Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/pmlz0FftOe0hobeQBtjEvXmuQmw.roa
File: pmlz0FftOe0hobeQBtjEvXmuQmw.roa (raw, json)
Hash identifier: zYcuqYag8lmLu51wNLrC3agstHpt5XI+Wkqd8MH3APY=
Subject key identifier: A6:69:73:D0:57:ED:39:ED:21:A1:B7:90:06:D8:C4:BD:79:AE:42:6C
Certificate issuer: /CN=b5026c9974092e220542401281f9bdfd356c2842
Certificate serial: 018CC8DEAE89641709B741A78296D7EAFA77
Authority key identifier: B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/pmlz0FftOe0hobeQBtjEvXmuQmw.roa
Signing time: Tue 02 Jan 2024 06:31:26 +0000
ROA not before: Tue 02 Jan 2024 06:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207925
IP address blocks: 193.143.226.0/24 maxlen: 24
2a10:8700::/32 maxlen: 32
2a10:8703::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ae:89:64:17:09:b7:41:a7:82:96:d7:ea:fa:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5026c9974092e220542401281f9bdfd356c2842
Validity
Not Before: Jan 2 06:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a66973d057ed39ed21a1b79006d8c4bd79ae426c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:cc:e7:5f:50:88:23:2b:a1:de:2a:a5:9d:
ab:b2:1c:4b:c2:f0:26:57:51:5c:67:6d:03:3f:25:
59:58:d3:0b:ca:d2:07:28:b9:ef:4d:6f:b2:5e:e3:
8e:02:24:4b:2c:6c:d9:e4:19:01:35:aa:12:10:a6:
fc:28:36:f8:44:9e:82:99:4c:c5:33:f9:43:b3:02:
dd:16:b3:66:29:65:5a:80:c4:1e:90:4d:d3:c9:b2:
7b:25:9e:ad:94:6f:38:47:b8:84:3f:25:25:64:f2:
6f:38:a4:d7:53:4a:e0:d3:af:13:62:6f:80:c0:90:
05:7c:eb:dc:ba:5c:db:68:22:4c:70:27:18:42:b4:
8e:da:fe:30:86:b8:a6:bd:49:68:f6:f7:ec:56:6c:
c6:2c:d0:2e:80:a5:4b:01:0b:62:aa:41:dc:aa:84:
6a:af:99:7a:9e:dc:7d:a4:9e:bd:b6:e7:ec:ea:da:
ae:da:8e:78:a4:e3:39:30:9e:df:2b:04:47:13:26:
4c:d5:e0:8b:23:9f:73:88:80:71:9d:99:ed:3c:2b:
e7:06:38:8b:5e:9f:d8:6a:47:53:3b:dc:76:9e:b2:
c9:78:f4:fd:62:cf:0d:b1:f1:ae:83:01:51:82:3c:
6d:b6:ab:2a:38:05:d4:6b:30:db:d0:1d:d8:ed:7b:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:69:73:D0:57:ED:39:ED:21:A1:B7:90:06:D8:C4:BD:79:AE:42:6C
X509v3 Authority Key Identifier:
keyid:B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/pmlz0FftOe0hobeQBtjEvXmuQmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.226.0/24
IPv6:
2a10:8700::/32
2a10:8703::/32
Signature Algorithm: sha256WithRSAEncryption
12:39:b8:ec:c9:7c:d2:e3:c5:75:8b:f3:30:16:0b:84:31:f6:
01:bf:2c:79:c5:43:24:26:15:56:6e:79:f1:ff:84:be:50:d1:
50:60:1f:5f:12:39:f6:7e:b6:6a:3d:32:5c:83:26:ea:9a:bd:
a2:0b:90:e6:56:3d:78:10:54:c1:f1:a2:d8:1f:a7:bc:b8:0f:
13:a1:bb:05:08:67:a2:0b:a1:18:b7:9c:ab:bf:7d:18:c1:86:
b6:c0:1f:79:41:c5:84:2d:97:06:f4:7b:11:ca:27:dd:33:60:
46:48:8a:3c:02:51:fe:fe:a9:4a:8e:04:ae:5f:f5:5d:6b:89:
b0:c2:58:42:e1:fb:a1:ad:f5:05:af:38:bb:6d:e8:5b:5f:41:
20:04:9f:d7:27:73:ac:5f:c5:3a:cf:60:1a:79:4a:4a:29:dd:
f2:ba:7e:70:2d:0f:8a:9b:5a:f7:99:80:cb:0d:22:f6:bb:be:
91:3b:79:03:80:a0:85:92:14:ad:fc:a4:6b:74:b4:ee:af:85:
be:d3:f8:75:44:a2:4b:d3:b2:5a:ef:0b:e2:7e:c5:2e:bb:f0:
d0:44:c0:5f:47:79:9d:bc:3e:cd:16:3a:68:91:df:73:7b:27:
04:50:11:f5:6a:fa:75:c1:5e:1f:90:44:6c:4d:b6:52:e8:ed:
bf:1a:53:80
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzI3q6JZBcJt0GngpbX6vp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDI2Yzk5NzQwOTJlMjIwNTQyNDAxMjgxZjliZGZkMzU2
YzI4NDIwHhcNMjQwMTAyMDYzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjY5NzNkMDU3ZWQzOWVkMjFhMWI3OTAwNmQ4YzRiZDc5YWU0MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOjM519QiCMrod4qpZ2rshxLwvAm
V1FcZ20DPyVZWNMLytIHKLnvTW+yXuOOAiRLLGzZ5BkBNaoSEKb8KDb4RJ6CmUzF
M/lDswLdFrNmKWVagMQekE3TybJ7JZ6tlG84R7iEPyUlZPJvOKTXU0rg068TYm+A
wJAFfOvculzbaCJMcCcYQrSO2v4whrimvUlo9vfsVmzGLNAugKVLAQtiqkHcqoRq
r5l6ntx9pJ69tufs6tqu2o54pOM5MJ7fKwRHEyZM1eCLI59ziIBxnZntPCvnBjiL
Xp/YakdTO9x2nrLJePT9Ys8NsfGugwFRgjxttqsqOAXUazDb0B3Y7XtFvQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKZpc9BX7TntIaG3kAbYxL15rkJsMB8GA1UdIwQY
MBaAFLUCbJl0CS4iBUJAEoH5vf01bChCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYt
ZWVhMjY3YTU4NDk0LzEvcG1sejBGZnRPZTBob2JlUUJ0akV2WG11UW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYtZWVhMjY3YTU4NDk0
LzEvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwY/iMBQE
AgACMA4DBQAqEIcAAwUAKhCHAzANBgkqhkiG9w0BAQsFAAOCAQEAEjm47Ml80uPF
dYvzMBYLhDH2Ab8secVDJCYVVm558f+EvlDRUGAfXxI59n62aj0yXIMm6pq9oguQ
5lY9eBBUwfGi2B+nvLgPE6G7BQhnoguhGLecq799GMGGtsAfeUHFhC2XBvR7Econ
3TNgRkiKPAJR/v6pSo4Erl/1XWuJsMJYQuH7oa31Ba84u23oW19BIASf1ydzrF/F
Os9gGnlKSind8rp+cC0Pipta95mAyw0i9ru+kTt5A4CghZIUrfyka3S07q+FvtP4
dUSiS9OyWu8L4n7FLrvw0ETAX0d5nbw+zRY6aJHfc3snBFAR9Wr6dcFeH5BEbE22
UujtvxpTgA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:55:43 2024 by rpki-client on console-fra.rpki-client.org