Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/hpZf2gK_uzIhqzYhXBcHrC5bTyU.roa
File: hpZf2gK_uzIhqzYhXBcHrC5bTyU.roa (raw, json)
Hash identifier: TNZWb/7GxCXh9F6ccne3FQXpAWfPmhT1fnH7FLD1WaU=
Subject key identifier: 86:96:5F:DA:02:BF:BB:32:21:AB:36:21:5C:17:07:AC:2E:5B:4F:25
Certificate issuer: /CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Certificate serial: 018CC492336DA6832E59A3A4C0ECF8E4F46F
Authority key identifier: 31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/hpZf2gK_uzIhqzYhXBcHrC5bTyU.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203384
IP address blocks: 193.223.224.0/20 maxlen: 24
193.73.106.0/23 maxlen: 24
193.223.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:33:6d:a6:83:2e:59:a3:a4:c0:ec:f8:e4:f4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86965fda02bfbb3221ab36215c1707ac2e5b4f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d8:f5:38:99:f3:59:08:f4:57:f7:fc:48:e7:
b0:f2:11:96:85:f4:77:84:9d:22:9d:1d:92:eb:c6:
d6:e6:20:bd:8c:42:a6:6e:eb:87:3d:bb:8c:8a:a6:
d2:19:c4:97:80:2f:9c:03:da:3d:bf:96:13:75:65:
92:59:c0:bf:cb:2b:45:22:b7:49:46:94:d6:dd:79:
84:33:ad:a7:ce:28:a5:68:22:89:80:46:e9:1c:d9:
51:83:09:4d:95:01:e1:76:fa:ef:4f:c0:a6:82:1b:
cc:8a:95:a3:08:0d:e7:cb:3c:51:51:51:22:20:e8:
9a:35:db:f6:68:1a:68:32:5f:57:bf:58:2a:61:e3:
b1:6b:7f:af:54:75:52:4d:ca:99:da:13:f3:2e:ec:
dc:5c:02:20:aa:b7:b3:98:3e:d4:8d:6f:bb:7f:89:
b9:66:3d:73:f6:71:1d:ee:93:7a:e2:64:b6:14:50:
87:60:9d:ec:8d:bb:5b:ad:9f:84:df:12:89:24:5b:
d7:27:72:e9:e3:f6:93:f9:52:6c:23:7b:06:d5:c7:
e8:12:20:45:f4:bf:e9:4b:8a:1c:99:54:0d:e7:0b:
db:34:f1:c3:42:cb:b3:a7:ed:aa:5c:da:95:10:dc:
6e:c8:95:10:83:1f:74:1b:5f:db:ce:3d:a0:d1:f2:
22:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:96:5F:DA:02:BF:BB:32:21:AB:36:21:5C:17:07:AC:2E:5B:4F:25
X509v3 Authority Key Identifier:
keyid:31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/hpZf2gK_uzIhqzYhXBcHrC5bTyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.73.106.0/23
193.223.192.0/20
193.223.224.0/20
Signature Algorithm: sha256WithRSAEncryption
78:f7:3d:6c:50:4c:1e:42:ea:9a:44:48:02:45:fb:58:6a:63:
ca:ae:bf:e0:a7:47:77:04:be:fc:19:b2:54:ee:9c:e2:1d:a0:
09:05:62:ef:86:6a:8a:4d:b8:7a:4d:5b:8f:cf:f8:31:8a:63:
f8:6a:85:78:68:f6:f1:1c:b0:e6:26:18:5e:79:8c:23:17:f5:
b9:f4:20:46:98:45:60:59:aa:54:19:9c:23:f5:7c:4a:d9:b5:
74:92:dc:7d:b2:6e:07:72:bb:84:5f:5e:95:0f:44:3b:89:34:
4d:99:5e:2b:c5:47:73:3e:7b:89:cf:7c:e2:f6:15:88:17:1c:
52:50:c2:5f:87:d2:96:ed:39:3d:00:3b:22:ce:b5:29:92:87:
3c:e4:d2:5f:2c:8e:dd:51:f9:d4:06:57:56:57:c3:9c:73:7e:
b2:48:fa:ff:19:b7:89:4a:67:d8:83:65:78:22:0a:43:04:92:
da:91:88:25:2c:10:40:fa:a5:f8:96:5e:4a:8d:81:72:87:fb:
02:c2:c0:84:0c:cf:ce:4c:f3:08:c3:12:e9:1e:b8:f3:73:de:
08:6a:2f:dd:11:6d:e1:6c:27:22:21:3c:98:75:65:b8:8e:b7:
cb:bb:37:ba:c4:e4:e5:3d:f6:fd:d0:56:8c:b3:1a:3f:fa:62:
5b:be:81:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEkjNtpoMuWaOkwOz45PRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYzZiYmFmNDA5ZjVmZDZkNzA5YzRkN2QyNDM0NGEyOTJh
M2NhYTUwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk2NWZkYTAyYmZiYjMyMjFhYjM2MjE1YzE3MDdhYzJlNWI0ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9j1OJnzWQj0V/f8SOew8hGWhfR3
hJ0inR2S68bW5iC9jEKmbuuHPbuMiqbSGcSXgC+cA9o9v5YTdWWSWcC/yytFIrdJ
RpTW3XmEM62nziilaCKJgEbpHNlRgwlNlQHhdvrvT8CmghvMipWjCA3nyzxRUVEi
IOiaNdv2aBpoMl9Xv1gqYeOxa3+vVHVSTcqZ2hPzLuzcXAIgqrezmD7UjW+7f4m5
Zj1z9nEd7pN64mS2FFCHYJ3sjbtbrZ+E3xKJJFvXJ3Lp4/aT+VJsI3sG1cfoEiBF
9L/pS4ocmVQN5wvbNPHDQsuzp+2qXNqVENxuyJUQgx90G1/bzj2g0fIinQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIaWX9oCv7syIas2IVwXB6wuW08lMB8GA1UdIwQY
MBaAFDHGu69An1/W1wnE19JDRKKSo8qlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMt
NDFjM2NmOTA4ZTk3LzEvaHBaZjJnS191eklocXpZaFhCY0hyQzViVHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMtNDFjM2NmOTA4ZTk3
LzEvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwUlqAwQE
wd/AAwQEwd/gMA0GCSqGSIb3DQEBCwUAA4IBAQB49z1sUEweQuqaREgCRftYamPK
rr/gp0d3BL78GbJU7pziHaAJBWLvhmqKTbh6TVuPz/gximP4aoV4aPbxHLDmJhhe
eYwjF/W59CBGmEVgWapUGZwj9XxK2bV0ktx9sm4HcruEX16VD0Q7iTRNmV4rxUdz
PnuJz3zi9hWIFxxSUMJfh9KW7Tk9ADsizrUpkoc85NJfLI7dUfnUBldWV8Occ36y
SPr/GbeJSmfYg2V4IgpDBJLakYglLBBA+qX4ll5KjYFyh/sCwsCEDM/OTPMIwxLp
Hrjzc94Iai/dEW3hbCciITyYdWW4jrfLuze6xOTlPfb90FaMsxo/+mJbvoFt
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:31:52 2024 by rpki-client on console-ams.rpki-client.org