Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/t17giY7UZmxS5rVS02ZMETU5Nh4.roa
File: t17giY7UZmxS5rVS02ZMETU5Nh4.roa (raw, json)
Hash identifier: edIMIL7YfBEDPE3/C8mCe/UEd75CPlBYXZwAJ9Ip2gI=
Subject key identifier: B7:5E:E0:89:8E:D4:66:6C:52:E6:B5:52:D3:66:4C:11:35:39:36:1E
Certificate issuer: /CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Certificate serial: 018CC6B8D9DC8E5108BA211C0C9FD8C0B0DC
Authority key identifier: 06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/t17giY7UZmxS5rVS02ZMETU5Nh4.roa
Signing time: Mon 01 Jan 2024 20:30:52 +0000
ROA not before: Mon 01 Jan 2024 20:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209830
IP address blocks: 193.135.120.0/22 maxlen: 22
193.141.24.0/24 maxlen: 24
193.141.23.0/24 maxlen: 24
2a09:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d9:dc:8e:51:08:ba:21:1c:0c:9f:d8:c0:b0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Validity
Not Before: Jan 1 20:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b75ee0898ed4666c52e6b552d3664c113539361e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dd:71:5b:54:48:1b:05:75:cb:a3:74:c6:09:
e9:a3:18:d3:69:12:74:54:5e:05:4d:87:5a:45:a6:
2c:69:34:62:81:81:21:94:41:63:6e:3f:ca:96:96:
bc:20:80:a9:0f:15:9e:c8:d6:c6:74:44:ad:f0:d1:
d8:67:bf:37:12:a4:bf:6e:12:ea:d7:e0:fc:49:c7:
e4:b2:5e:c7:13:e8:fe:bc:e1:4a:51:a2:65:1d:89:
4a:de:c7:a7:a5:41:1b:98:9a:18:62:8e:bc:ee:e1:
6a:04:c5:d5:49:54:f8:45:6b:e2:c3:f7:b6:00:89:
c9:c5:38:26:84:2e:98:ed:4b:b3:a3:e2:23:35:5d:
af:ad:b6:59:68:a8:d4:2a:a0:42:0e:c7:5b:d1:39:
f4:71:f9:a3:36:aa:ec:b7:06:c7:5a:19:cd:87:66:
64:c9:41:43:23:49:4d:46:8a:25:f8:ac:53:1d:f3:
17:d3:9b:2a:82:4b:da:54:6b:d4:aa:d0:4e:29:c1:
18:93:38:fa:7b:13:e6:20:1d:8b:c5:78:31:ef:f4:
0d:79:4d:aa:2f:d6:c3:8f:ee:da:26:12:de:88:02:
07:43:77:37:45:5a:2f:0d:a5:c5:8f:67:18:79:be:
c9:db:94:46:60:8b:06:41:2e:3b:cc:99:c1:35:fd:
9f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5E:E0:89:8E:D4:66:6C:52:E6:B5:52:D3:66:4C:11:35:39:36:1E
X509v3 Authority Key Identifier:
keyid:06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/t17giY7UZmxS5rVS02ZMETU5Nh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.120.0/22
193.141.23.0-193.141.24.255
IPv6:
2a09:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
82:b5:2d:9d:10:f6:84:a7:3b:17:9e:79:51:1d:3d:3a:03:5f:
f4:a4:d3:f9:3d:f7:d9:84:a7:0a:50:71:e9:60:fd:33:22:c2:
2a:47:45:0f:80:bb:2f:d0:72:c5:e4:8e:c3:4a:2a:b5:27:97:
60:24:07:3f:ea:56:14:36:eb:5e:c6:f5:60:d0:3c:6d:13:ab:
6e:a7:cf:af:42:33:8e:f0:00:7e:c3:75:e7:c1:d1:34:03:87:
f3:7b:54:30:b1:c4:5d:87:35:2c:9a:8d:14:51:ae:97:18:69:
57:d7:4d:fd:35:2a:6b:3d:30:28:a3:04:07:e4:35:4c:e7:db:
2f:2e:d6:69:8c:21:06:1a:82:2b:2b:a8:f6:a7:7c:63:fd:2a:
95:05:40:30:6f:94:6d:77:19:ce:91:d3:53:52:5b:10:ff:4d:
05:e9:24:ec:73:d4:55:c8:bd:12:b3:89:f0:31:f2:62:68:61:
ac:b6:ca:71:f2:3f:89:5f:f6:4a:ea:3a:30:b4:b8:bf:ed:00:
3b:bb:68:40:c8:66:c6:81:f2:86:7c:20:da:31:b0:b2:db:87:
bf:aa:c0:00:15:a3:cb:6e:eb:96:11:37:d0:c8:80:8b:f8:ec:
2c:f5:9f:bb:f8:46:aa:c1:4a:27:af:c5:f4:41:9e:d2:9c:14:
60:da:dc:3a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzGuNncjlEIuiEcDJ/YwLDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGRjZDBlZTcwMTRlZmIyZTNiNTU0ZmJiNzA2Mzg0ZWYx
MWQwNTEwHhcNMjQwMTAxMjAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzVlZTA4OThlZDQ2NjZjNTJlNmI1NTJkMzY2NGMxMTM1MzkzNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd1xW1RIGwV1y6N0xgnpoxjTaRJ0
VF4FTYdaRaYsaTRigYEhlEFjbj/Klpa8IICpDxWeyNbGdESt8NHYZ783EqS/bhLq
1+D8Scfksl7HE+j+vOFKUaJlHYlK3senpUEbmJoYYo687uFqBMXVSVT4RWviw/e2
AInJxTgmhC6Y7Uuzo+IjNV2vrbZZaKjUKqBCDsdb0Tn0cfmjNqrstwbHWhnNh2Zk
yUFDI0lNRool+KxTHfMX05sqgkvaVGvUqtBOKcEYkzj6exPmIB2LxXgx7/QNeU2q
L9bDj+7aJhLeiAIHQ3c3RVovDaXFj2cYeb7J25RGYIsGQS47zJnBNf2fxwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLde4ImO1GZsUua1UtNmTBE1OTYeMB8GA1UdIwQY
MBaAFAZNzQ7nAU77LjtVT7twY4TvEdBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTkt
ZmI0NzQwZmRhMjUwLzEvdDE3Z2lZN1VabXhTNXJWUzAyWk1FVFU1Tmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTktZmI0NzQwZmRhMjUw
LzEvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCwYd4MAwD
BADBjRcDBADBjRgwDQQCAAIwBwMFAyoJ+wAwDQYJKoZIhvcNAQELBQADggEBAIK1
LZ0Q9oSnOxeeeVEdPToDX/Sk0/k999mEpwpQcelg/TMiwipHRQ+Auy/QcsXkjsNK
KrUnl2AkBz/qVhQ2617G9WDQPG0Tq26nz69CM47wAH7DdefB0TQDh/N7VDCxxF2H
NSyajRRRrpcYaVfXTf01Kms9MCijBAfkNUzn2y8u1mmMIQYagisrqPanfGP9KpUF
QDBvlG13Gc6R01NSWxD/TQXpJOxz1FXIvRKzifAx8mJoYay2ynHyP4lf9krqOjC0
uL/tADu7aEDIZsaB8oZ8INoxsLLbh7+qwAAVo8tu65YRN9DIgIv47Cz1n7v4RqrB
SievxfRBntKcFGDa3Do=
-----END CERTIFICATE-----
Generated at Wed Jul 3 07:01:12 2024 by rpki-client on console-fra.rpki-client.org