Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/4bSnWZ2ImoeZKeRExyc35ba3rBU.roa
File: 4bSnWZ2ImoeZKeRExyc35ba3rBU.roa (raw, json)
Hash identifier: VsUTknZJnoUFsI9tOv6h3EHOK3+urwT8clXKjvg1KBg=
Subject key identifier: E1:B4:A7:59:9D:88:9A:87:99:29:E4:44:C7:27:37:E5:B6:B7:AC:15
Certificate issuer: /CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Certificate serial: 018CC64B4C3AD6BB357EE8677E6E1A212D49
Authority key identifier: 1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/4bSnWZ2ImoeZKeRExyc35ba3rBU.roa
Signing time: Mon 01 Jan 2024 18:31:12 +0000
ROA not before: Mon 01 Jan 2024 18:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198143
IP address blocks: 193.150.25.0/24 maxlen: 24
193.150.24.0/24 maxlen: 24
193.150.24.0/23 maxlen: 23
2001:67c:24a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.mft
rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:4c:3a:d6:bb:35:7e:e8:67:7e:6e:1a:21:2d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Validity
Not Before: Jan 1 18:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1b4a7599d889a879929e444c72737e5b6b7ac15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ba:b7:dc:67:1f:a2:1c:d0:71:38:67:09:e0:
28:10:50:3e:b7:d1:71:55:6a:d4:a7:96:0a:e7:2b:
a1:23:b3:a3:85:ae:d8:1a:c5:c5:d8:98:31:7f:67:
cb:a3:b5:6c:e0:7d:d5:97:10:5a:7b:83:91:dd:07:
ae:aa:81:5c:0e:c4:0b:bb:17:4d:c4:17:7e:4c:c5:
75:2c:95:47:7a:0a:9d:df:62:58:f4:3e:61:7c:b2:
3f:7e:9e:19:f5:d7:77:dd:fd:8b:57:80:77:12:d7:
3d:94:b4:cf:dc:a5:6b:6a:a1:4c:46:29:2f:88:6c:
37:72:3d:20:67:8c:c9:c8:1c:8e:75:98:44:35:b0:
07:49:00:1f:9e:9c:65:79:1e:b3:d4:c9:3c:4c:38:
0e:9e:0b:6d:ce:45:13:6c:ba:48:bd:aa:d5:59:c7:
c6:7c:ef:1f:3e:db:ff:e1:d2:35:9e:02:8d:43:5d:
cb:0f:5c:6e:cc:57:62:d4:a6:e9:1b:b6:6e:1c:26:
52:93:6b:22:ee:d8:03:d5:d4:41:76:37:af:bf:bb:
85:65:d8:de:1b:db:04:5a:76:7a:ff:00:e5:88:0e:
ee:16:8f:cb:41:ac:6e:c7:ce:ed:7e:a3:b5:09:d0:
1b:17:1f:17:b8:61:47:14:50:17:71:d3:f3:db:e4:
89:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B4:A7:59:9D:88:9A:87:99:29:E4:44:C7:27:37:E5:B6:B7:AC:15
X509v3 Authority Key Identifier:
keyid:1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/4bSnWZ2ImoeZKeRExyc35ba3rBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.24.0/23
IPv6:
2001:67c:24a0::/48
Signature Algorithm: sha256WithRSAEncryption
8f:f7:54:88:4c:75:6a:cb:68:bd:ec:ff:54:13:88:ba:e6:aa:
4a:42:96:95:13:5b:7e:7b:67:70:87:4a:5d:fa:5a:db:6b:a6:
01:50:89:ba:41:a5:7c:1d:17:b6:2c:18:d3:10:5e:23:c1:be:
66:4c:bc:0e:5c:2e:f4:40:4e:79:bd:b9:cd:bc:6d:5d:0d:27:
b7:33:a4:b8:9b:bc:4b:f5:36:ac:c4:03:f9:c8:c6:9e:95:b0:
c1:ba:25:ee:de:34:76:60:cf:36:75:27:1a:97:0d:d6:56:4c:
f8:f0:76:f1:d6:92:01:f2:36:25:14:e9:0c:6f:5d:16:09:4a:
b8:ea:a5:1c:7a:38:af:b8:22:4b:9f:f7:82:f7:d0:9c:f7:0d:
92:b6:24:16:7c:a7:4e:bc:1e:e3:b1:75:b1:73:59:3d:5c:f1:
f4:7b:a9:87:48:13:32:f0:15:b2:11:f2:49:1a:aa:ef:22:ac:
42:7a:9b:a9:3f:48:1b:04:18:e3:fb:0d:b5:74:b0:0a:5d:f6:
1c:75:0b:79:70:e7:e5:d9:99:2b:0b:33:3d:75:27:a5:a0:35:
8f:10:4a:16:29:c5:36:91:82:fc:47:c7:cd:d4:01:e2:eb:a5:
a6:cb:66:d6:88:2d:c2:9b:16:e0:14:58:f4:d3:a7:d1:df:fa:
f8:ea:85:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGS0w61rs1fuhnfm4aIS1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTI4NDI5MDM0ZGNmYmEwMWY3ZmZmNWM3Y2M4ODU2ZDRk
MDZlMWIwHhcNMjQwMTAxMTgzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWI0YTc1OTlkODg5YTg3OTkyOWU0NDRjNzI3MzdlNWI2YjdhYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbq33GcfohzQcThnCeAoEFA+t9Fx
VWrUp5YK5yuhI7Ojha7YGsXF2Jgxf2fLo7Vs4H3VlxBae4OR3QeuqoFcDsQLuxdN
xBd+TMV1LJVHegqd32JY9D5hfLI/fp4Z9dd33f2LV4B3Etc9lLTP3KVraqFMRikv
iGw3cj0gZ4zJyByOdZhENbAHSQAfnpxleR6z1Mk8TDgOngttzkUTbLpIvarVWcfG
fO8fPtv/4dI1ngKNQ13LD1xuzFdi1KbpG7ZuHCZSk2si7tgD1dRBdjevv7uFZdje
G9sEWnZ6/wDliA7uFo/LQaxux87tfqO1CdAbFx8XuGFHFFAXcdPz2+SJnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOG0p1mdiJqHmSnkRMcnN+W2t6wVMB8GA1UdIwQY
MBaAFB9ShCkDTc+6Aff/9cfMiFbU0G4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUt
MjUzYmU5ZjZlZDNkLzEvNGJTbldaMkltb2VaS2VSRXh5YzM1YmEzckJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUtMjUzYmU5ZjZlZDNk
LzEvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwZYYMA8E
AgACMAkDBwAgAQZ8JKAwDQYJKoZIhvcNAQELBQADggEBAI/3VIhMdWrLaL3s/1QT
iLrmqkpClpUTW357Z3CHSl36WttrpgFQibpBpXwdF7YsGNMQXiPBvmZMvA5cLvRA
Tnm9uc28bV0NJ7czpLibvEv1NqzEA/nIxp6VsMG6Je7eNHZgzzZ1JxqXDdZWTPjw
dvHWkgHyNiUU6QxvXRYJSrjqpRx6OK+4Ikuf94L30Jz3DZK2JBZ8p068HuOxdbFz
WT1c8fR7qYdIEzLwFbIR8kkaqu8irEJ6m6k/SBsEGOP7DbV0sApd9hx1C3lw5+XZ
mSsLMz11J6WgNY8QShYpxTaRgvxHx83UAeLrpabLZtaILcKbFuAUWPTTp9Hf+vjq
hck=
-----END CERTIFICATE-----
Generated at Tue May 21 15:42:43 2024 by rpki-client on console-fra.rpki-client.org