Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/ecc102-ad7e-4101-a727-58018a03330a/1/I0B5mByT9-HUWa1M-nJecjUhesU.roa
File: I0B5mByT9-HUWa1M-nJecjUhesU.roa (raw, json)
Hash identifier: cb/LXd5ZVD+QMrZk2SvoDDRSQa6TmVPrTxXaa25s1Fg=
Subject key identifier: 23:40:79:98:1C:93:F7:E1:D4:59:AD:4C:FA:72:5E:72:35:21:7A:C5
Certificate issuer: /CN=1ab8f8fbea49baf59fcec22e48a9fe2157d86483
Certificate serial: 018D46698FC1797C507596422472D03768DF
Authority key identifier: 1A:B8:F8:FB:EA:49:BA:F5:9F:CE:C2:2E:48:A9:FE:21:57:D8:64:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Grj4--pJuvWfzsIuSKn-IVfYZIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/ecc102-ad7e-4101-a727-58018a03330a/1/I0B5mByT9-HUWa1M-nJecjUhesU.roa
Signing time: Fri 26 Jan 2024 15:35:39 +0000
ROA not before: Fri 26 Jan 2024 15:35:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.104.169.0/24 maxlen: 24
195.200.230.0/23 maxlen: 23
2001:67c:b4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/ecc102-ad7e-4101-a727-58018a03330a/1/Grj4--pJuvWfzsIuSKn-IVfYZIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/ecc102-ad7e-4101-a727-58018a03330a/1/Grj4--pJuvWfzsIuSKn-IVfYZIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Grj4--pJuvWfzsIuSKn-IVfYZIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:69:8f:c1:79:7c:50:75:96:42:24:72:d0:37:68:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab8f8fbea49baf59fcec22e48a9fe2157d86483
Validity
Not Before: Jan 26 15:35:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=234079981c93f7e1d459ad4cfa725e7235217ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0a:eb:5d:40:2e:c8:d5:37:1d:85:b4:63:ec:
5d:12:91:18:38:2c:9a:1e:a0:d3:4e:64:27:41:e3:
a5:17:fa:a3:4c:71:68:0e:43:61:36:71:37:fe:d4:
23:e4:3d:51:e4:7f:51:7d:ff:d9:af:db:6d:ed:66:
37:61:07:6f:20:d9:6f:5d:81:72:84:50:2a:ef:f2:
b3:aa:c9:2f:5f:02:53:31:1a:e4:3a:d7:cc:9d:a3:
e6:c0:97:49:e0:06:52:c9:a0:0a:f0:dc:27:70:c7:
ab:29:73:ff:3d:df:18:e7:b5:94:b6:86:c0:d9:1f:
7f:15:e7:49:3c:ed:78:60:36:04:d5:31:1b:62:8f:
00:78:45:7d:bd:f5:5e:8e:64:86:e3:87:79:d3:52:
7e:05:31:fe:73:c4:32:92:83:7a:7b:6a:8e:97:2b:
ad:7b:9f:ba:6b:ae:9f:4b:8e:ad:71:73:3d:57:d7:
10:e6:5e:f1:ca:57:26:f3:e0:79:42:5d:4a:ab:6c:
d0:b6:8a:c5:5b:83:a6:9d:5a:c2:97:36:28:bf:0e:
01:8d:a9:e1:fc:9f:ff:e9:fc:9a:8e:3d:13:dc:7e:
28:63:b8:b3:6a:5e:b5:68:b5:67:1a:82:fb:b8:e5:
89:29:a3:0b:59:4c:68:ee:cf:f0:6c:f5:93:2a:3a:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:40:79:98:1C:93:F7:E1:D4:59:AD:4C:FA:72:5E:72:35:21:7A:C5
X509v3 Authority Key Identifier:
keyid:1A:B8:F8:FB:EA:49:BA:F5:9F:CE:C2:2E:48:A9:FE:21:57:D8:64:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Grj4--pJuvWfzsIuSKn-IVfYZIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/ecc102-ad7e-4101-a727-58018a03330a/1/I0B5mByT9-HUWa1M-nJecjUhesU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/ecc102-ad7e-4101-a727-58018a03330a/1/Grj4--pJuvWfzsIuSKn-IVfYZIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.169.0/24
195.200.230.0/23
IPv6:
2001:67c:b4::/48
Signature Algorithm: sha256WithRSAEncryption
67:c7:62:b7:7c:65:2c:da:7a:5d:7d:93:1a:0c:52:fc:57:ff:
49:ea:33:73:90:61:27:dd:bd:2e:ca:13:dc:b3:1a:69:4e:50:
63:f9:be:c1:cc:d1:37:6e:da:9c:57:03:a5:8f:9a:e8:31:66:
48:64:53:07:0d:e3:6e:97:3f:fc:2e:32:bb:e6:57:32:02:d8:
ad:02:ff:22:ef:75:38:81:e9:00:2e:7c:da:ac:f6:d0:b6:69:
09:1b:c3:97:ae:1e:fc:af:3e:03:da:3d:65:21:08:9d:5f:00:
47:2a:95:1d:09:c0:8d:cf:7c:78:70:07:01:de:12:80:de:4d:
d3:76:29:46:80:0a:f3:64:b2:f3:cc:e5:60:4a:d9:ce:fa:7f:
ec:de:d1:3a:d6:59:64:5e:66:34:91:2b:38:15:f0:93:77:c4:
f1:87:26:01:c7:88:22:2c:f7:59:b6:21:85:a3:86:bb:59:44:
d2:2c:0c:ac:5b:57:d6:74:08:c8:e4:2e:d5:04:1b:e8:e1:c3:
33:58:32:d1:75:6e:72:48:db:c0:27:c6:59:4f:ce:83:1f:37:
35:1d:b2:41:05:38:16:11:1d:98:96:86:9b:e4:df:ea:eb:99:
bf:e7:5d:d2:d7:f3:a0:a5:45:55:ee:42:e3:b8:5d:43:60:cd:
44:ac:39:c1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY1GaY/BeXxQdZZCJHLQN2jfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjhmOGZiZWE0OWJhZjU5ZmNlYzIyZTQ4YTlmZTIxNTdk
ODY0ODMwHhcNMjQwMTI2MTUzNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQwNzk5ODFjOTNmN2UxZDQ1OWFkNGNmYTcyNWU3MjM1MjE3YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQrrXUAuyNU3HYW0Y+xdEpEYOCya
HqDTTmQnQeOlF/qjTHFoDkNhNnE3/tQj5D1R5H9Rff/Zr9tt7WY3YQdvINlvXYFy
hFAq7/KzqskvXwJTMRrkOtfMnaPmwJdJ4AZSyaAK8NwncMerKXP/Pd8Y57WUtobA
2R9/FedJPO14YDYE1TEbYo8AeEV9vfVejmSG44d501J+BTH+c8QykoN6e2qOlyut
e5+6a66fS46tcXM9V9cQ5l7xylcm8+B5Ql1Kq2zQtorFW4OmnVrClzYovw4Bjanh
/J//6fyajj0T3H4oY7izal61aLVnGoL7uOWJKaMLWUxo7s/wbPWTKjqDdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCNAeZgck/fh1FmtTPpyXnI1IXrFMB8GA1UdIwQY
MBaAFBq4+PvqSbr1n87CLkip/iFX2GSDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JqNC0tcEp1dldmenNJdVNLbi1JVmZZWklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lY2MxMDItYWQ3ZS00MTAxLWE3Mjct
NTgwMThhMDMzMzBhLzEvSTBCNW1CeVQ5LUhVV2ExTS1uSmVjalVoZXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lY2MxMDItYWQ3ZS00MTAxLWE3MjctNTgwMThhMDMzMzBh
LzEvR3JqNC0tcEp1dldmenNJdVNLbi1JVmZZWklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWipAwQB
w8jmMA8EAgACMAkDBwAgAQZ8ALQwDQYJKoZIhvcNAQELBQADggEBAGfHYrd8ZSza
el19kxoMUvxX/0nqM3OQYSfdvS7KE9yzGmlOUGP5vsHM0Tdu2pxXA6WPmugxZkhk
UwcN426XP/wuMrvmVzIC2K0C/yLvdTiB6QAufNqs9tC2aQkbw5euHvyvPgPaPWUh
CJ1fAEcqlR0JwI3PfHhwBwHeEoDeTdN2KUaACvNksvPM5WBK2c76f+ze0TrWWWRe
ZjSRKzgV8JN3xPGHJgHHiCIs91m2IYWjhrtZRNIsDKxbV9Z0CMjkLtUEG+jhwzNY
MtF1bnJI28AnxllPzoMfNzUdskEFOBYRHZiWhpvk3+rrmb/nXdLX86ClRVXuQuO4
XUNgzUSsOcE=
-----END CERTIFICATE-----
Generated at Thu May 2 17:51:25 2024 by rpki-client on console-ams.rpki-client.org