Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/886f03-dc91-4a74-b034-b06228fcf2c1/1/Hz4cNXyx-bdC1QZXijHqXGN0hDs.roa
File: Hz4cNXyx-bdC1QZXijHqXGN0hDs.roa (raw, json)
Hash identifier: tBbvVtXU8J8WH6TFpDEqyCd71T8sXezte7Lz4xqED/4=
Subject key identifier: 1F:3E:1C:35:7C:B1:F9:B7:42:D5:06:57:8A:31:EA:5C:63:74:84:3B
Certificate issuer: /CN=2526c138afa42a7d65cc7761ac4f1868366fa7e3
Certificate serial: 018CC26D4E7E2D0D0ED0CC63E29232DB736D
Authority key identifier: 25:26:C1:38:AF:A4:2A:7D:65:CC:77:61:AC:4F:18:68:36:6F:A7:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSbBOK-kKn1lzHdhrE8YaDZvp-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/886f03-dc91-4a74-b034-b06228fcf2c1/1/Hz4cNXyx-bdC1QZXijHqXGN0hDs.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 193.111.24.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/886f03-dc91-4a74-b034-b06228fcf2c1/1/JSbBOK-kKn1lzHdhrE8YaDZvp-M.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/886f03-dc91-4a74-b034-b06228fcf2c1/1/JSbBOK-kKn1lzHdhrE8YaDZvp-M.mft
rsync://rpki.ripe.net/repository/DEFAULT/JSbBOK-kKn1lzHdhrE8YaDZvp-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4e:7e:2d:0d:0e:d0:cc:63:e2:92:32:db:73:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2526c138afa42a7d65cc7761ac4f1868366fa7e3
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f3e1c357cb1f9b742d506578a31ea5c6374843b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f1:d4:a6:4b:64:81:51:06:50:53:61:fa:d7:
ba:c4:12:a4:8a:12:ba:2e:bf:0d:c2:fb:76:45:b8:
57:28:0d:2a:d9:79:f8:52:7c:6c:b9:9b:45:e6:0f:
f4:20:61:74:50:9d:95:dd:2e:dc:24:7b:84:e2:5a:
c9:6a:51:1f:bb:f3:ad:a4:e2:e2:fc:46:03:02:c8:
e1:93:0c:1e:26:5b:6c:56:16:c8:a4:71:ba:75:e0:
f8:48:f2:67:d8:5f:76:28:4a:8e:e7:d1:4d:25:c4:
2a:25:c2:c0:25:2e:b4:63:a2:c7:40:f4:e3:04:0b:
e2:da:f4:53:bd:77:63:ff:c6:cc:bf:3f:27:31:74:
49:00:b8:92:df:64:21:ac:1f:ca:4d:d7:97:1c:36:
93:01:a3:f3:4f:53:d2:97:f2:66:e4:97:b3:81:b0:
fe:1d:d9:ac:dc:9b:92:ff:ab:f7:f3:56:38:bc:f1:
77:2c:a4:15:f4:59:7a:77:e6:47:1c:dd:28:df:83:
5f:10:0f:47:ce:5c:76:d9:3e:e8:29:a1:5e:e4:3d:
2d:26:d8:90:7e:d9:86:42:a6:6b:db:a3:25:25:9a:
3b:70:c9:fe:e4:ac:1b:38:7f:d6:7a:76:5d:21:1d:
ff:29:49:24:a6:79:5c:64:46:1b:5f:84:56:ad:8e:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3E:1C:35:7C:B1:F9:B7:42:D5:06:57:8A:31:EA:5C:63:74:84:3B
X509v3 Authority Key Identifier:
keyid:25:26:C1:38:AF:A4:2A:7D:65:CC:77:61:AC:4F:18:68:36:6F:A7:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSbBOK-kKn1lzHdhrE8YaDZvp-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/886f03-dc91-4a74-b034-b06228fcf2c1/1/Hz4cNXyx-bdC1QZXijHqXGN0hDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/886f03-dc91-4a74-b034-b06228fcf2c1/1/JSbBOK-kKn1lzHdhrE8YaDZvp-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.24.0/23
Signature Algorithm: sha256WithRSAEncryption
36:03:a7:57:e3:c0:c3:42:d8:4b:4a:06:59:53:9f:62:46:cc:
4c:06:9f:9b:e0:94:aa:aa:2f:79:02:20:16:40:2c:0b:ab:05:
dd:49:dd:18:3a:a2:e7:a1:e4:8d:b6:2e:10:76:52:12:bf:a0:
49:40:e5:45:68:c6:8b:7c:09:0b:f6:3c:52:d3:84:f0:9e:1a:
20:a9:fa:30:5d:df:98:be:b0:5a:0c:2f:5f:ec:a8:57:7c:3c:
a2:96:e8:d4:1b:b0:f5:b4:e2:23:3e:7f:2f:12:9a:fc:59:e9:
f6:c5:dd:dd:0a:33:be:30:34:8a:50:e6:6f:df:09:bf:a5:99:
47:b3:17:fd:1c:1e:8a:ac:b9:ae:ca:17:b3:a7:80:1c:40:fd:
be:2d:76:1a:97:76:aa:cd:48:34:9a:13:44:5f:67:d6:f9:38:
04:89:a0:dd:8a:3d:8d:20:ae:30:23:b1:ef:4e:86:7b:d5:67:
97:7f:53:ed:37:2e:d2:4d:9e:7a:fe:1f:6c:23:43:d2:90:0b:
e7:24:5c:5b:35:68:ff:66:74:b3:e6:ac:0a:d7:e5:e2:2a:34:
8e:c9:4c:ac:6a:48:00:5f:a3:6c:31:aa:16:ef:c6:a0:f1:cd:
63:68:8e:6e:f2:cd:79:a5:6e:18:05:7b:08:c1:c0:3a:e1:8b:
e2:26:1a:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbU5+LQ0O0Mxj4pIy23NtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MjZjMTM4YWZhNDJhN2Q2NWNjNzc2MWFjNGYxODY4MzY2
ZmE3ZTMwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNlMWMzNTdjYjFmOWI3NDJkNTA2NTc4YTMxZWE1YzYzNzQ4NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPHUpktkgVEGUFNh+te6xBKkihK6
Lr8Nwvt2RbhXKA0q2Xn4UnxsuZtF5g/0IGF0UJ2V3S7cJHuE4lrJalEfu/OtpOLi
/EYDAsjhkwweJltsVhbIpHG6deD4SPJn2F92KEqO59FNJcQqJcLAJS60Y6LHQPTj
BAvi2vRTvXdj/8bMvz8nMXRJALiS32QhrB/KTdeXHDaTAaPzT1PSl/Jm5JezgbD+
Hdms3JuS/6v381Y4vPF3LKQV9Fl6d+ZHHN0o34NfEA9Hzlx22T7oKaFe5D0tJtiQ
ftmGQqZr26MlJZo7cMn+5KwbOH/WenZdIR3/KUkkpnlcZEYbX4RWrY44awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8+HDV8sfm3QtUGV4ox6lxjdIQ7MB8GA1UdIwQY
MBaAFCUmwTivpCp9Zcx3YaxPGGg2b6fjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlNiQk9LLWtLbjFsekhkaHJFOFlhRFp2cC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84ODZmMDMtZGM5MS00YTc0LWIwMzQt
YjA2MjI4ZmNmMmMxLzEvSHo0Y05YeXgtYmRDMVFaWGlqSHFYR04waERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84ODZmMDMtZGM5MS00YTc0LWIwMzQtYjA2MjI4ZmNmMmMx
LzEvSlNiQk9LLWtLbjFsekhkaHJFOFlhRFp2cC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwW8YMA0G
CSqGSIb3DQEBCwUAA4IBAQA2A6dX48DDQthLSgZZU59iRsxMBp+b4JSqqi95AiAW
QCwLqwXdSd0YOqLnoeSNti4QdlISv6BJQOVFaMaLfAkL9jxS04TwnhogqfowXd+Y
vrBaDC9f7KhXfDyilujUG7D1tOIjPn8vEpr8Wen2xd3dCjO+MDSKUOZv3wm/pZlH
sxf9HB6KrLmuyhezp4AcQP2+LXYal3aqzUg0mhNEX2fW+TgEiaDdij2NIK4wI7Hv
ToZ71WeXf1PtNy7STZ56/h9sI0PSkAvnJFxbNWj/ZnSz5qwK1+XiKjSOyUysakgA
X6NsMaoW78ag8c1jaI5u8s15pW4YBXsIwcA64YviJhqH
-----END CERTIFICATE-----
Generated at Mon Jun 3 22:52:43 2024 by rpki-client on console-fra.rpki-client.org