Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/DQutm8gP_FJPU71qxECQQRl2FAI.roa
File: DQutm8gP_FJPU71qxECQQRl2FAI.roa (raw, json)
Hash identifier: k9FEK5Q+loLc5lNAObhQ1cvtfaA/MSBvx4CzAvEMqUU=
Subject key identifier: 0D:0B:AD:9B:C8:0F:FC:52:4F:53:BD:6A:C4:40:90:41:19:76:14:02
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 0192A4B6CF89BFCEEAD599F944AE755E223A
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/DQutm8gP_FJPU71qxECQQRl2FAI.roa
Signing time: Sat 19 Oct 2024 12:18:16 +0000
ROA not before: Sat 19 Oct 2024 12:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41717
IP address blocks: 193.242.106.0/24 maxlen: 32
193.242.109.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a4:b6:cf:89:bf:ce:ea:d5:99:f9:44:ae:75:5e:22:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Oct 19 12:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d0bad9bc80ffc524f53bd6ac440904119761402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:aa:51:85:cd:d7:46:e3:de:83:a2:b8:fd:
ee:ad:09:78:22:f0:17:69:a7:dc:42:90:c1:30:23:
89:a5:b6:82:19:26:9d:8b:ca:c4:0c:ee:47:42:fc:
12:32:c8:89:d7:11:9e:04:35:e9:e1:d9:8a:00:e9:
f8:ce:a1:8b:5a:ea:7d:4c:54:29:1a:c5:c5:68:64:
ff:e3:74:ae:3e:14:b7:ac:36:2c:59:2a:8d:5c:23:
47:3d:3d:4c:48:6d:d5:48:23:d2:f0:6c:dc:52:73:
32:ea:d0:78:3a:4b:28:22:7d:aa:19:44:74:ca:e4:
b9:3c:3f:36:78:65:59:6d:20:ba:27:82:08:c8:2c:
bc:0a:33:5e:2c:3f:e6:43:0a:7f:92:06:fd:1b:80:
c5:36:be:ae:4b:03:f5:bd:98:93:c4:80:d7:9d:e1:
21:c7:70:18:af:fe:af:1e:45:4c:f6:f0:b8:22:cb:
97:ee:eb:24:29:e7:0b:e6:40:41:69:d3:52:04:a4:
87:3c:6a:c5:ab:53:3e:dd:2b:b4:5d:d5:e4:ae:c0:
79:c3:ef:74:03:3d:7a:fb:7b:34:0b:66:27:0e:57:
25:74:bc:ce:c7:b5:3d:18:84:bd:63:31:e6:0e:41:
1a:31:34:41:df:85:cd:f2:ae:ff:77:61:d9:33:5a:
26:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0B:AD:9B:C8:0F:FC:52:4F:53:BD:6A:C4:40:90:41:19:76:14:02
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/DQutm8gP_FJPU71qxECQQRl2FAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.106.0/24
193.242.109.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f3:b6:bf:f6:a1:65:b9:fe:fb:20:53:7a:12:3c:dd:55:af:
1d:4a:45:2a:c7:3c:77:46:66:36:71:51:cc:24:6e:83:31:dc:
28:3a:23:43:57:3d:cc:db:09:52:a6:1d:6c:4e:9c:80:09:69:
31:6b:32:02:00:63:78:72:37:2b:0b:de:42:25:b5:e7:37:35:
7b:47:ee:de:0a:64:31:5b:ae:ad:d9:26:df:21:76:1b:03:3a:
2e:b6:df:71:1a:4e:61:1b:9b:d1:22:e1:6f:40:63:57:38:fa:
c4:e7:fd:fa:e7:d3:4f:f4:4c:bc:3c:d2:2a:dd:33:ff:56:aa:
d8:ad:f5:2c:d3:94:a3:4e:74:f0:95:b4:02:21:52:41:0a:2e:
ab:c3:a2:39:44:74:a1:5b:ba:f4:cd:ac:51:93:78:1a:f2:d6:
a5:5e:fd:fd:de:2a:05:2e:93:47:a4:27:d5:39:1f:72:74:2e:
e6:4d:47:00:be:a0:be:d9:2d:75:ab:66:13:54:77:be:1b:da:
c3:e1:1c:e7:36:63:ec:35:25:41:03:d7:ac:89:0a:79:52:33:
ad:37:58:a0:6d:44:38:26:59:0d:03:14:fd:71:ac:ea:ae:3b:
57:c5:f2:0d:c1:d5:46:53:10:80:8e:a2:94:04:3f:6a:d6:e1:
13:b6:05:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKkts+Jv87q1Zn5RK51XiI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjQxMDE5MTIxODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDBiYWQ5YmM4MGZmYzUyNGY1M2JkNmFjNDQwOTA0MTE5NzYxNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO6qUYXN10bj3oOiuP3urQl4IvAX
aafcQpDBMCOJpbaCGSadi8rEDO5HQvwSMsiJ1xGeBDXp4dmKAOn4zqGLWup9TFQp
GsXFaGT/43SuPhS3rDYsWSqNXCNHPT1MSG3VSCPS8GzcUnMy6tB4OksoIn2qGUR0
yuS5PD82eGVZbSC6J4IIyCy8CjNeLD/mQwp/kgb9G4DFNr6uSwP1vZiTxIDXneEh
x3AYr/6vHkVM9vC4IsuX7uskKecL5kBBadNSBKSHPGrFq1M+3Su0XdXkrsB5w+90
Az16+3s0C2YnDlcldLzOx7U9GIS9YzHmDkEaMTRB34XN8q7/d2HZM1om6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA0LrZvID/xST1O9asRAkEEZdhQCMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvRFF1dG04Z1BfRkpQVTcxcXhFQ1FRUmwyRkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwfJqAwQA
wfJtMA0GCSqGSIb3DQEBCwUAA4IBAQBD87a/9qFluf77IFN6EjzdVa8dSkUqxzx3
RmY2cVHMJG6DMdwoOiNDVz3M2wlSph1sTpyACWkxazICAGN4cjcrC95CJbXnNzV7
R+7eCmQxW66t2SbfIXYbAzoutt9xGk5hG5vRIuFvQGNXOPrE5/3659NP9Ey8PNIq
3TP/VqrYrfUs05SjTnTwlbQCIVJBCi6rw6I5RHShW7r0zaxRk3ga8talXv393ioF
LpNHpCfVOR9ydC7mTUcAvqC+2S11q2YTVHe+G9rD4RznNmPsNSVBA9esiQp5UjOt
N1igbUQ4JlkNAxT9cazqrjtXxfINwdVGUxCAjqKUBD9q1uETtgXm
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:49:11 2024 by rpki-client on console-ams.rpki-client.org