Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1d44f2-1706-4bf1-b71d-74ca36402a85/1/Ck54AjRlRl33K1oiyv3ew7uIN6w.roa
File: Ck54AjRlRl33K1oiyv3ew7uIN6w.roa (raw, json)
Hash identifier: N8hyTPfN6u74M43pl+0WgF92nHgjV/aiPNyxSug5yJ0=
Subject key identifier: 0A:4E:78:02:34:65:46:5D:F7:2B:5A:22:CA:FD:DE:C3:BB:88:37:AC
Certificate issuer: /CN=44131ee936a6fa42ff3af0a6ae86c2c6653dd573
Certificate serial: 018CC56E3FFF25F7F739137050DCBF2D445B
Authority key identifier: 44:13:1E:E9:36:A6:FA:42:FF:3A:F0:A6:AE:86:C2:C6:65:3D:D5:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBMe6Tam-kL_OvCmrobCxmU91XM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1d44f2-1706-4bf1-b71d-74ca36402a85/1/Ck54AjRlRl33K1oiyv3ew7uIN6w.roa
Signing time: Mon 01 Jan 2024 14:29:46 +0000
ROA not before: Mon 01 Jan 2024 14:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60906
IP address blocks: 193.23.16.0/23 maxlen: 23
193.23.16.0/22 maxlen: 22
193.23.18.0/23 maxlen: 23
2a0f:5680:3::/48 maxlen: 48
2a0f:5680:1::/48 maxlen: 48
2a0f:5680::/32 maxlen: 32
2a0f:5680::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/1d44f2-1706-4bf1-b71d-74ca36402a85/1/RBMe6Tam-kL_OvCmrobCxmU91XM.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/1d44f2-1706-4bf1-b71d-74ca36402a85/1/RBMe6Tam-kL_OvCmrobCxmU91XM.mft
rsync://rpki.ripe.net/repository/DEFAULT/RBMe6Tam-kL_OvCmrobCxmU91XM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3f:ff:25:f7:f7:39:13:70:50:dc:bf:2d:44:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44131ee936a6fa42ff3af0a6ae86c2c6653dd573
Validity
Not Before: Jan 1 14:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a4e78023465465df72b5a22cafddec3bb8837ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:4e:02:9e:a9:dc:14:4b:d4:c1:2b:1e:e6:
c7:ca:ae:a9:e5:b9:ba:3a:7f:eb:f9:db:88:5c:4d:
fb:a5:39:d3:b6:3b:7e:70:a3:6d:bd:bc:5f:84:ed:
5b:91:62:c8:a6:0c:27:53:a9:64:e9:28:ea:6b:d3:
44:3c:7f:a4:fd:8b:68:2c:d9:88:85:d3:7e:e8:e6:
d5:6b:f0:c7:2f:c5:f1:19:1c:65:a8:09:c8:02:d2:
3c:cd:47:15:ed:0d:5e:1e:38:ab:c6:cd:9c:86:f1:
8c:fb:5f:cd:89:7b:3c:c5:4f:93:1e:0e:36:2d:a6:
76:34:67:5f:82:69:6d:09:62:e7:68:3e:32:23:9f:
64:4f:a0:43:20:e8:58:1d:12:7c:64:4d:f1:ec:e8:
39:2b:72:fe:23:0c:54:25:6a:64:6d:07:19:9e:54:
d1:bb:74:c8:d7:63:01:18:1f:01:b4:26:7c:d5:5a:
5f:46:e5:fa:74:16:c9:6c:5d:cc:86:11:bb:5e:1b:
15:80:d1:72:88:f8:56:ff:a4:b2:e9:ab:b6:03:4a:
b3:dd:90:b2:ec:fb:d2:b6:a1:02:60:18:73:12:ec:
50:e1:7f:98:d1:29:20:67:64:39:36:f2:e3:cf:8b:
c4:51:b1:96:1a:44:be:95:d4:9d:a1:84:f7:4e:1b:
94:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4E:78:02:34:65:46:5D:F7:2B:5A:22:CA:FD:DE:C3:BB:88:37:AC
X509v3 Authority Key Identifier:
keyid:44:13:1E:E9:36:A6:FA:42:FF:3A:F0:A6:AE:86:C2:C6:65:3D:D5:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBMe6Tam-kL_OvCmrobCxmU91XM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1d44f2-1706-4bf1-b71d-74ca36402a85/1/Ck54AjRlRl33K1oiyv3ew7uIN6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1d44f2-1706-4bf1-b71d-74ca36402a85/1/RBMe6Tam-kL_OvCmrobCxmU91XM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.16.0/22
IPv6:
2a0f:5680::/32
Signature Algorithm: sha256WithRSAEncryption
72:6e:94:5a:27:1f:94:d2:e6:d8:00:f8:a1:2f:21:9d:2e:5f:
5b:c0:3f:45:fc:20:5a:ef:9d:fa:46:4f:01:37:f2:5d:8b:d4:
47:03:c5:74:10:1e:b3:79:5d:0d:b6:43:62:bb:58:d6:dd:31:
7c:08:89:0e:6a:22:40:32:a2:17:6a:4c:5c:61:12:aa:62:66:
f0:bc:f4:09:7a:36:a0:1a:0b:e8:92:8d:26:82:2d:d5:9d:3f:
65:e9:87:41:cf:b8:49:f7:5e:e3:be:ab:13:3b:2a:e3:e2:26:
f2:f5:de:91:43:28:11:5d:d2:99:a1:0a:8e:ec:a3:5d:c4:0e:
b6:22:09:dd:d1:74:fe:bd:13:33:ec:48:06:8d:23:44:f1:93:
3f:d7:40:85:d8:77:9b:d9:a0:ca:c0:d0:32:b0:10:0e:a2:a2:
2f:bb:e1:b4:62:fd:49:05:8f:65:9e:c9:ee:61:03:78:81:e8:
b6:dc:0b:d2:e3:45:7a:12:e5:69:df:60:b2:27:ee:84:c0:b1:
77:e8:90:d0:83:18:00:39:58:87:58:fc:e4:91:5d:4e:e5:cd:
89:e2:69:68:7e:22:8b:2f:ba:20:e3:69:56:de:d0:86:40:52:
36:dc:54:59:7f:b2:a8:a6:ba:c9:43:a3:44:61:66:29:5d:95:
9b:e0:b9:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbj//Jff3ORNwUNy/LURbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MTMxZWU5MzZhNmZhNDJmZjNhZjBhNmFlODZjMmM2NjUz
ZGQ1NzMwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRlNzgwMjM0NjU0NjVkZjcyYjVhMjJjYWZkZGVjM2JiODgzN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNBOAp6p3BRL1MErHubHyq6p5bm6
On/r+duIXE37pTnTtjt+cKNtvbxfhO1bkWLIpgwnU6lk6Sjqa9NEPH+k/YtoLNmI
hdN+6ObVa/DHL8XxGRxlqAnIAtI8zUcV7Q1eHjirxs2chvGM+1/NiXs8xU+THg42
LaZ2NGdfgmltCWLnaD4yI59kT6BDIOhYHRJ8ZE3x7Og5K3L+IwxUJWpkbQcZnlTR
u3TI12MBGB8BtCZ81VpfRuX6dBbJbF3MhhG7XhsVgNFyiPhW/6Sy6au2A0qz3ZCy
7PvStqECYBhzEuxQ4X+Y0SkgZ2Q5NvLjz4vEUbGWGkS+ldSdoYT3ThuUyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFApOeAI0ZUZd9ytaIsr93sO7iDesMB8GA1UdIwQY
MBaAFEQTHuk2pvpC/zrwpq6GwsZlPdVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkJNZTZUYW0ta0xfT3ZDbXJvYkN4bVU5MVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZDQ0ZjItMTcwNi00YmYxLWI3MWQt
NzRjYTM2NDAyYTg1LzEvQ2s1NEFqUmxSbDMzSzFvaXl2M2V3N3VJTjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZDQ0ZjItMTcwNi00YmYxLWI3MWQtNzRjYTM2NDAyYTg1
LzEvUkJNZTZUYW0ta0xfT3ZDbXJvYkN4bVU5MVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwRcQMA0E
AgACMAcDBQAqD1aAMA0GCSqGSIb3DQEBCwUAA4IBAQBybpRaJx+U0ubYAPihLyGd
Ll9bwD9F/CBa7536Rk8BN/Jdi9RHA8V0EB6zeV0NtkNiu1jW3TF8CIkOaiJAMqIX
akxcYRKqYmbwvPQJejagGgvoko0mgi3VnT9l6YdBz7hJ917jvqsTOyrj4iby9d6R
QygRXdKZoQqO7KNdxA62Ignd0XT+vRMz7EgGjSNE8ZM/10CF2Heb2aDKwNAysBAO
oqIvu+G0Yv1JBY9lnsnuYQN4gei23AvS40V6EuVp32CyJ+6EwLF36JDQgxgAOViH
WPzkkV1O5c2J4mlofiKLL7og42lW3tCGQFI23FRZf7KoprrJQ6NEYWYpXZWb4Lmp
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:54 2024 by rpki-client on console-fra.rpki-client.org