Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/b17c49-2c0b-40e4-b8f2-04a4557c4858/1/RwOMJxZGlKUf52-2VhDhTgffE7w.roa
File: RwOMJxZGlKUf52-2VhDhTgffE7w.roa (raw, json)
Hash identifier: jBCtRCqKHEvQ+hfKtXHRnTwR74/dHQDINfDr1CrRlTw=
Subject key identifier: 47:03:8C:27:16:46:94:A5:1F:E7:6F:B6:56:10:E1:4E:07:DF:13:BC
Certificate issuer: /CN=8eb045110c41edb25931f4a523c39dd4c941d718
Certificate serial: 018CC80148036F8B534CE91FC4F250729359
Authority key identifier: 8E:B0:45:11:0C:41:ED:B2:59:31:F4:A5:23:C3:9D:D4:C9:41:D7:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrBFEQxB7bJZMfSlI8Od1MlB1xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/b17c49-2c0b-40e4-b8f2-04a4557c4858/1/RwOMJxZGlKUf52-2VhDhTgffE7w.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197143
IP address blocks: 93.93.104.0/24 maxlen: 24
93.93.105.0/24 maxlen: 24
93.93.107.0/24 maxlen: 24
93.93.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/b17c49-2c0b-40e4-b8f2-04a4557c4858/1/jrBFEQxB7bJZMfSlI8Od1MlB1xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/b17c49-2c0b-40e4-b8f2-04a4557c4858/1/jrBFEQxB7bJZMfSlI8Od1MlB1xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrBFEQxB7bJZMfSlI8Od1MlB1xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:48:03:6f:8b:53:4c:e9:1f:c4:f2:50:72:93:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb045110c41edb25931f4a523c39dd4c941d718
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47038c27164694a51fe76fb65610e14e07df13bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b5:79:9c:74:eb:bc:0c:f1:13:29:4c:6c:5e:
e0:3a:57:8d:19:9c:27:3b:28:a5:10:e4:fd:72:fe:
b2:33:4b:46:f7:7f:36:98:32:14:55:5d:58:12:dd:
00:be:26:59:7c:1d:9c:55:1a:07:cb:98:b1:bb:e1:
4f:64:96:51:89:59:00:54:11:38:a6:f6:54:11:e1:
89:ad:6d:71:ff:46:7f:bf:0c:60:07:b1:e1:0f:f8:
91:00:90:e2:4c:1d:d1:32:5b:96:31:3a:bc:44:f6:
57:32:5c:e0:a5:14:66:89:54:3d:ea:56:96:42:f4:
69:87:8d:ec:22:c9:35:23:83:b4:b6:02:f8:e5:e9:
bf:b7:87:9e:71:34:c6:83:e4:f6:d7:19:04:f8:e6:
07:d5:d4:8f:3b:a1:75:1c:00:e6:d8:95:45:f2:bf:
f1:c1:f8:d6:40:f2:92:30:65:5e:b6:b3:72:25:a9:
d0:7d:18:5e:38:00:b5:dc:26:1e:31:fd:5e:cd:02:
90:04:cd:7b:a6:55:a0:d6:2b:85:cc:e6:f4:17:d2:
d4:3e:0c:2e:71:0d:ca:56:e9:38:64:0a:72:a8:49:
6e:c9:d4:fd:e3:43:ef:89:22:de:c6:2f:b7:e1:dc:
09:65:63:13:b6:02:b3:e3:d2:52:a7:f7:04:fc:1e:
c9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:03:8C:27:16:46:94:A5:1F:E7:6F:B6:56:10:E1:4E:07:DF:13:BC
X509v3 Authority Key Identifier:
keyid:8E:B0:45:11:0C:41:ED:B2:59:31:F4:A5:23:C3:9D:D4:C9:41:D7:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrBFEQxB7bJZMfSlI8Od1MlB1xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b17c49-2c0b-40e4-b8f2-04a4557c4858/1/RwOMJxZGlKUf52-2VhDhTgffE7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b17c49-2c0b-40e4-b8f2-04a4557c4858/1/jrBFEQxB7bJZMfSlI8Od1MlB1xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.104.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:10:25:e5:22:fc:4c:7b:a3:4a:4c:d8:eb:67:56:0a:0b:59:
fe:1b:a9:c6:51:c4:d4:0d:8a:55:62:41:d9:d6:6e:61:46:70:
6e:d7:21:2a:d0:d2:ab:a5:86:e5:64:81:13:9d:72:e4:0d:4a:
6b:0e:81:67:d9:59:63:4f:bd:a8:2b:d2:ee:79:ff:70:4c:45:
fe:67:4d:a9:97:39:a3:e7:38:2b:14:fe:b5:cb:92:53:38:3f:
3b:1d:7a:2a:4b:1a:ef:5c:0c:1b:f8:92:13:42:b7:97:6d:81:
e8:f2:6d:19:dd:d6:a2:c9:71:42:85:da:48:07:11:5f:6d:8d:
66:0d:4b:1e:a9:fd:b2:86:90:ae:c4:e1:36:cf:c4:77:84:6e:
15:5a:e5:88:61:84:7b:09:6c:0b:f4:9c:b6:f5:44:1d:f0:09:
b0:af:86:dd:c2:48:c7:9f:65:22:1d:a6:c9:77:11:33:aa:42:
64:c5:07:4d:73:b2:d4:fc:c0:fc:5d:ec:a9:c5:9e:a8:b6:84:
fa:e5:9d:8e:0e:66:8f:fe:43:b7:84:e4:13:21:58:d6:7b:d4:
9d:1a:79:45:89:76:c5:dc:8a:b8:76:a7:4d:57:98:d4:b4:08:
2a:a3:14:1b:4a:66:8b:38:ea:31:e7:b6:65:ce:d6:fc:b8:b3:
b0:38:7a:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAUgDb4tTTOkfxPJQcpNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjA0NTExMGM0MWVkYjI1OTMxZjRhNTIzYzM5ZGQ0Yzk0
MWQ3MTgwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAzOGMyNzE2NDY5NGE1MWZlNzZmYjY1NjEwZTE0ZTA3ZGYxM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirV5nHTrvAzxEylMbF7gOleNGZwn
OyilEOT9cv6yM0tG9382mDIUVV1YEt0AviZZfB2cVRoHy5ixu+FPZJZRiVkAVBE4
pvZUEeGJrW1x/0Z/vwxgB7HhD/iRAJDiTB3RMluWMTq8RPZXMlzgpRRmiVQ96laW
QvRph43sIsk1I4O0tgL45em/t4eecTTGg+T21xkE+OYH1dSPO6F1HADm2JVF8r/x
wfjWQPKSMGVetrNyJanQfRheOAC13CYeMf1ezQKQBM17plWg1iuFzOb0F9LUPgwu
cQ3KVuk4ZApyqEluydT940PviSLexi+34dwJZWMTtgKz49JSp/cE/B7JIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcDjCcWRpSlH+dvtlYQ4U4H3xO8MB8GA1UdIwQY
MBaAFI6wRREMQe2yWTH0pSPDndTJQdcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJCRkVReEI3YkpaTWZTbEk4T2QxTWxCMXhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iMTdjNDktMmMwYi00MGU0LWI4ZjIt
MDRhNDU1N2M0ODU4LzEvUndPTUp4WkdsS1VmNTItMlZoRGhUZ2ZmRTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iMTdjNDktMmMwYi00MGU0LWI4ZjItMDRhNDU1N2M0ODU4
LzEvanJCRkVReEI3YkpaTWZTbEk4T2QxTWxCMXhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXV1oMA0G
CSqGSIb3DQEBCwUAA4IBAQA9ECXlIvxMe6NKTNjrZ1YKC1n+G6nGUcTUDYpVYkHZ
1m5hRnBu1yEq0NKrpYblZIETnXLkDUprDoFn2VljT72oK9Luef9wTEX+Z02plzmj
5zgrFP61y5JTOD87HXoqSxrvXAwb+JITQreXbYHo8m0Z3daiyXFChdpIBxFfbY1m
DUseqf2yhpCuxOE2z8R3hG4VWuWIYYR7CWwL9Jy29UQd8Amwr4bdwkjHn2UiHabJ
dxEzqkJkxQdNc7LU/MD8XeypxZ6otoT65Z2ODmaP/kO3hOQTIVjWe9SdGnlFiXbF
3Iq4dqdNV5jUtAgqoxQbSmaLOOox57Zlztb8uLOwOHow
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:56:16 2024 by rpki-client on console-fra.rpki-client.org