Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/p0ib2SvKlJH3hSyq7mGMIlTu1TM.roa
File: p0ib2SvKlJH3hSyq7mGMIlTu1TM.roa (raw, json)
Hash identifier: +mF0Oa0Q/q4eAgxQ2XvbH6COYaJ3P3u/YWsJq9lPsio=
Subject key identifier: A7:48:9B:D9:2B:CA:94:91:F7:85:2C:AA:EE:61:8C:22:54:EE:D5:33
Certificate issuer: /CN=8353accb94e10cf8c2c29679067ee39099f404d3
Certificate serial: 01920A9F0D9379E4BFB17D9135C90F8910A0
Authority key identifier: 83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/p0ib2SvKlJH3hSyq7mGMIlTu1TM.roa
Signing time: Thu 19 Sep 2024 14:10:48 +0000
ROA not before: Thu 19 Sep 2024 14:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210392
IP address blocks: 93.126.14.0/24 maxlen: 24
93.126.23.0/24 maxlen: 24
93.126.36.0/24 maxlen: 24
93.126.37.0/24 maxlen: 24
93.126.38.0/24 maxlen: 24
93.126.45.0/24 maxlen: 24
93.126.46.0/24 maxlen: 24
93.126.47.0/24 maxlen: 24
93.126.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:9f:0d:93:79:e4:bf:b1:7d:91:35:c9:0f:89:10:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8353accb94e10cf8c2c29679067ee39099f404d3
Validity
Not Before: Sep 19 14:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7489bd92bca9491f7852caaee618c2254eed533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:78:d6:d3:a3:52:65:09:5f:6b:00:f4:2b:d9:
a4:00:47:24:3f:af:d2:46:5a:c9:37:43:73:9f:1e:
ba:f9:ca:36:46:e4:b0:f9:6b:e2:03:ec:96:7f:d0:
88:7c:60:be:b7:ab:18:b6:24:fd:e2:43:50:44:96:
42:fe:a6:f2:2a:cd:f6:f1:37:fb:be:1a:3f:66:d5:
dd:f3:3f:e9:15:00:05:e5:83:7f:08:0c:61:5b:fa:
2c:54:53:4d:dc:27:35:53:2a:3a:52:34:37:4d:ed:
c7:22:c0:17:48:c1:55:11:32:04:05:5c:36:47:ba:
67:42:a2:76:40:13:5f:35:99:ac:ed:3d:a8:b4:6b:
cd:fc:b3:40:ef:fc:69:95:29:9b:04:7f:99:cd:ae:
3e:ba:31:60:22:84:a0:4b:9e:e0:e2:e5:09:12:3d:
02:2b:0e:3a:30:c3:93:01:19:13:ba:5f:1d:61:4c:
ec:d3:f0:ec:a9:a8:fe:fe:6b:dd:6e:44:29:35:9f:
e4:95:1d:e8:dd:8d:6a:e7:87:ae:e7:38:4d:18:e4:
d7:02:70:a0:a1:64:54:aa:87:a5:41:cf:96:1e:15:
87:aa:bf:93:0f:1e:67:f4:27:f0:ac:a4:cf:ce:56:
8b:2e:f3:74:01:9c:e2:98:9f:d7:84:4f:d0:8d:b8:
b0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:48:9B:D9:2B:CA:94:91:F7:85:2C:AA:EE:61:8C:22:54:EE:D5:33
X509v3 Authority Key Identifier:
keyid:83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/p0ib2SvKlJH3hSyq7mGMIlTu1TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.126.14.0/24
93.126.23.0/24
93.126.36.0-93.126.38.255
93.126.45.0-93.126.48.255
Signature Algorithm: sha256WithRSAEncryption
5e:39:25:36:09:23:82:14:51:73:e0:b0:86:40:fc:bd:11:63:
35:69:53:71:f4:32:2e:08:e5:98:7b:b0:0a:91:32:9c:7b:14:
84:39:70:a5:c0:66:31:84:86:26:f9:93:f9:16:e7:89:31:45:
28:a6:ce:2d:3a:a2:c3:55:b5:91:66:7f:5c:99:ae:d8:d6:51:
17:fc:12:d9:67:1d:ac:4e:df:0d:51:55:14:5c:30:23:7a:f8:
e8:46:c0:e5:17:48:5c:28:8d:00:f6:67:e6:7c:4b:18:93:78:
ed:bb:15:8f:73:f2:70:d6:7c:dc:2a:17:df:94:66:6a:cb:8a:
81:7d:83:e6:7c:3d:c2:4e:1b:7d:ad:36:f4:53:c8:e6:5e:6c:
99:c9:b4:46:e7:78:b0:13:9e:f1:fc:8c:da:ca:58:bb:16:01:
14:45:fa:b3:8a:82:4d:1e:6e:3d:90:0f:45:79:28:e1:6d:1a:
60:42:a4:03:91:e5:54:5d:3f:6a:0b:93:ed:bb:e7:27:0b:8f:
7c:eb:88:fe:4a:3c:c5:d9:f1:65:52:7a:33:2a:b3:22:b6:25:
c9:2b:f0:7d:3d:bf:b0:0c:5f:91:8e:4f:7d:20:df:40:f5:06:
49:b2:63:cf:f4:b0:ae:bf:19:ae:be:55:e2:62:0e:11:51:39:
76:61:5b:e7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZIKnw2TeeS/sX2RNckPiRCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNTNhY2NiOTRlMTBjZjhjMmMyOTY3OTA2N2VlMzkwOTlm
NDA0ZDMwHhcNMjQwOTE5MTQxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQ4OWJkOTJiY2E5NDkxZjc4NTJjYWFlZTYxOGMyMjU0ZWVkNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XjW06NSZQlfawD0K9mkAEckP6/S
RlrJN0Nznx66+co2RuSw+WviA+yWf9CIfGC+t6sYtiT94kNQRJZC/qbyKs328Tf7
vho/ZtXd8z/pFQAF5YN/CAxhW/osVFNN3Cc1Uyo6UjQ3Te3HIsAXSMFVETIEBVw2
R7pnQqJ2QBNfNZms7T2otGvN/LNA7/xplSmbBH+Zza4+ujFgIoSgS57g4uUJEj0C
Kw46MMOTARkTul8dYUzs0/Dsqaj+/mvdbkQpNZ/klR3o3Y1q54eu5zhNGOTXAnCg
oWRUqoelQc+WHhWHqr+TDx5n9CfwrKTPzlaLLvN0AZzimJ/XhE/QjbiwwQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKdIm9krypSR94Usqu5hjCJU7tUzMB8GA1UdIwQY
MBaAFINTrMuU4Qz4wsKWeQZ+45CZ9ATTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEt
NmMzOTUwMTk0MzcwLzEvcDBpYjJTdktsSkgzaFN5cTdtR01JbFR1MVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEtNmMzOTUwMTk0Mzcw
LzEvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAXX4OAwQA
XX4XMAwDBAJdfiQDBABdfiYwDAMEAF1+LQMEAF1+MDANBgkqhkiG9w0BAQsFAAOC
AQEAXjklNgkjghRRc+CwhkD8vRFjNWlTcfQyLgjlmHuwCpEynHsUhDlwpcBmMYSG
JvmT+RbniTFFKKbOLTqiw1W1kWZ/XJmu2NZRF/wS2WcdrE7fDVFVFFwwI3r46EbA
5RdIXCiNAPZn5nxLGJN47bsVj3PycNZ83CoX35RmasuKgX2D5nw9wk4bfa029FPI
5l5smcm0Rud4sBOe8fyM2spYuxYBFEX6s4qCTR5uPZAPRXko4W0aYEKkA5HlVF0/
aguT7bvnJwuPfOuI/ko8xdnxZVJ6MyqzIrYlySvwfT2/sAxfkY5PfSDfQPUGSbJj
z/Swrr8Zrr5V4mIOEVE5dmFb5w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:13 2024 by rpki-client on console-fra.rpki-client.org