:f4:62:46:e0:d3:71:71:73:b5:5d:43:71:13:
f9:68:f6:f9:8c:0c:c8:ce:94:9f:2a:5a:32:4a:f8:
a6:45:e2:f3:dd:f3:66:96:19:a6:35:af:93:cf:7f:
10:a9:e6:03:70:67:95:b0:aa:86:18:b4:90:3c:0e:
d9:06:92:4b:e3:c8:da:1e:ec:79:ba:0f:7b:31:21:
3d:7c:88:7d:55:8c:ac:e0:49:b9:66:45:83:25:e3:
08:18:af:ec:52:23:96:e7:23:e7:7f:57:c3:e5:3c:
a7:05:35:17:53:c4:b4:d4:11:8f:b8:96:9b:df:09:
e4:ad:37:1a:a9:49:c0:d4:5f:dc:a7:89:ee:0a:21:
89:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FB:51:D9:7D:74:11:7F:B8:F9:2E:F4:E0:85:A9:5D:E9:FC:CA:88
X509v3 Authority Key Identifier:
keyid:D2:F9:78:9E:1B:59:FA:2F:2C:50:CE:1E:8E:12:EB:97:65:5B:BC:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vl4nhtZ-i8sUM4ejhLrl2VbvN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/580769-a9c4-499a-b9db-bc5ab81987f0/1/M_tR2X10EX-4-S704IWpXen8yog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/580769-a9c4-499a-b9db-bc5ab81987f0/1/0vl4nhtZ-i8sUM4ejhLrl2VbvN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.174.0/24
193.53.185.0-193.53.186.255
193.53.188.0/24
193.53.190.0/24
Signature Algorithm: sha256WithRSAEncryption
54:0e:66:c0:8e:68:d2:30:1c:0e:c6:28:ce:30:ae:fa:2f:12:
d3:c9:d2:ae:70:e4:c1:1b:16:5b:1f:14:42:eb:2e:e7:a4:8d:
da:7d:70:b2:ab:9e:0d:fb:98:8b:c1:b5:e0:37:b6:a3:e1:3f:
fa:47:56:26:7b:8e:a8:6a:07:28:b9:6d:3f:c0:2e:a5:cb:1b:
41:c7:25:5c:41:2e:81:2a:ac:78:45:4e:56:50:dc:fc:07:79:
4e:9f:a3:b2:f6:ca:91:2a:4c:ed:8f:12:d8:16:e0:bf:45:21:
c4:50:d8:ae:1f:e0:ac:20:d0:70:52:fa:8c:6f:49:e7:67:8a:
18:a7:42:3a:2b:af:d0:dd:7d:55:d0:ff:38:78:8a:e8:88:00:
64:c4:95:68:38:87:50:a2:eb:83:fb:a6:a7:ce:09:56:0f:9c:
1a:12:4c:25:cd:0f:6b:5a:6f:c4:05:aa:d2:98:14:f7:88:8e:
d4:06:e4:6c:33:ff:48:91:ed:2f:20:b8:0c:cd:a8:51:59:d2:
2d:48:79:80:bd:50:4e:47:3f:fa:75:88:b3:d8:a5:1b:70:d5:
4d:15:78:8c:79:e7:9b:91:50:af:5b:c8:80:31:14:5c:dc:ef:
7a:c7:b5:3d:05:b6:69:52:63:da:7c:a7:eb:7a:81:48:ae:84:
4f:99:14:78
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzI3aTLtOBZm9nyn1X0rp0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZjk3ODllMWI1OWZhMmYyYzUwY2UxZThlMTJlYjk3NjU1
YmJjZGQwHhcNMjQwMTAyMDYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2ZiNTFkOTdkNzQxMTdmYjhmOTJlZjRlMDg1YTk1ZGU5ZmNjYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5TquJN9OWl5hEogT3fTh27JXi73
znDc6j57Lq3Pe570Lw97K7+8c1fVpMOrt20wy8Y3lZgW3YGcWm/3JPFGijGzyi7k
z/qNekVDizxNcobAKSdr10HciB4MfhHh9Y+TOnvs1/bX1ugEM+MyUN3s3GAK+aeH
Z1LTGPRiRuDTcXFztV1DcRP5aPb5jAzIzpSfKloySvimReLz3fNmlhmmNa+Tz38Q
qeYDcGeVsKqGGLSQPA7ZBpJL48jaHux5ug97MSE9fIh9VYys4Em5ZkWDJeMIGK/s
UiOW5yPnf1fD5TynBTUXU8S01BGPuJab3wnkrTcaqUnA1F/cp4nuCiGJzQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDP7Udl9dBF/uPku9OCFqV3p/MqIMB8GA1UdIwQY
MBaAFNL5eJ4bWfovLFDOHo4S65dlW7zdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZsNG5odFotaThzVU00ZWpoTHJsMlZidk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81ODA3NjktYTljNC00OTlhLWI5ZGIt
YmM1YWI4MTk4N2YwLzEvTV90UjJYMTBFWC00LVM3MDRJV3BYZW44eW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81ODA3NjktYTljNC00OTlhLWI5ZGItYmM1YWI4MTk4N2Yw
LzEvMHZsNG5odFotaThzVU00ZWpoTHJsMlZidk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwTWuMAwD
BADBNbkDBADBNboDBADBNbwDBADBNb4wDQYJKoZIhvcNAQELBQADggEBAFQOZsCO
aNIwHA7GKM4wrvovEtPJ0q5w5MEbFlsfFELrLuekjdp9cLKrng37mIvBteA3tqPh
P/pHViZ7jqhqByi5bT/ALqXLG0HHJVxBLoEqrHhFTlZQ3PwHeU6fo7L2ypEqTO2P
EtgW4L9FIcRQ2K4f4Kwg0HBS+oxvSednihinQjorr9DdfVXQ/zh4iuiIAGTElWg4
h1Ci64P7pqfOCVYPnBoSTCXND2tab8QFqtKYFPeIjtQG5Gwz/0iR7S8guAzNqFFZ
0i1IeYC9UE5HP/p1iLPYpRtw1U0VeIx555uRUK9byIAxFFzc73rHtT0FtmlSY9p8
p+t6gUiuhE+ZFHg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:43:48 2024 by rpki-client on console-fra.rpki-client.org