Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/LcEF17YjhIHEcYBwcY7Ja5znrGc.roa
File: LcEF17YjhIHEcYBwcY7Ja5znrGc.roa (raw, json)
Hash identifier: 9tzxAz9s9LKYFlS94CLzeFvOSTZxrIXqbwmTOs0q0Zc=
Subject key identifier: 2D:C1:05:D7:B6:23:84:81:C4:71:80:70:71:8E:C9:6B:9C:E7:AC:67
Certificate issuer: /CN=6e489fe1c7e20a0b0c63842c45c16c57631785d3
Certificate serial: 018CC5DC23BABA606AC6379C2EE8FD23FEF6
Authority key identifier: 6E:48:9F:E1:C7:E2:0A:0B:0C:63:84:2C:45:C1:6C:57:63:17:85:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkif4cfiCgsMY4QsRcFsV2MXhdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/LcEF17YjhIHEcYBwcY7Ja5znrGc.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34958
IP address blocks: 193.43.215.0/24 maxlen: 24
193.189.147.0/24 maxlen: 24
2001:67c:25e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/bkif4cfiCgsMY4QsRcFsV2MXhdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/bkif4cfiCgsMY4QsRcFsV2MXhdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bkif4cfiCgsMY4QsRcFsV2MXhdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:23:ba:ba:60:6a:c6:37:9c:2e:e8:fd:23:fe:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e489fe1c7e20a0b0c63842c45c16c57631785d3
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dc105d7b6238481c4718070718ec96b9ce7ac67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:18:23:94:67:5a:c9:2c:50:e0:69:ce:65:ae:
cc:2e:08:89:25:b6:19:4c:d2:7c:60:5a:99:7e:bd:
06:e3:65:c0:45:18:be:b0:39:40:a4:a6:c1:04:9d:
c0:69:a3:a0:07:21:07:4a:ff:06:af:5d:d6:0e:4b:
c2:0a:fd:f1:c9:06:e3:59:37:58:4f:a7:8d:79:82:
d9:45:53:d1:7d:69:fa:9c:6a:14:a2:ac:d5:e4:1b:
12:08:fc:76:25:31:b6:44:fc:fd:14:c4:c8:fa:3d:
8a:0c:86:56:96:56:ff:0d:2e:c5:de:fc:50:43:a7:
28:ad:f0:d3:a2:f2:88:69:51:df:3b:d5:cb:7b:1b:
69:65:17:b7:03:57:de:ee:6f:61:11:bc:67:a9:99:
51:f1:a0:6a:5f:61:93:2c:08:9f:54:73:71:2c:5c:
99:31:5d:89:cb:30:b2:14:cc:75:41:e3:05:b1:c4:
22:ae:fc:a7:b5:42:69:1d:39:a1:a2:2a:05:80:a1:
68:5b:7b:b7:d0:3e:12:7e:a2:b2:22:42:1d:67:f7:
14:85:de:e3:df:0f:15:56:4b:91:f7:68:85:6f:06:
77:be:d3:5c:9e:25:9b:fe:2f:aa:ba:6f:ec:46:c1:
97:f2:cf:b0:c2:b0:dd:2c:98:b2:90:3e:a8:a3:13:
e8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C1:05:D7:B6:23:84:81:C4:71:80:70:71:8E:C9:6B:9C:E7:AC:67
X509v3 Authority Key Identifier:
keyid:6E:48:9F:E1:C7:E2:0A:0B:0C:63:84:2C:45:C1:6C:57:63:17:85:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkif4cfiCgsMY4QsRcFsV2MXhdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/LcEF17YjhIHEcYBwcY7Ja5znrGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/bkif4cfiCgsMY4QsRcFsV2MXhdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.215.0/24
193.189.147.0/24
IPv6:
2001:67c:25e8::/48
Signature Algorithm: sha256WithRSAEncryption
7e:c7:15:98:67:0c:56:57:17:ac:72:9f:3c:1e:52:c0:2e:38:
04:46:16:5f:08:d0:c0:56:50:fa:fc:be:4c:18:1d:ec:23:2a:
cc:5b:be:52:e9:e2:27:da:2a:36:1f:0e:d2:bf:19:4f:dd:77:
aa:64:d3:61:11:09:06:58:11:c0:06:5e:3d:ab:02:b9:53:a6:
86:24:58:e0:f4:cf:60:8b:2e:67:65:9d:23:56:ef:9e:a8:a3:
6b:ef:41:61:a2:da:3c:d4:96:f9:5b:a4:e6:79:3e:05:36:04:
d3:dd:80:af:dc:01:da:bc:6f:c9:df:d0:26:37:d8:66:9c:ea:
a2:4e:8c:42:8c:5e:93:8e:41:64:f0:9d:e5:cf:fa:fb:fa:62:
d7:80:7b:9d:63:5f:a6:5b:3f:d4:30:e1:b9:1b:b9:36:a1:b9:
b8:72:3b:cf:ea:9a:af:98:91:17:7a:2d:08:6f:d2:84:ca:5a:
75:eb:46:82:bd:95:82:40:48:14:fd:4e:90:8a:10:db:58:01:
f3:7f:78:83:08:c8:d1:cb:cb:8f:91:89:24:b6:83:fd:ff:62:
19:83:f7:46:8a:6f:53:82:f0:b2:d6:df:67:da:e7:a7:a6:96:
f9:8a:58:b7:1b:9c:82:15:40:8f:7b:44:04:5f:15:e8:59:83:
12:a2:bc:01
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3CO6umBqxjecLuj9I/72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDg5ZmUxYzdlMjBhMGIwYzYzODQyYzQ1YzE2YzU3NjMx
Nzg1ZDMwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGMxMDVkN2I2MjM4NDgxYzQ3MTgwNzA3MThlYzk2YjljZTdhYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxgjlGdaySxQ4GnOZa7MLgiJJbYZ
TNJ8YFqZfr0G42XARRi+sDlApKbBBJ3AaaOgByEHSv8Gr13WDkvCCv3xyQbjWTdY
T6eNeYLZRVPRfWn6nGoUoqzV5BsSCPx2JTG2RPz9FMTI+j2KDIZWllb/DS7F3vxQ
Q6corfDTovKIaVHfO9XLextpZRe3A1fe7m9hEbxnqZlR8aBqX2GTLAifVHNxLFyZ
MV2JyzCyFMx1QeMFscQirvyntUJpHTmhoioFgKFoW3u30D4SfqKyIkIdZ/cUhd7j
3w8VVkuR92iFbwZ3vtNcniWb/i+qum/sRsGX8s+wwrDdLJiykD6ooxPoNQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC3BBde2I4SBxHGAcHGOyWuc56xnMB8GA1UdIwQY
MBaAFG5In+HH4goLDGOELEXBbFdjF4XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtpZjRjZmlDZ3NNWTRRc1JjRnNWMk1YaGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9mODQxOTgtMmJkYi00NDdkLTg3MjIt
ZDg4NjkzMTE0OTlhLzEvTGNFRjE3WWpoSUhFY1lCd2NZN0phNXpuckdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9mODQxOTgtMmJkYi00NDdkLTg3MjItZDg4NjkzMTE0OTlh
LzEvYmtpZjRjZmlDZ3NNWTRRc1JjRnNWMk1YaGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwSvXAwQA
wb2TMA8EAgACMAkDBwAgAQZ8JegwDQYJKoZIhvcNAQELBQADggEBAH7HFZhnDFZX
F6xynzweUsAuOARGFl8I0MBWUPr8vkwYHewjKsxbvlLp4ifaKjYfDtK/GU/dd6pk
02ERCQZYEcAGXj2rArlTpoYkWOD0z2CLLmdlnSNW756oo2vvQWGi2jzUlvlbpOZ5
PgU2BNPdgK/cAdq8b8nf0CY32Gac6qJOjEKMXpOOQWTwneXP+vv6YteAe51jX6Zb
P9Qw4bkbuTahubhyO8/qmq+YkRd6LQhv0oTKWnXrRoK9lYJASBT9TpCKENtYAfN/
eIMIyNHLy4+RiSS2g/3/YhmD90aKb1OC8LLW32fa56emlvmKWLcbnIIVQI97RARf
FehZgxKivAE=
-----END CERTIFICATE-----
Generated at Wed Jun 19 17:41:38 2024 by rpki-client on console-fra.rpki-client.org