Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/9365e0-aec8-4384-9bd7-6c232ae7b5bd/1/b40urTfVsJryFJOrMggXV73yp9A.roa
File: b40urTfVsJryFJOrMggXV73yp9A.roa (raw, json)
Hash identifier: IX6IO9qYSeHZc2bJ4b2uojgMBmwDK+xARRYu0xLKY8E=
Subject key identifier: 6F:8D:2E:AD:37:D5:B0:9A:F2:14:93:AB:32:08:17:57:BD:F2:A7:D0
Certificate issuer: /CN=7c178f4e4b0e2c20e6a888020c8e6d029a293496
Certificate serial: 018CC94D28E99D84D6FAB02896E38C6996EC
Authority key identifier: 7C:17:8F:4E:4B:0E:2C:20:E6:A8:88:02:0C:8E:6D:02:9A:29:34:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fBePTksOLCDmqIgCDI5tApopNJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/9365e0-aec8-4384-9bd7-6c232ae7b5bd/1/b40urTfVsJryFJOrMggXV73yp9A.roa
Signing time: Tue 02 Jan 2024 08:32:06 +0000
ROA not before: Tue 02 Jan 2024 08:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 193.104.197.0/24 maxlen: 24
193.104.198.0/24 maxlen: 24
2a0f:9340:10::/48 maxlen: 48
2a0f:9340::/48 maxlen: 48
2a0f:9340:33::/48 maxlen: 48
2a0f:9340:11::/48 maxlen: 48
2a0f:9340:34::/48 maxlen: 48
2a0f:9340:1a::/48 maxlen: 48
2a0f:9340:32::/48 maxlen: 48
2a0f:9340:3d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/9365e0-aec8-4384-9bd7-6c232ae7b5bd/1/fBePTksOLCDmqIgCDI5tApopNJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/9365e0-aec8-4384-9bd7-6c232ae7b5bd/1/fBePTksOLCDmqIgCDI5tApopNJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fBePTksOLCDmqIgCDI5tApopNJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:28:e9:9d:84:d6:fa:b0:28:96:e3:8c:69:96:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c178f4e4b0e2c20e6a888020c8e6d029a293496
Validity
Not Before: Jan 2 08:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f8d2ead37d5b09af21493ab32081757bdf2a7d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:81:7d:14:07:39:ff:b3:09:5e:ce:23:cf:9d:
d3:f1:92:6d:ca:9c:81:d1:4d:48:60:37:c2:4d:fc:
56:be:23:b8:8e:78:da:9b:56:a0:fe:a6:0a:b5:55:
fc:11:77:6e:0c:10:7f:0d:c0:b4:eb:c8:8b:73:07:
b8:68:66:58:80:a5:31:78:b6:6e:93:9e:91:dd:20:
97:87:13:c4:1f:d0:29:a2:25:ef:ce:4c:d0:f5:bc:
d4:be:dc:73:ba:46:d8:d1:a5:ab:66:be:5e:ad:d9:
c8:35:97:21:7a:87:06:15:b1:98:82:18:91:3b:02:
fc:cf:1d:8a:55:ef:26:43:ca:78:14:9b:0f:72:5b:
d6:a7:67:b9:f9:d5:6f:d6:73:05:f1:b9:ca:8a:bf:
72:5d:78:41:a9:51:65:f5:f9:d9:bf:47:65:1e:94:
74:8d:d5:5c:0c:4d:95:79:9a:d9:a2:07:82:67:7f:
df:e9:48:8e:f7:3a:6a:5b:a7:8f:10:1f:7f:5c:27:
fa:03:f1:07:52:85:2d:ae:9a:a4:67:41:b3:50:da:
d9:b5:26:2e:2a:99:64:60:7f:30:e0:2c:c3:a8:36:
19:bd:fe:68:50:01:91:04:db:b3:c7:39:85:b9:9a:
ae:99:a6:49:3f:b3:dd:2a:c9:82:bb:f2:da:45:35:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8D:2E:AD:37:D5:B0:9A:F2:14:93:AB:32:08:17:57:BD:F2:A7:D0
X509v3 Authority Key Identifier:
keyid:7C:17:8F:4E:4B:0E:2C:20:E6:A8:88:02:0C:8E:6D:02:9A:29:34:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fBePTksOLCDmqIgCDI5tApopNJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9365e0-aec8-4384-9bd7-6c232ae7b5bd/1/b40urTfVsJryFJOrMggXV73yp9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9365e0-aec8-4384-9bd7-6c232ae7b5bd/1/fBePTksOLCDmqIgCDI5tApopNJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.197.0-193.104.198.255
IPv6:
2a0f:9340::/48
2a0f:9340:10::/47
2a0f:9340:1a::/48
2a0f:9340:32::-2a0f:9340:34:ffff:ffff:ffff:ffff:ffff
2a0f:9340:3d::/48
Signature Algorithm: sha256WithRSAEncryption
3d:28:ee:97:dc:22:5c:e0:d4:30:73:5e:cf:cb:4f:f8:79:f5:
16:20:6f:ea:18:d0:45:8b:89:31:f3:70:36:c6:d3:c2:5f:c3:
1e:e6:a8:a3:7e:32:53:85:88:2c:9b:9e:61:dd:84:07:09:62:
e8:c1:e4:38:68:2f:e6:cb:ca:aa:35:d2:46:ff:0c:a1:7c:e5:
76:98:3d:b0:0f:59:3a:33:3e:e5:00:98:04:75:de:37:2e:64:
3a:23:77:1f:9c:ba:c6:07:43:fb:59:7a:4e:a7:b4:34:50:c7:
58:fd:f0:26:b3:a5:1d:d8:62:4a:57:45:95:63:e0:30:f3:22:
05:1b:2f:af:08:97:34:84:86:10:ee:9e:6d:ca:24:c4:85:89:
05:be:25:cd:23:3c:8a:5a:18:f9:5a:77:7a:79:6a:62:fd:cc:
86:ec:82:ec:12:46:93:02:15:27:7a:6e:5e:8f:14:1f:af:dd:
1e:aa:38:76:d1:ef:8c:e4:b6:1d:7c:4a:5c:c5:1f:58:a8:30:
22:6d:85:da:b5:38:19:65:d6:db:a6:0e:c8:42:bf:4b:90:5a:
e3:4b:46:5b:3d:89:f4:ec:e1:e5:c5:7f:f9:3e:db:b5:34:63:
57:a7:ec:e8:33:dc:1d:8b:db:55:df:7d:05:d9:6a:8e:0f:b6:
6b:4c:f6:7b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzJTSjpnYTW+rAoluOMaZbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMTc4ZjRlNGIwZTJjMjBlNmE4ODgwMjBjOGU2ZDAyOWEy
OTM0OTYwHhcNMjQwMTAyMDgzMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhkMmVhZDM3ZDViMDlhZjIxNDkzYWIzMjA4MTc1N2JkZjJhN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoF9FAc5/7MJXs4jz53T8ZJtypyB
0U1IYDfCTfxWviO4jnjam1ag/qYKtVX8EXduDBB/DcC068iLcwe4aGZYgKUxeLZu
k56R3SCXhxPEH9ApoiXvzkzQ9bzUvtxzukbY0aWrZr5erdnINZcheocGFbGYghiR
OwL8zx2KVe8mQ8p4FJsPclvWp2e5+dVv1nMF8bnKir9yXXhBqVFl9fnZv0dlHpR0
jdVcDE2VeZrZogeCZ3/f6UiO9zpqW6ePEB9/XCf6A/EHUoUtrpqkZ0GzUNrZtSYu
KplkYH8w4CzDqDYZvf5oUAGRBNuzxzmFuZqumaZJP7PdKsmCu/LaRTUFSQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFG+NLq031bCa8hSTqzIIF1e98qfQMB8GA1UdIwQY
MBaAFHwXj05LDiwg5qiIAgyObQKaKTSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkJlUFRrc09MQ0RtcUlnQ0RJNXRBcG9wTkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My85MzY1ZTAtYWVjOC00Mzg0LTliZDct
NmMyMzJhZTdiNWJkLzEvYjQwdXJUZlZzSnJ5RkpPck1nZ1hWNzN5cDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My85MzY1ZTAtYWVjOC00Mzg0LTliZDctNmMyMzJhZTdiNWJk
LzEvZkJlUFRrc09MQ0RtcUlnQ0RJNXRBcG9wTkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAUBAIAATAOMAwDBADBaMUD
BADBaMYwPgQCAAIwOAMHACoPk0AAAAMHASoPk0AAEAMHACoPk0AAGjASAwcBKg+T
QAAyAwcAKg+TQAA0AwcAKg+TQAA9MA0GCSqGSIb3DQEBCwUAA4IBAQA9KO6X3CJc
4NQwc17Py0/4efUWIG/qGNBFi4kx83A2xtPCX8Me5qijfjJThYgsm55h3YQHCWLo
weQ4aC/my8qqNdJG/wyhfOV2mD2wD1k6Mz7lAJgEdd43LmQ6I3cfnLrGB0P7WXpO
p7Q0UMdY/fAms6Ud2GJKV0WVY+Aw8yIFGy+vCJc0hIYQ7p5tyiTEhYkFviXNIzyK
Whj5Wnd6eWpi/cyG7ILsEkaTAhUnem5ejxQfr90eqjh20e+M5LYdfEpcxR9YqDAi
bYXatTgZZdbbpg7IQr9LkFrjS0ZbPYn07OHlxX/5Ptu1NGNXp+zoM9wdi9tV330F
2WqOD7ZrTPZ7
-----END CERTIFICATE-----
Generated at Wed May 15 19:51:47 2024 by rpki-client on console-ams.rpki-client.org