Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/ThympqO-FXtSNvlnHHkCvYq_czs.roa
File: ThympqO-FXtSNvlnHHkCvYq_czs.roa (raw, json)
Hash identifier: jWk1vm8ZqYujOh6J/QTbRzENegeibfvO+sLNBJDPhnU=
Subject key identifier: 4E:1C:A6:A6:A3:BE:15:7B:52:36:F9:67:1C:79:02:BD:8A:BF:73:3B
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 018CCA2B04BDB0A6E29CE73A9AA9D7E87F2F
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/ThympqO-FXtSNvlnHHkCvYq_czs.roa
Signing time: Tue 02 Jan 2024 12:34:26 +0000
ROA not before: Tue 02 Jan 2024 12:34:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199155
IP address blocks: 193.236.16.0/20 maxlen: 20
2001:697::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.mft
rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:04:bd:b0:a6:e2:9c:e7:3a:9a:a9:d7:e8:7f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 2 12:34:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e1ca6a6a3be157b5236f9671c7902bd8abf733b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7c:38:e2:05:1a:a5:c2:47:45:f3:05:a7:f5:
0a:f3:fa:90:cc:62:36:c8:1f:bf:80:a7:3f:44:6c:
64:01:89:61:a7:76:0f:0e:37:f7:15:87:95:6e:40:
b1:3c:24:ea:f2:ea:f9:3f:62:a3:08:32:1e:f9:27:
ab:29:98:fe:d0:41:39:b7:8d:3f:51:ae:5f:04:cd:
7f:9b:27:45:9c:db:fa:41:68:b8:55:1b:76:c6:66:
d7:48:f7:fc:49:99:db:59:38:55:48:7d:59:36:f5:
8e:b2:ed:64:4c:05:04:81:32:68:67:be:8d:ac:86:
ac:ea:ab:d5:61:7c:10:1c:88:d6:da:82:22:25:bc:
92:c2:c9:90:bc:0e:7e:ae:0c:8a:a9:61:a5:c3:4c:
64:5b:20:dc:86:5f:21:6c:a1:1d:06:76:8a:8a:15:
1a:c1:04:e4:13:70:50:dc:c4:ed:81:bd:19:0c:42:
7b:20:86:36:0a:80:2d:b8:bd:1e:16:44:8c:ab:b2:
bf:f2:99:2e:ed:4e:8a:4b:d6:8c:fd:12:70:12:96:
a6:c4:f4:b1:c7:8e:fd:2d:35:22:73:c3:32:94:d2:
76:72:50:21:3b:6c:15:d7:92:a4:19:8b:5d:d3:86:
3c:bc:80:7b:9d:45:85:ce:a0:55:08:b5:ca:b0:75:
e5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1C:A6:A6:A3:BE:15:7B:52:36:F9:67:1C:79:02:BD:8A:BF:73:3B
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/ThympqO-FXtSNvlnHHkCvYq_czs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.236.16.0/20
IPv6:
2001:697::/32
Signature Algorithm: sha256WithRSAEncryption
16:05:fe:3e:27:05:90:02:26:d0:3d:b3:d4:b6:37:e4:88:1a:
a0:fc:00:d4:7b:fa:97:01:9c:6b:cf:16:c8:55:74:81:a7:31:
c3:ef:f1:09:ff:d8:6f:b1:cd:49:12:6f:57:61:1b:a4:27:4f:
cf:5a:6c:f5:1e:8b:8a:f0:10:1d:54:9b:a4:09:71:8a:77:19:
ec:c9:9b:fa:8a:70:fb:f8:df:48:07:a2:70:8e:fe:23:17:6a:
d1:e0:61:df:1e:e1:37:33:e4:1c:5f:d7:c5:36:ca:35:94:86:
68:26:2f:2e:8b:77:cc:ea:ad:0a:d9:8f:c1:34:62:c0:82:3f:
b0:e8:1f:f3:29:0c:d5:e0:1d:eb:6a:93:ed:81:25:24:f6:71:
df:23:2e:20:e3:6a:46:de:96:89:04:80:3a:bc:88:2d:5d:9f:
98:fe:fe:06:43:78:9e:30:b5:de:83:50:e0:43:c6:2b:8c:b3:
12:50:95:5d:cc:ee:5f:2a:61:bb:3c:35:9d:0a:8e:c2:9d:83:
f6:3a:e5:cc:81:e9:8a:b3:b5:d0:1c:70:22:53:2e:e2:fd:5b:
10:1f:b6:07:3b:54:02:a1:c3:d0:70:70:02:66:b8:77:30:b1:
21:7f:01:8d:7b:66:26:1a:a8:da:2a:8e:4c:28:63:c3:d8:f5:
bb:ec:a7:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKwS9sKbinOc6mqnX6H8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjQwMTAyMTIzNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFjYTZhNmEzYmUxNTdiNTIzNmY5NjcxYzc5MDJiZDhhYmY3MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXw44gUapcJHRfMFp/UK8/qQzGI2
yB+/gKc/RGxkAYlhp3YPDjf3FYeVbkCxPCTq8ur5P2KjCDIe+SerKZj+0EE5t40/
Ua5fBM1/mydFnNv6QWi4VRt2xmbXSPf8SZnbWThVSH1ZNvWOsu1kTAUEgTJoZ76N
rIas6qvVYXwQHIjW2oIiJbySwsmQvA5+rgyKqWGlw0xkWyDchl8hbKEdBnaKihUa
wQTkE3BQ3MTtgb0ZDEJ7IIY2CoAtuL0eFkSMq7K/8pku7U6KS9aM/RJwEpamxPSx
x479LTUic8MylNJ2clAhO2wV15KkGYtd04Y8vIB7nUWFzqBVCLXKsHXl1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE4cpqajvhV7Ujb5Zxx5Ar2Kv3M7MB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvVGh5bXBxTy1GWHRTTnZsbkhIa0N2WXFfY3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwewQMA0E
AgACMAcDBQAgAQaXMA0GCSqGSIb3DQEBCwUAA4IBAQAWBf4+JwWQAibQPbPUtjfk
iBqg/ADUe/qXAZxrzxbIVXSBpzHD7/EJ/9hvsc1JEm9XYRukJ0/PWmz1HouK8BAd
VJukCXGKdxnsyZv6inD7+N9IB6Jwjv4jF2rR4GHfHuE3M+QcX9fFNso1lIZoJi8u
i3fM6q0K2Y/BNGLAgj+w6B/zKQzV4B3rapPtgSUk9nHfIy4g42pG3paJBIA6vIgt
XZ+Y/v4GQ3ieMLXeg1DgQ8YrjLMSUJVdzO5fKmG7PDWdCo7CnYP2OuXMgemKs7XQ
HHAiUy7i/VsQH7YHO1QCocPQcHACZrh3MLEhfwGNe2YmGqjaKo5MKGPD2PW77KfL
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:48 2024 by rpki-client on console-fra.rpki-client.org