Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/y_QomMEL04zbN99hSlDui5930sU.roa
File: y_QomMEL04zbN99hSlDui5930sU.roa (raw, json)
Hash identifier: Hg/KqdtRkLvjDgSvnZVTWjhrUHI7JRNroqG3oqb4D0M=
Subject key identifier: CB:F4:28:98:C1:0B:D3:8C:DB:37:DF:61:4A:50:EE:8B:9F:77:D2:C5
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018CC3B6C376801427D79A8CA87D18989386
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/y_QomMEL04zbN99hSlDui5930sU.roa
Signing time: Mon 01 Jan 2024 06:29:43 +0000
ROA not before: Mon 01 Jan 2024 06:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43624
IP address blocks: 193.43.147.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c3:76:80:14:27:d7:9a:8c:a8:7d:18:98:93:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 06:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbf42898c10bd38cdb37df614a50ee8b9f77d2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:32:56:7a:5c:66:55:a6:1b:2a:1d:3e:9c:96:
cc:a9:43:05:8b:88:ea:dd:21:7f:b2:aa:1e:b8:36:
0f:23:81:59:68:a0:75:73:a4:8a:b0:c2:e2:bc:4d:
fc:8b:bf:09:70:8e:9b:6a:82:8b:99:53:00:40:10:
57:2f:87:79:57:56:d5:36:b6:fe:f3:34:e8:9a:06:
a5:17:6d:35:c0:fb:73:16:93:46:46:92:04:a5:b5:
0c:3f:cb:6f:6a:78:7c:69:4c:a8:19:62:12:d7:44:
7f:b5:79:3a:21:2a:5d:ba:c1:f3:03:e7:1a:c5:d3:
32:f5:0b:4b:1f:57:28:25:02:9f:04:dc:d0:2f:43:
89:96:0d:5c:21:77:4f:10:59:19:e1:d2:53:62:0f:
d7:12:ef:41:c5:c9:52:fd:9f:3c:d3:8d:dd:86:e3:
ca:73:c0:67:cc:bf:a8:37:c6:b1:fd:cd:c3:44:d1:
f2:bf:38:91:0d:1f:c0:54:c3:e6:69:eb:f0:09:dc:
21:90:2b:3c:45:52:2f:b1:d2:46:4d:b0:23:10:0c:
0e:8d:dd:70:80:64:48:17:43:76:dd:b2:b4:22:d3:
b3:13:b7:5e:39:30:21:30:ee:89:ed:6c:49:49:74:
3c:24:9a:66:a0:45:7e:a6:1a:ef:7c:f9:f7:1b:c6:
7f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F4:28:98:C1:0B:D3:8C:DB:37:DF:61:4A:50:EE:8B:9F:77:D2:C5
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/y_QomMEL04zbN99hSlDui5930sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.166.0/24
193.43.147.0/24
193.46.57.0/24
193.57.137.0/24
Signature Algorithm: sha256WithRSAEncryption
e8:c1:fe:93:5f:88:24:29:21:0c:2d:df:78:1d:bd:4d:7c:94:
a8:8f:7e:d1:be:26:41:38:0d:7d:07:b9:8a:31:b5:55:66:e9:
a5:e5:db:d0:7f:95:75:fc:40:ab:bd:bf:19:06:55:35:27:5b:
c7:29:b0:8a:48:75:8d:43:e0:dd:07:d9:eb:bb:17:79:22:65:
01:a2:ef:d6:60:a7:4f:67:67:ec:7a:3e:e7:e6:f0:e6:fb:f0:
04:b5:92:05:d0:9d:0d:ae:7f:6e:8b:fa:ab:98:ba:b0:0e:3f:
3c:b9:c6:3a:65:d3:fc:c3:b3:a5:69:88:d0:fe:37:c2:a0:93:
4e:26:7e:24:74:2e:89:80:b1:a9:ef:fb:19:e2:82:40:ea:83:
b7:d3:af:1b:d0:13:0e:49:99:c3:71:e7:7c:1b:7c:f0:a1:c3:
d7:3c:61:8c:7b:39:d8:0c:48:13:59:b9:5a:b0:f4:be:56:40:
40:98:0a:90:60:af:25:b5:15:b2:ee:b2:69:1f:64:47:02:b2:
07:9a:fa:44:23:97:a7:6e:34:49:db:c9:b3:70:2e:89:bd:1b:
da:7d:53:de:28:21:eb:1b:44:41:3c:4f:a3:7f:59:ef:66:c0:
d1:c5:4c:70:9d:8e:cf:1c:b3:bf:36:81:f2:e2:ba:bb:5c:3c:
ed:4d:a5:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDtsN2gBQn15qMqH0YmJOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMTAxMDYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY0Mjg5OGMxMGJkMzhjZGIzN2RmNjE0YTUwZWU4YjlmNzdkMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDJWelxmVaYbKh0+nJbMqUMFi4jq
3SF/sqoeuDYPI4FZaKB1c6SKsMLivE38i78JcI6baoKLmVMAQBBXL4d5V1bVNrb+
8zTomgalF201wPtzFpNGRpIEpbUMP8tvanh8aUyoGWIS10R/tXk6ISpdusHzA+ca
xdMy9QtLH1coJQKfBNzQL0OJlg1cIXdPEFkZ4dJTYg/XEu9BxclS/Z88043dhuPK
c8BnzL+oN8ax/c3DRNHyvziRDR/AVMPmaevwCdwhkCs8RVIvsdJGTbAjEAwOjd1w
gGRIF0N23bK0ItOzE7deOTAhMO6J7WxJSXQ8JJpmoEV+phrvfPn3G8Z/ywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMv0KJjBC9OM2zffYUpQ7oufd9LFMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEveV9Rb21NRUwwNHpiTjk5aFNsRHVpNTkzMHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXbmmAwQA
wSuTAwQAwS45AwQAwTmJMA0GCSqGSIb3DQEBCwUAA4IBAQDowf6TX4gkKSEMLd94
Hb1NfJSoj37RviZBOA19B7mKMbVVZuml5dvQf5V1/ECrvb8ZBlU1J1vHKbCKSHWN
Q+DdB9nruxd5ImUBou/WYKdPZ2fsej7n5vDm+/AEtZIF0J0Nrn9ui/qrmLqwDj88
ucY6ZdP8w7OlaYjQ/jfCoJNOJn4kdC6JgLGp7/sZ4oJA6oO3068b0BMOSZnDced8
G3zwocPXPGGMeznYDEgTWblasPS+VkBAmAqQYK8ltRWy7rJpH2RHArIHmvpEI5en
bjRJ28mzcC6JvRvafVPeKCHrG0RBPE+jf1nvZsDRxUxwnY7PHLO/NoHy4rq7XDzt
TaUR
-----END CERTIFICATE-----
Generated at Sun May 19 09:39:32 2024 by rpki-client on console-fra.rpki-client.org