Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/316DO8hgulAuueGgb6KKI8WsLIQ.roa
File: 316DO8hgulAuueGgb6KKI8WsLIQ.roa (raw, json)
Hash identifier: LZWxX1V+i7hqSdb5bG20V0c8UH4/krVTwPZoPY8T1NM=
Subject key identifier: DF:5E:83:3B:C8:60:BA:50:2E:B9:E1:A0:6F:A2:8A:23:C5:AC:2C:84
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 018CC50132431854FCA1518218E17ABF2069
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/316DO8hgulAuueGgb6KKI8WsLIQ.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56410
IP address blocks: 193.120.164.0/23 maxlen: 23
193.120.55.0/24 maxlen: 24
194.125.118.0/24 maxlen: 24
193.120.22.0/24 maxlen: 24
193.120.40.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:32:43:18:54:fc:a1:51:82:18:e1:7a:bf:20:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df5e833bc860ba502eb9e1a06fa28a23c5ac2c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:33:84:b4:66:69:de:20:5d:f0:4d:a2:77:5f:
93:74:1f:5d:65:19:14:79:e9:a2:12:bd:bc:f0:39:
7b:b6:66:e8:53:a0:20:39:f2:9e:5c:e1:ab:83:78:
3c:4a:97:4f:50:86:14:5e:c8:f0:55:35:9c:10:01:
06:3b:66:bd:07:07:c9:49:b2:31:8a:b3:58:79:e0:
cc:d5:30:22:53:f8:df:b1:a4:55:19:2b:da:e0:ff:
75:50:34:c1:05:ba:d0:df:fd:07:ac:81:b2:55:85:
8a:4c:e5:e2:93:6e:61:42:6a:c5:b8:6f:82:80:df:
b9:b5:21:60:9e:73:05:dd:e9:93:56:0c:0e:d6:09:
2a:2a:45:e5:48:3d:b7:4c:33:b8:5b:c2:d9:6d:ed:
1d:66:f7:24:b3:48:d3:79:d6:18:c2:09:2e:33:15:
a5:77:aa:82:31:10:b2:90:ae:9b:70:49:3d:ee:a0:
eb:3c:07:35:04:e3:09:58:1c:12:ce:71:82:f2:dd:
c6:bc:5c:2d:68:fe:65:c1:65:a4:35:78:f7:69:57:
b8:53:c5:49:05:06:c5:4f:b9:ff:44:8c:d4:15:35:
79:12:2c:39:c6:41:e0:d7:6b:99:e7:37:57:b7:6e:
b6:35:46:33:21:9f:ad:73:64:d7:17:5c:b7:44:26:
b4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5E:83:3B:C8:60:BA:50:2E:B9:E1:A0:6F:A2:8A:23:C5:AC:2C:84
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/316DO8hgulAuueGgb6KKI8WsLIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.120.22.0/24
193.120.40.0/23
193.120.55.0/24
193.120.164.0/23
194.125.118.0/24
Signature Algorithm: sha256WithRSAEncryption
61:f5:0d:ef:a0:70:33:1b:09:2c:d3:2c:3b:8e:92:80:2f:07:
47:ef:29:c7:e8:33:cc:17:b6:bd:2c:57:6d:f5:8c:92:56:16:
ea:11:7d:f8:5e:14:08:02:81:1c:8c:d1:c4:1b:29:99:4e:25:
ce:ad:dc:c5:91:8a:06:6a:c4:6e:d2:8e:d5:88:c0:b0:21:6a:
cc:bc:5c:36:ba:68:08:3e:09:50:d9:1e:c3:52:6b:18:46:39:
93:d9:a3:86:47:b2:e4:9f:31:6d:3c:bb:9f:3c:0e:1b:d2:a2:
fa:00:de:b7:af:dd:30:c3:69:02:33:41:31:57:52:3c:4c:22:
13:2b:9a:4b:b9:a5:a5:27:04:b6:13:d9:79:6c:64:22:c1:a0:
20:0d:d1:50:74:31:f4:3e:83:79:42:0f:73:46:a6:72:5e:8c:
26:b6:4a:eb:8b:c4:b3:4c:2b:83:a5:17:22:4e:c3:02:d3:de:
ed:9d:b5:c7:98:08:40:fe:42:0a:6e:2d:c5:bd:97:7e:c7:18:
d0:24:4d:b1:6c:4d:53:b0:da:8f:51:0c:94:92:45:63:24:ee:
1e:a8:4e:97:ab:cf:2b:fa:ff:19:88:31:8b:e4:59:9f:f3:94:
ff:42:e7:83:9a:10:2a:17:d5:87:fc:e4:09:fc:3e:03:91:59:
55:65:10:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFATJDGFT8oVGCGOF6vyBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjVlODMzYmM4NjBiYTUwMmViOWUxYTA2ZmEyOGEyM2M1YWMyYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjOEtGZp3iBd8E2id1+TdB9dZRkU
eemiEr288Dl7tmboU6AgOfKeXOGrg3g8SpdPUIYUXsjwVTWcEAEGO2a9BwfJSbIx
irNYeeDM1TAiU/jfsaRVGSva4P91UDTBBbrQ3/0HrIGyVYWKTOXik25hQmrFuG+C
gN+5tSFgnnMF3emTVgwO1gkqKkXlSD23TDO4W8LZbe0dZvcks0jTedYYwgkuMxWl
d6qCMRCykK6bcEk97qDrPAc1BOMJWBwSznGC8t3GvFwtaP5lwWWkNXj3aVe4U8VJ
BQbFT7n/RIzUFTV5Eiw5xkHg12uZ5zdXt262NUYzIZ+tc2TXF1y3RCa0yQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN9egzvIYLpQLrnhoG+iiiPFrCyEMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvMzE2RE84aGd1bEF1dWVHZ2I2S0tJOFdzTElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXgWAwQB
wXgoAwQAwXg3AwQBwXikAwQAwn12MA0GCSqGSIb3DQEBCwUAA4IBAQBh9Q3voHAz
Gwks0yw7jpKALwdH7ynH6DPMF7a9LFdt9YySVhbqEX34XhQIAoEcjNHEGymZTiXO
rdzFkYoGasRu0o7ViMCwIWrMvFw2umgIPglQ2R7DUmsYRjmT2aOGR7LknzFtPLuf
PA4b0qL6AN63r90ww2kCM0ExV1I8TCITK5pLuaWlJwS2E9l5bGQiwaAgDdFQdDH0
PoN5Qg9zRqZyXowmtkrri8SzTCuDpRciTsMC097tnbXHmAhA/kIKbi3FvZd+xxjQ
JE2xbE1TsNqPUQyUkkVjJO4eqE6Xq88r+v8ZiDGL5Fmf85T/QueDmhAqF9WH/OQJ
/D4DkVlVZRA5
-----END CERTIFICATE-----
Generated at Tue May 28 22:57:44 2024 by rpki-client on console-fra.rpki-client.org