Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/unRRwHenhVFuwSQC9kTv92-HVpU.roa
File: unRRwHenhVFuwSQC9kTv92-HVpU.roa (raw, json)
Hash identifier: Sa8INmcIrWBLlR1HVMa1eib+o3UvQZyaLA30502j27Y=
Subject key identifier: BA:74:51:C0:77:A7:85:51:6E:C1:24:02:F6:44:EF:F7:6F:87:56:95
Certificate issuer: /CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Certificate serial: 018CC5DC83B72F16ADCB221DEE0CC58C9019
Authority key identifier: 23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/unRRwHenhVFuwSQC9kTv92-HVpU.roa
Signing time: Mon 01 Jan 2024 16:30:12 +0000
ROA not before: Mon 01 Jan 2024 16:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 194.146.135.0/24 maxlen: 24
194.146.133.0/24 maxlen: 24
93.157.24.0/22 maxlen: 22
93.157.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:83:b7:2f:16:ad:cb:22:1d:ee:0c:c5:8c:90:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Validity
Not Before: Jan 1 16:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba7451c077a785516ec12402f644eff76f875695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d3:9e:c3:e3:63:3e:20:44:96:4f:bd:df:8d:
ef:60:f6:d1:bf:cd:75:7c:15:15:9e:b6:21:ee:d2:
db:38:5f:4c:bf:67:97:9c:d0:c6:49:ab:86:c3:b4:
b0:7f:eb:1d:0a:74:34:46:ac:24:d2:fe:cb:bc:27:
0e:66:72:e4:c1:eb:27:4d:17:a3:32:d4:27:d2:0a:
e4:e3:77:36:59:8f:7b:fd:a8:c5:71:fe:2a:81:18:
67:0f:fd:3e:ea:d9:ca:a0:96:6c:da:77:e0:d7:f9:
10:dd:75:3f:c0:14:2d:67:cc:e5:55:99:ef:86:6b:
15:2e:5f:2d:fc:a3:ee:14:de:ea:85:88:7d:e3:19:
d6:a5:de:85:09:04:64:28:18:c9:92:f0:b9:30:b7:
d0:cc:75:f7:68:64:6f:56:48:db:57:7a:e0:52:f0:
2a:55:3c:4b:08:53:10:9b:0e:c6:9c:cd:26:37:f0:
e8:49:cf:e2:1e:ae:be:a1:01:89:75:5b:95:e6:49:
f5:0c:17:cf:51:56:0d:33:b2:43:e9:45:ed:47:92:
5b:ca:f8:cf:53:27:cf:31:6b:cc:ea:5e:e1:80:9b:
09:2b:b2:a4:99:f9:66:02:c4:84:d6:7d:d4:5c:94:
fe:ed:49:25:4a:e4:44:e3:ff:bd:04:ee:f5:cb:25:
c6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:74:51:C0:77:A7:85:51:6E:C1:24:02:F6:44:EF:F7:6F:87:56:95
X509v3 Authority Key Identifier:
keyid:23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/unRRwHenhVFuwSQC9kTv92-HVpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.24.0/21
194.146.133.0/24
194.146.135.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:d7:3e:0a:c2:2c:d3:26:f7:aa:c5:20:ed:ac:6b:21:e6:a2:
c0:ff:52:96:9e:f2:03:ab:e1:ee:fe:b6:cb:c4:fb:8e:72:31:
26:b2:bb:4a:12:b4:af:9d:9f:9c:42:fc:a8:4c:98:82:77:72:
d0:d7:f4:fd:22:e2:1c:00:b7:f5:ac:8c:70:7d:b9:2c:dc:2f:
fc:e7:94:99:2d:dd:95:f9:15:5e:e5:6c:fc:ab:ed:09:71:be:
ff:75:63:f1:a0:52:d0:b8:58:72:09:eb:5c:97:67:b8:14:3d:
25:05:c3:1a:6b:5f:8a:bc:61:47:81:79:b0:f8:7b:af:03:e0:
ae:57:d7:91:3c:9e:7d:79:f9:7c:ce:0f:36:dd:88:9b:94:1c:
fe:4f:d0:a3:14:67:ad:f5:d7:0e:a6:7c:a2:b9:31:69:8a:03:
90:59:50:16:74:1f:1b:6b:11:c5:80:8a:28:e2:0b:a0:d1:23:
1f:80:cd:f6:5d:b3:7d:44:45:8d:2f:59:06:63:85:0e:1e:f7:
7f:5f:b4:8b:1a:bc:13:18:2a:2d:e7:04:34:bb:c3:17:8c:0d:
6a:17:e7:55:46:ed:34:19:c4:5d:fa:67:50:b5:b2:87:a8:aa:
f3:5e:00:cb:d1:5a:d9:d5:4e:1a:1d:58:8f:85:02:7d:f2:63:
5e:9e:7e:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF3IO3LxatyyId7gzFjJAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYmExZWM0ZjAzNWE3MmRmYTM5ZTkzMGFkOGVjNTQzNjhl
YjdhZjQwHhcNMjQwMTAxMTYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc0NTFjMDc3YTc4NTUxNmVjMTI0MDJmNjQ0ZWZmNzZmODc1Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dOew+NjPiBElk+9343vYPbRv811
fBUVnrYh7tLbOF9Mv2eXnNDGSauGw7Swf+sdCnQ0Rqwk0v7LvCcOZnLkwesnTRej
MtQn0grk43c2WY97/ajFcf4qgRhnD/0+6tnKoJZs2nfg1/kQ3XU/wBQtZ8zlVZnv
hmsVLl8t/KPuFN7qhYh94xnWpd6FCQRkKBjJkvC5MLfQzHX3aGRvVkjbV3rgUvAq
VTxLCFMQmw7GnM0mN/DoSc/iHq6+oQGJdVuV5kn1DBfPUVYNM7JD6UXtR5JbyvjP
UyfPMWvM6l7hgJsJK7KkmflmAsSE1n3UXJT+7UklSuRE4/+9BO71yyXGSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLp0UcB3p4VRbsEkAvZE7/dvh1aVMB8GA1UdIwQY
MBaAFCO6HsTwNact+jnpMK2OxUNo63r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDct
YmRlNjQ0OGI3ODZjLzEvdW5SUndIZW5oVkZ1d1NRQzlrVHY5Mi1IVnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDctYmRlNjQ0OGI3ODZj
LzEvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXZ0YAwQA
wpKFAwQAwpKHMA0GCSqGSIb3DQEBCwUAA4IBAQB81z4KwizTJveqxSDtrGsh5qLA
/1KWnvIDq+Hu/rbLxPuOcjEmsrtKErSvnZ+cQvyoTJiCd3LQ1/T9IuIcALf1rIxw
fbks3C/855SZLd2V+RVe5Wz8q+0Jcb7/dWPxoFLQuFhyCetcl2e4FD0lBcMaa1+K
vGFHgXmw+HuvA+CuV9eRPJ59efl8zg823YiblBz+T9CjFGet9dcOpnyiuTFpigOQ
WVAWdB8baxHFgIoo4gug0SMfgM32XbN9REWNL1kGY4UOHvd/X7SLGrwTGCot5wQ0
u8MXjA1qF+dVRu00GcRd+mdQtbKHqKrzXgDL0VrZ1U4aHViPhQJ98mNenn6e
-----END CERTIFICATE-----
Generated at Thu May 2 23:06:31 2024 by rpki-client on console-fra.rpki-client.org