Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1d8e80-33a8-4d55-a3d6-5ecdef2fb68d/1/D5Vhhkrb6Y1PcUS3oCiGBxJnSek.roa
File: D5Vhhkrb6Y1PcUS3oCiGBxJnSek.roa (raw, json)
Hash identifier: ZY6GDADxoXk5M7ALl5wbbWls2mX9cpSXI6+8O/hZHgo=
Subject key identifier: 0F:95:61:86:4A:DB:E9:8D:4F:71:44:B7:A0:28:86:07:12:67:49:E9
Certificate issuer: /CN=8fbc1063a6efb45e27b111e9207827c9f732502b
Certificate serial: 018CC86F3902FAF9CE1A2FE005BAFD25B813
Authority key identifier: 8F:BC:10:63:A6:EF:B4:5E:27:B1:11:E9:20:78:27:C9:F7:32:50:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7wQY6bvtF4nsRHpIHgnyfcyUCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/1d8e80-33a8-4d55-a3d6-5ecdef2fb68d/1/D5Vhhkrb6Y1PcUS3oCiGBxJnSek.roa
Signing time: Tue 02 Jan 2024 04:29:41 +0000
ROA not before: Tue 02 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29434
IP address blocks: 193.200.170.0/24 maxlen: 24
93.94.192.0/21 maxlen: 24
93.94.199.0/24 maxlen: 24
93.94.194.0/24 maxlen: 24
195.85.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/1d8e80-33a8-4d55-a3d6-5ecdef2fb68d/1/j7wQY6bvtF4nsRHpIHgnyfcyUCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/1d8e80-33a8-4d55-a3d6-5ecdef2fb68d/1/j7wQY6bvtF4nsRHpIHgnyfcyUCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/j7wQY6bvtF4nsRHpIHgnyfcyUCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Dec 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:39:02:fa:f9:ce:1a:2f:e0:05:ba:fd:25:b8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc1063a6efb45e27b111e9207827c9f732502b
Validity
Not Before: Jan 2 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9561864adbe98d4f7144b7a0288607126749e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:75:aa:a4:ba:6c:4e:ef:b4:15:e8:b6:f2:67:
77:f8:30:f5:12:53:2b:3d:0c:73:ea:59:94:ac:a7:
04:d1:38:75:a8:47:04:8b:1a:8f:02:ff:d8:d5:26:
55:fc:aa:35:4e:57:80:fe:1f:74:df:a1:ef:9a:1e:
ec:0c:9a:7d:65:7a:32:89:31:88:6c:2e:36:32:01:
65:6c:de:c1:18:b3:2e:6e:93:c9:33:a3:b2:03:d2:
e8:0e:92:38:e5:1b:31:40:49:be:f5:9c:e3:bd:cf:
de:f9:45:8c:74:d9:79:d6:5c:fc:21:ce:7b:a7:7f:
44:bf:2d:72:cf:7b:26:75:5c:9d:78:96:fe:fb:59:
e3:c0:a2:f2:08:59:c8:0a:f1:af:11:e5:29:d0:96:
05:56:27:ae:2b:23:2e:0b:45:7e:66:11:89:ab:36:
f8:5b:1d:62:41:33:91:b7:6a:4e:ca:be:81:f1:bf:
fc:a2:01:e0:17:66:b8:2c:6c:51:6e:39:b7:82:2e:
44:a8:8a:fb:c5:74:6e:8f:39:6c:a2:17:c8:78:09:
37:f6:70:57:36:2c:1a:e3:ad:cd:f6:7c:f5:83:44:
bc:63:51:c8:d6:80:23:62:19:dc:27:f6:1a:d9:96:
30:90:e2:17:21:24:59:4b:cc:41:38:24:fd:85:db:
36:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:95:61:86:4A:DB:E9:8D:4F:71:44:B7:A0:28:86:07:12:67:49:E9
X509v3 Authority Key Identifier:
keyid:8F:BC:10:63:A6:EF:B4:5E:27:B1:11:E9:20:78:27:C9:F7:32:50:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7wQY6bvtF4nsRHpIHgnyfcyUCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1d8e80-33a8-4d55-a3d6-5ecdef2fb68d/1/D5Vhhkrb6Y1PcUS3oCiGBxJnSek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1d8e80-33a8-4d55-a3d6-5ecdef2fb68d/1/j7wQY6bvtF4nsRHpIHgnyfcyUCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.192.0/21
193.200.170.0/24
195.85.255.0/24
Signature Algorithm: sha256WithRSAEncryption
03:05:35:6c:b7:c5:7e:11:e8:bc:6b:d4:c9:9d:37:10:e6:71:
1d:6c:11:93:23:e3:58:3d:4b:fb:d3:d0:b8:f4:29:54:62:f2:
38:68:3d:2c:c3:10:59:5f:e5:c6:48:c6:4a:2d:b2:8b:23:52:
33:47:fa:43:a2:dd:92:1d:d2:f6:65:5b:55:ed:39:76:69:12:
61:1d:8d:17:38:8a:dc:6d:f9:06:9b:0d:da:0f:a7:91:fe:bf:
a8:2b:d2:e2:f8:33:d2:03:11:91:f2:ac:f1:3d:b1:ac:bf:0a:
45:41:14:cd:fb:d4:17:f2:2c:2e:54:ff:0e:c1:b1:98:5a:a2:
09:58:17:81:92:be:0d:2b:e2:90:7a:6a:e6:19:20:2d:35:37:
78:61:2a:ac:7c:23:d2:5e:4d:8e:aa:64:f3:41:e1:f0:c0:8d:
0d:0e:ae:fe:f3:a9:c9:82:4e:1d:f9:64:66:0e:3e:75:8f:64:
01:67:0c:9b:26:80:16:a0:d6:db:43:df:56:f8:bc:f7:5a:3f:
5d:31:e2:b9:44:0f:d9:3b:58:80:4d:79:71:f3:a9:76:0b:8b:
4f:a1:c4:8c:68:5c:b1:36:01:6d:4b:10:bd:c7:5a:8f:69:df:
46:bf:23:c9:c8:f8:f4:98:ad:99:a3:f0:dc:de:15:34:58:cc:
da:8a:bb:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIbzkC+vnOGi/gBbr9JbgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmMxMDYzYTZlZmI0NWUyN2IxMTFlOTIwNzgyN2M5Zjcz
MjUwMmIwHhcNMjQwMTAyMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk1NjE4NjRhZGJlOThkNGY3MTQ0YjdhMDI4ODYwNzEyNjc0OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHWqpLpsTu+0Fei28md3+DD1ElMr
PQxz6lmUrKcE0Th1qEcEixqPAv/Y1SZV/Ko1TleA/h9036Hvmh7sDJp9ZXoyiTGI
bC42MgFlbN7BGLMubpPJM6OyA9LoDpI45RsxQEm+9Zzjvc/e+UWMdNl51lz8Ic57
p39Evy1yz3smdVydeJb++1njwKLyCFnICvGvEeUp0JYFVieuKyMuC0V+ZhGJqzb4
Wx1iQTORt2pOyr6B8b/8ogHgF2a4LGxRbjm3gi5EqIr7xXRujzlsohfIeAk39nBX
Niwa463N9nz1g0S8Y1HI1oAjYhncJ/Ya2ZYwkOIXISRZS8xBOCT9hds2yQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+VYYZK2+mNT3FEt6AohgcSZ0npMB8GA1UdIwQY
MBaAFI+8EGOm77ReJ7ER6SB4J8n3MlArMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd3UVk2YnZ0RjRuc1JIcElIZ255ZmN5VUNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xZDhlODAtMzNhOC00ZDU1LWEzZDYt
NWVjZGVmMmZiNjhkLzEvRDVWaGhrcmI2WTFQY1VTM29DaUdCeEpuU2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xZDhlODAtMzNhOC00ZDU1LWEzZDYtNWVjZGVmMmZiNjhk
LzEvajd3UVk2YnZ0RjRuc1JIcElIZ255ZmN5VUNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXV7AAwQA
wciqAwQAw1X/MA0GCSqGSIb3DQEBCwUAA4IBAQADBTVst8V+Eei8a9TJnTcQ5nEd
bBGTI+NYPUv709C49ClUYvI4aD0swxBZX+XGSMZKLbKLI1IzR/pDot2SHdL2ZVtV
7Tl2aRJhHY0XOIrcbfkGmw3aD6eR/r+oK9Li+DPSAxGR8qzxPbGsvwpFQRTN+9QX
8iwuVP8OwbGYWqIJWBeBkr4NK+KQemrmGSAtNTd4YSqsfCPSXk2OqmTzQeHwwI0N
Dq7+86nJgk4d+WRmDj51j2QBZwybJoAWoNbbQ99W+Lz3Wj9dMeK5RA/ZO1iATXlx
86l2C4tPocSMaFyxNgFtSxC9x1qPad9GvyPJyPj0mK2Zo/Dc3hU0WMzairuo
-----END CERTIFICATE-----
Generated at Wed Dec 4 08:47:46 2024 by rpki-client on console-fra.rpki-client.org