Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/kh0s0CIDLRKrxAkVDtjYE50Bpsc.roa
File: kh0s0CIDLRKrxAkVDtjYE50Bpsc.roa (raw, json)
Hash identifier: h3UFiNAvDRD9QwHV9jv5CP8JVrp9MyCgy9MnnhaLtls=
Subject key identifier: 92:1D:2C:D0:22:03:2D:12:AB:C4:09:15:0E:D8:D8:13:9D:01:A6:C7
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018CC5DC890C27F2B90C0BF89A0BBD8498CB
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/kh0s0CIDLRKrxAkVDtjYE50Bpsc.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53340
IP address blocks: 176.111.222.0/24 maxlen: 24
193.8.194.0/24 maxlen: 24
147.189.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 17:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:89:0c:27:f2:b9:0c:0b:f8:9a:0b:bd:84:98:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=921d2cd022032d12abc409150ed8d8139d01a6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:f9:a9:f8:87:07:a3:72:24:2e:e1:65:25:
b9:c6:4b:ec:ab:be:31:b5:46:0b:17:05:24:11:49:
5c:eb:b6:bb:77:69:ad:1d:2d:c7:89:41:8b:c9:b9:
a6:d4:90:f6:5d:69:26:75:76:f1:68:99:37:8a:3c:
fa:c2:90:a0:e8:13:1e:f2:31:3c:32:8d:d3:2b:33:
e6:93:14:de:ae:4f:5f:03:e8:05:16:8a:6f:5b:1f:
51:79:12:6f:07:6d:2b:54:14:33:78:62:fe:0d:cc:
1e:b5:e8:b6:f3:b1:70:46:d3:7f:f0:8d:c6:60:77:
de:2e:7a:ec:23:46:81:23:99:e7:4d:22:86:35:48:
39:43:83:dc:ff:00:07:db:4f:a7:f8:1a:7d:30:57:
1a:75:be:0c:6d:39:60:a1:64:b7:7a:a0:f9:49:7c:
f1:a7:ee:94:1f:3a:35:df:d4:5c:df:6e:b3:a8:7b:
78:2b:3f:c5:15:57:b1:4f:f7:29:b2:07:07:e4:5f:
24:a2:74:ee:81:ad:56:e2:ff:17:b0:95:c8:b5:16:
97:dd:31:4e:6b:e6:9b:01:18:f5:65:2b:3a:be:ba:
60:55:9b:95:8b:20:87:67:53:4e:20:b1:e7:11:6f:
56:84:fd:8e:08:dd:26:d8:4f:d9:71:ee:03:bf:32:
24:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1D:2C:D0:22:03:2D:12:AB:C4:09:15:0E:D8:D8:13:9D:01:A6:C7
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/kh0s0CIDLRKrxAkVDtjYE50Bpsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.133.0/24
176.111.222.0/24
193.8.194.0/24
Signature Algorithm: sha256WithRSAEncryption
05:3b:f5:2f:57:33:fa:84:54:94:07:29:fd:e1:2a:a5:e6:99:
1e:47:84:ff:fe:d7:75:d8:3e:0b:d7:e9:e1:f0:47:ae:e6:7c:
dc:3a:af:3c:62:52:35:69:71:1c:38:30:ab:aa:5d:9c:92:2a:
9a:e4:4b:00:0c:85:3b:64:f1:07:8e:ca:77:0b:a7:3e:f3:2d:
61:47:29:45:4d:40:72:ba:65:85:b8:db:28:d6:57:68:23:04:
06:41:de:66:e3:59:69:24:83:95:3b:bd:d2:f4:b3:96:fc:f1:
82:8f:49:b5:f0:28:70:b9:78:47:42:04:93:68:88:96:01:d5:
7a:90:0c:3c:56:b4:68:53:58:b4:b1:ee:82:21:bf:96:7a:92:
16:b1:05:2b:74:92:22:34:eb:cd:d5:5d:d4:b3:ec:5c:df:0d:
7e:b3:e7:fe:db:b2:72:3d:65:4e:1b:cb:69:29:68:48:4c:e0:
17:05:55:58:11:c7:f3:16:f9:36:93:57:2e:dd:3b:66:81:87:
99:eb:2c:87:07:7c:c6:10:d3:62:63:fc:bd:25:07:8a:81:73:
5e:c6:05:1c:f8:fc:7d:d6:d0:88:76:0e:03:1a:0b:64:00:6d:
e2:69:8d:b3:22:1a:4f:eb:49:94:5f:88:ea:13:73:21:2d:08:
8e:74:b5:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3IkMJ/K5DAv4mgu9hJjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFkMmNkMDIyMDMyZDEyYWJjNDA5MTUwZWQ4ZDgxMzlkMDFhNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8v5qfiHB6NyJC7hZSW5xkvsq74x
tUYLFwUkEUlc67a7d2mtHS3HiUGLybmm1JD2XWkmdXbxaJk3ijz6wpCg6BMe8jE8
Mo3TKzPmkxTerk9fA+gFFopvWx9ReRJvB20rVBQzeGL+Dcwetei287FwRtN/8I3G
YHfeLnrsI0aBI5nnTSKGNUg5Q4Pc/wAH20+n+Bp9MFcadb4MbTlgoWS3eqD5SXzx
p+6UHzo139Rc326zqHt4Kz/FFVexT/cpsgcH5F8konTuga1W4v8XsJXItRaX3TFO
a+abARj1ZSs6vrpgVZuViyCHZ1NOILHnEW9WhP2OCN0m2E/Zce4DvzIkjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJIdLNAiAy0Sq8QJFQ7Y2BOdAabHMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL2toMHMwQ0lETFJLcnhBa1ZEdGpZRTUwQnBzYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACTvYUD
BACwb94DBADBCMIwDQYJKoZIhvcNAQELBQADggEBAAU79S9XM/qEVJQHKf3hKqXm
mR5HhP/+13XYPgvX6eHwR67mfNw6rzxiUjVpcRw4MKuqXZySKprkSwAMhTtk8QeO
yncLpz7zLWFHKUVNQHK6ZYW42yjWV2gjBAZB3mbjWWkkg5U7vdL0s5b88YKPSbXw
KHC5eEdCBJNoiJYB1XqQDDxWtGhTWLSx7oIhv5Z6khaxBSt0kiI0683VXdSz7Fzf
DX6z5/7bsnI9ZU4by2kpaEhM4BcFVVgRx/MW+TaTVy7dO2aBh5nrLIcHfMYQ02Jj
/L0lB4qBc17GBRz4/H3W0Ih2DgMaC2QAbeJpjbMiGk/rSZRfiOoTcyEtCI50tds=
-----END CERTIFICATE-----
Generated at Wed May 1 02:38:08 2024 by rpki-client on console-fra.rpki-client.org