Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/l18-lUmN-wqCeHydqMdHGmhM5TE.roa
File: l18-lUmN-wqCeHydqMdHGmhM5TE.roa (raw, json)
Hash identifier: tLdM55gpmVAm+TSj+9rnBfaGYqrCnA2fkP4zP4Bn34A=
Subject key identifier: 97:5F:3E:95:49:8D:FB:0A:82:78:7C:9D:A8:C7:47:1A:68:4C:E5:31
Certificate issuer: /CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Certificate serial: 018CC6B93F39211C041FED50D921CC902940
Authority key identifier: 16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/l18-lUmN-wqCeHydqMdHGmhM5TE.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201749
IP address blocks: 93.191.112.0/24 maxlen: 24
93.191.115.0/24 maxlen: 24
2a06:a542::/31 maxlen: 31
2a06:a540::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3f:39:21:1c:04:1f:ed:50:d9:21:cc:90:29:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=975f3e95498dfb0a82787c9da8c7471a684ce531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d3:b7:5b:91:a3:a3:d7:56:31:b9:88:36:5f:
28:04:17:fa:52:55:d3:22:7e:8f:8a:72:68:46:21:
05:4f:4a:d1:14:aa:f2:34:0c:77:fe:8f:4b:fe:d1:
1e:c8:31:47:01:8e:f2:a3:f0:44:df:58:f2:bc:11:
00:40:51:2e:2d:03:f3:0d:15:b2:ac:4a:63:dd:e7:
a0:1b:28:7c:40:fc:02:22:32:95:4b:1d:e3:5c:70:
da:0f:1d:1b:af:9d:20:04:2c:2f:3d:96:25:7c:53:
51:45:d4:9f:ed:38:23:6d:1d:f5:11:79:4d:62:39:
9e:67:3e:1a:7f:0d:64:51:3f:59:a6:d4:9e:60:99:
de:8d:6a:80:c4:4a:83:cb:17:04:a7:0d:3e:fd:a5:
a9:8d:93:0f:af:1d:e8:68:63:52:91:89:8f:69:43:
01:32:1c:dc:b5:5b:bc:33:51:28:08:00:39:07:ff:
7f:4a:2a:7a:7c:14:87:2e:c8:3d:11:cf:f5:d9:17:
59:e6:9d:25:a0:24:26:9e:b1:08:c3:1c:c5:26:04:
f0:77:1a:92:13:33:fd:16:a5:1b:4d:73:10:b0:d5:
e9:36:45:4a:3e:47:66:5a:36:5a:e8:cf:f3:29:3a:
56:08:7b:2c:de:26:80:3e:6b:1b:0a:12:99:05:f0:
9c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5F:3E:95:49:8D:FB:0A:82:78:7C:9D:A8:C7:47:1A:68:4C:E5:31
X509v3 Authority Key Identifier:
keyid:16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/l18-lUmN-wqCeHydqMdHGmhM5TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.112.0/24
93.191.115.0/24
IPv6:
2a06:a540::/30
Signature Algorithm: sha256WithRSAEncryption
3d:cf:e1:59:2b:0a:81:e6:d7:ee:10:67:ef:08:f6:ba:ec:e5:
be:43:9b:07:20:55:89:17:3e:04:50:0a:5f:1d:78:ad:12:15:
e8:d5:8c:b6:4c:3a:be:0e:54:5a:74:cc:2c:0f:30:27:79:af:
4a:09:ec:20:05:2e:27:f6:59:b8:f8:db:e6:96:14:fa:fa:67:
1a:08:08:ed:e8:e8:55:60:02:69:2c:99:22:10:21:10:86:4f:
40:7d:23:36:7c:d8:9b:d4:24:50:2d:3d:c3:57:e7:ce:64:44:
35:53:13:46:2c:16:0d:1f:d3:8f:09:57:10:29:d2:7b:a7:8f:
e8:c5:f3:49:13:6c:da:24:f6:39:40:ce:8c:ce:47:dc:c0:c8:
56:a6:a7:d4:19:fe:b3:85:ff:17:2a:c6:40:29:b5:e9:29:0e:
6b:6a:df:da:a2:d4:a5:91:b9:80:7c:79:77:a9:bd:ac:64:24:
f3:20:79:9b:7d:5c:c4:34:01:af:86:5b:51:13:88:b0:91:98:
2f:29:cb:4c:c7:b5:cd:2f:0b:ce:4d:22:84:17:68:d3:5e:e7:
37:d1:99:d0:c3:ef:6f:5a:7a:44:91:6b:8c:47:23:2a:30:29:
37:59:aa:3e:d1:c5:39:c8:22:bf:75:bb:a6:ef:37:ec:f6:c8:
5c:34:ff:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuT85IRwEH+1Q2SHMkClAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTdjNDZlYWZhMTBlYzVkOTA3YmIwNWUzNzEyM2I2OTJh
YjQ5NGMwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzVmM2U5NTQ5OGRmYjBhODI3ODdjOWRhOGM3NDcxYTY4NGNlNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9O3W5Gjo9dWMbmINl8oBBf6UlXT
In6PinJoRiEFT0rRFKryNAx3/o9L/tEeyDFHAY7yo/BE31jyvBEAQFEuLQPzDRWy
rEpj3eegGyh8QPwCIjKVSx3jXHDaDx0br50gBCwvPZYlfFNRRdSf7TgjbR31EXlN
YjmeZz4afw1kUT9ZptSeYJnejWqAxEqDyxcEpw0+/aWpjZMPrx3oaGNSkYmPaUMB
MhzctVu8M1EoCAA5B/9/Sip6fBSHLsg9Ec/12RdZ5p0loCQmnrEIwxzFJgTwdxqS
EzP9FqUbTXMQsNXpNkVKPkdmWjZa6M/zKTpWCHss3iaAPmsbChKZBfCcyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJdfPpVJjfsKgnh8najHRxpoTOUxMB8GA1UdIwQY
MBaAFBaXxG6voQ7F2Qe7BeNxI7aSq0lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUt
NzY1MjJjMjA3YzU1LzEvbDE4LWxVbU4td3FDZUh5ZHFNZEhHbWhNNVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUtNzY1MjJjMjA3YzU1
LzEvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXb9wAwQA
Xb9zMA0EAgACMAcDBQIqBqVAMA0GCSqGSIb3DQEBCwUAA4IBAQA9z+FZKwqB5tfu
EGfvCPa67OW+Q5sHIFWJFz4EUApfHXitEhXo1Yy2TDq+DlRadMwsDzAnea9KCewg
BS4n9lm4+NvmlhT6+mcaCAjt6OhVYAJpLJkiECEQhk9AfSM2fNib1CRQLT3DV+fO
ZEQ1UxNGLBYNH9OPCVcQKdJ7p4/oxfNJE2zaJPY5QM6MzkfcwMhWpqfUGf6zhf8X
KsZAKbXpKQ5rat/aotSlkbmAfHl3qb2sZCTzIHmbfVzENAGvhltRE4iwkZgvKctM
x7XNLwvOTSKEF2jTXuc30ZnQw+9vWnpEkWuMRyMqMCk3Wao+0cU5yCK/dbum7zfs
9shcNP9d
-----END CERTIFICATE-----
Generated at Fri May 17 18:28:40 2024 by rpki-client on console-fra.rpki-client.org