Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/Io975BmUQk3Qw0nKQurW50mKevU.roa
File: Io975BmUQk3Qw0nKQurW50mKevU.roa (raw, json)
Hash identifier: 3bIUOxvIGMZBB/rdNS3zvduJbLOCovv5K2J83MqUD+8=
Subject key identifier: 22:8F:7B:E4:19:94:42:4D:D0:C3:49:CA:42:EA:D6:E7:49:8A:7A:F5
Certificate issuer: /CN=3e08834b3b2973909c0aaf5bb5d354b1c0e5ca3e
Certificate serial: 018F05E88D609DF4E67CBA24E6472E45F416
Authority key identifier: 3E:08:83:4B:3B:29:73:90:9C:0A:AF:5B:B5:D3:54:B1:C0:E5:CA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PgiDSzspc5CcCq9btdNUscDlyj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/Io975BmUQk3Qw0nKQurW50mKevU.roa
Signing time: Mon 22 Apr 2024 13:04:37 +0000
ROA not before: Mon 22 Apr 2024 13:04:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34600
IP address blocks: 193.29.254.0/24 maxlen: 24
193.30.1.0/24 maxlen: 24
193.30.2.0/24 maxlen: 24
193.30.5.0/24 maxlen: 24
2a0f:7c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/PgiDSzspc5CcCq9btdNUscDlyj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/PgiDSzspc5CcCq9btdNUscDlyj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PgiDSzspc5CcCq9btdNUscDlyj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:e8:8d:60:9d:f4:e6:7c:ba:24:e6:47:2e:45:f4:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e08834b3b2973909c0aaf5bb5d354b1c0e5ca3e
Validity
Not Before: Apr 22 13:04:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=228f7be41994424dd0c349ca42ead6e7498a7af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:de:b8:6f:2d:ac:04:8b:7e:65:4a:e7:15:1e:
70:cc:e5:b1:78:dc:ea:f5:ca:c5:b5:b5:b5:0c:d4:
c3:21:0d:6b:90:6c:04:dd:81:45:f9:5a:31:a9:c2:
eb:81:64:43:c5:23:00:1f:3d:ab:d5:a4:7e:3c:11:
b3:d0:db:00:87:b9:5d:e8:3e:28:a9:5b:06:33:95:
6c:9e:ea:f7:a5:bd:b7:58:99:60:f9:0c:0a:7b:6e:
6e:0f:1c:96:cf:5c:91:7b:d2:75:a3:e2:6f:c6:2f:
48:03:2b:4f:81:19:4c:cd:50:7f:0f:db:ac:86:6f:
4d:ad:f7:01:30:89:3b:17:5d:91:aa:04:3b:68:10:
83:91:15:7a:ee:15:7d:7f:eb:3e:23:5e:5b:50:3c:
45:1f:ac:3b:dc:61:fa:54:ea:4f:b3:86:4e:26:fe:
62:cd:60:b8:8c:a9:52:17:84:f6:18:95:9e:16:15:
19:1a:75:47:23:85:c1:c7:c5:af:d6:98:12:74:4c:
cf:8a:c3:c3:6d:9e:24:7a:ca:e5:39:28:d3:67:0d:
0a:16:e3:ad:de:b0:cd:6b:90:75:6e:87:38:62:b5:
c6:ab:fe:c4:b7:15:5f:a6:21:a3:2c:d6:dc:a9:f0:
be:d7:e7:e3:56:b2:a2:a7:1b:e4:a9:93:94:55:0e:
66:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8F:7B:E4:19:94:42:4D:D0:C3:49:CA:42:EA:D6:E7:49:8A:7A:F5
X509v3 Authority Key Identifier:
keyid:3E:08:83:4B:3B:29:73:90:9C:0A:AF:5B:B5:D3:54:B1:C0:E5:CA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PgiDSzspc5CcCq9btdNUscDlyj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/Io975BmUQk3Qw0nKQurW50mKevU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/PgiDSzspc5CcCq9btdNUscDlyj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.254.0/24
193.30.1.0-193.30.2.255
193.30.5.0/24
IPv6:
2a0f:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
92:5b:0e:a1:83:19:17:bc:62:36:26:c7:6c:ce:b0:7b:b1:a2:
bc:72:6c:4c:b3:77:e1:c6:35:c7:cf:c5:6d:ce:71:6b:fb:34:
9d:1e:0a:4b:50:5e:46:55:64:87:a9:32:57:ee:a5:5d:5e:6f:
cc:57:b2:d3:5c:8d:74:11:71:28:42:36:48:4f:ce:57:77:ac:
89:7f:28:10:15:d9:7b:9e:95:e5:73:e7:91:d8:e0:5a:6b:28:
37:3f:6c:e6:3b:2b:94:75:35:f5:0c:28:60:44:41:e2:a7:a6:
15:fd:bc:8c:da:5e:68:b4:01:5a:33:fc:7e:ee:26:ba:a9:20:
24:54:ef:df:70:31:b4:31:49:6e:b4:81:6d:99:aa:da:bd:65:
8f:cc:ee:65:7a:e7:3d:54:e8:71:5d:86:b9:f6:62:63:8c:84:
98:55:a4:35:f0:f7:80:fd:5a:b1:33:f9:90:e3:ad:87:0f:00:
22:0c:a1:b4:ee:ca:09:c5:18:51:db:7f:e1:ed:05:b6:ce:e8:
12:6b:26:ae:3e:60:9c:6c:ac:c8:2b:1c:db:a4:c9:0b:12:6f:
5b:0f:98:59:0c:dd:30:39:a2:64:31:82:d3:05:89:08:90:2d:
c8:5a:27:11:39:d5:be:a2:82:e9:54:c7:b9:6f:58:93:ab:77:
32:49:75:d6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY8F6I1gnfTmfLok5kcuRfQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMDg4MzRiM2IyOTczOTA5YzBhYWY1YmI1ZDM1NGIxYzBl
NWNhM2UwHhcNMjQwNDIyMTMwNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjhmN2JlNDE5OTQ0MjRkZDBjMzQ5Y2E0MmVhZDZlNzQ5OGE3YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN64by2sBIt+ZUrnFR5wzOWxeNzq
9crFtbW1DNTDIQ1rkGwE3YFF+VoxqcLrgWRDxSMAHz2r1aR+PBGz0NsAh7ld6D4o
qVsGM5Vsnur3pb23WJlg+QwKe25uDxyWz1yRe9J1o+Jvxi9IAytPgRlMzVB/D9us
hm9NrfcBMIk7F12RqgQ7aBCDkRV67hV9f+s+I15bUDxFH6w73GH6VOpPs4ZOJv5i
zWC4jKlSF4T2GJWeFhUZGnVHI4XBx8Wv1pgSdEzPisPDbZ4kesrlOSjTZw0KFuOt
3rDNa5B1boc4YrXGq/7EtxVfpiGjLNbcqfC+1+fjVrKipxvkqZOUVQ5mmwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCKPe+QZlEJN0MNJykLq1udJinr1MB8GA1UdIwQY
MBaAFD4Ig0s7KXOQnAqvW7XTVLHA5co+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdpRFN6c3BjNUNjQ3E5YnRkTlVzY0RseWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lZjAzYjMtNzQ3Mi00NmRlLTk1ODYt
ZmQ3Yjk3MzljYTI2LzEvSW85NzVCbVVRazNRdzBuS1F1clc1MG1LZXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lZjAzYjMtNzQ3Mi00NmRlLTk1ODYtZmQ3Yjk3MzljYTI2
LzEvUGdpRFN6c3BjNUNjQ3E5YnRkTlVzY0RseWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwR3+MAwD
BADBHgEDBADBHgIDBADBHgUwDQQCAAIwBwMFAyoPfEAwDQYJKoZIhvcNAQELBQAD
ggEBAJJbDqGDGRe8YjYmx2zOsHuxorxybEyzd+HGNcfPxW3OcWv7NJ0eCktQXkZV
ZIepMlfupV1eb8xXstNcjXQRcShCNkhPzld3rIl/KBAV2XueleVz55HY4FprKDc/
bOY7K5R1NfUMKGBEQeKnphX9vIzaXmi0AVoz/H7uJrqpICRU799wMbQxSW60gW2Z
qtq9ZY/M7mV65z1U6HFdhrn2YmOMhJhVpDXw94D9WrEz+ZDjrYcPACIMobTuygnF
GFHbf+HtBbbO6BJrJq4+YJxsrMgrHNukyQsSb1sPmFkM3TA5omQxgtMFiQiQLcha
JxE51b6igulUx7lvWJOrdzJJddY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:11:07 2024 by rpki-client on console-fra.rpki-client.org