Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/n1xELLEjnOqpRvmzyzydj_mDhdk.roa
File: n1xELLEjnOqpRvmzyzydj_mDhdk.roa (raw, json)
Hash identifier: UDBvxmuX1EpU/v1ci/xMUafvxTue/T3WrDpUvdrgQKQ=
Subject key identifier: 9F:5C:44:2C:B1:23:9C:EA:A9:46:F9:B3:CB:3C:9D:8F:F9:83:85:D9
Certificate issuer: /CN=ea880bcc302a5dba2c351a6fd39e0a8b3922a535
Certificate serial: 018D7F3A2D059483E1B4E11ADA57FCB2A16F
Authority key identifier: EA:88:0B:CC:30:2A:5D:BA:2C:35:1A:6F:D3:9E:0A:8B:39:22:A5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ogLzDAqXbosNRpv054KizkipTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/n1xELLEjnOqpRvmzyzydj_mDhdk.roa
Signing time: Tue 06 Feb 2024 16:22:15 +0000
ROA not before: Tue 06 Feb 2024 16:22:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 193.35.248.0/24 maxlen: 24
193.35.249.0/24 maxlen: 24
193.35.250.0/24 maxlen: 24
193.35.252.0/24 maxlen: 24
193.35.253.0/24 maxlen: 24
193.35.254.0/24 maxlen: 24
193.35.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/6ogLzDAqXbosNRpv054KizkipTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/6ogLzDAqXbosNRpv054KizkipTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/6ogLzDAqXbosNRpv054KizkipTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:3a:2d:05:94:83:e1:b4:e1:1a:da:57:fc:b2:a1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea880bcc302a5dba2c351a6fd39e0a8b3922a535
Validity
Not Before: Feb 6 16:22:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f5c442cb1239ceaa946f9b3cb3c9d8ff98385d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:c4:58:6f:69:9b:5e:ff:56:54:05:1b:c9:
17:c3:ce:1f:6f:65:ae:06:b6:cb:3f:bb:39:39:22:
9d:7c:62:ce:24:bd:63:a7:b0:2f:89:a4:02:8b:e5:
99:db:e4:b5:32:73:3a:d7:cf:f9:fa:c9:74:b8:56:
79:ab:5f:65:1b:54:86:d5:b5:ef:9e:83:be:ce:98:
ca:41:84:7e:0e:2c:d3:e7:96:ad:9e:02:93:a6:df:
6b:2b:e7:b9:85:50:d2:76:3e:58:38:33:41:0d:8c:
78:f1:24:0c:8c:79:38:46:23:02:7e:3b:43:35:4c:
e2:70:ec:f4:7c:d4:85:ae:ae:10:bc:aa:cd:5e:48:
34:2c:ff:36:d9:db:32:fd:d2:3f:ac:a8:f4:e7:fc:
88:cf:5d:9c:85:99:fa:49:fd:71:77:96:4f:4e:77:
86:88:d2:d1:e3:ca:b3:4c:b4:12:3f:9b:95:5a:73:
dc:89:79:0f:d0:a6:99:bc:40:1d:f4:04:f9:4f:fe:
ec:71:12:9f:48:73:8d:6e:b1:2e:18:48:1b:29:8a:
df:9f:b3:13:66:65:d9:8f:be:76:0a:73:16:4c:c6:
df:cc:72:d7:ff:5b:5c:44:d4:da:c1:76:99:68:6f:
f6:03:77:b7:ae:d6:81:61:13:c6:a5:96:ca:09:bc:
05:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5C:44:2C:B1:23:9C:EA:A9:46:F9:B3:CB:3C:9D:8F:F9:83:85:D9
X509v3 Authority Key Identifier:
keyid:EA:88:0B:CC:30:2A:5D:BA:2C:35:1A:6F:D3:9E:0A:8B:39:22:A5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ogLzDAqXbosNRpv054KizkipTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/n1xELLEjnOqpRvmzyzydj_mDhdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/6ogLzDAqXbosNRpv054KizkipTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.248.0-193.35.250.255
193.35.252.0/22
Signature Algorithm: sha256WithRSAEncryption
78:ee:5b:74:56:57:b0:8e:44:be:f3:9d:24:bc:45:c7:43:59:
f1:37:0e:e0:8b:b9:19:bf:f9:51:72:3d:ee:50:a9:4d:e4:ba:
dc:ed:e6:14:a2:c4:1d:f0:11:d0:99:8f:ba:2e:52:bb:b5:f9:
08:3a:3b:72:3f:f3:b4:28:c9:8d:87:35:60:b1:ea:b5:98:70:
c8:9f:0e:0e:c9:9b:29:79:40:9d:20:73:93:21:26:aa:db:97:
e2:0f:19:0e:ca:bc:b1:1b:6e:f1:b2:ab:da:f8:c3:80:b7:0e:
bc:bb:2d:89:f9:a2:bc:11:0c:f3:43:bd:47:bf:ff:27:01:91:
11:a7:28:ce:8d:42:94:10:6d:00:3c:81:ce:6e:3c:7b:15:1b:
3f:81:d6:40:ee:cc:b3:a2:fd:9e:30:fd:0a:2d:59:a2:ac:58:
9f:21:66:59:1d:cf:67:b4:6d:04:60:3c:28:61:77:03:43:66:
06:89:42:3e:ae:8b:b6:54:70:ae:98:c7:e8:bc:d2:5e:bc:06:
7d:af:9a:17:fc:46:b0:e3:93:dc:75:ca:4d:47:87:75:96:df:
d5:f8:6b:70:1f:43:79:0f:f0:b0:5d:b1:da:16:8b:b0:47:78:
29:4c:bd:14:1f:82:f3:5c:24:6c:75:92:21:46:e0:f5:1c:54:
3b:0d:5d:2d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1/Oi0FlIPhtOEa2lf8sqFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODgwYmNjMzAyYTVkYmEyYzM1MWE2ZmQzOWUwYThiMzky
MmE1MzUwHhcNMjQwMjA2MTYyMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjVjNDQyY2IxMjM5Y2VhYTk0NmY5YjNjYjNjOWQ4ZmY5ODM4NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUTEWG9pm17/VlQFG8kXw84fb2Wu
BrbLP7s5OSKdfGLOJL1jp7AviaQCi+WZ2+S1MnM618/5+sl0uFZ5q19lG1SG1bXv
noO+zpjKQYR+DizT55atngKTpt9rK+e5hVDSdj5YODNBDYx48SQMjHk4RiMCfjtD
NUzicOz0fNSFrq4QvKrNXkg0LP822dsy/dI/rKj05/yIz12chZn6Sf1xd5ZPTneG
iNLR48qzTLQSP5uVWnPciXkP0KaZvEAd9AT5T/7scRKfSHONbrEuGEgbKYrfn7MT
ZmXZj752CnMWTMbfzHLX/1tcRNTawXaZaG/2A3e3rtaBYRPGpZbKCbwF7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ9cRCyxI5zqqUb5s8s8nY/5g4XZMB8GA1UdIwQY
MBaAFOqIC8wwKl26LDUab9OeCos5IqU1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9nTHpEQXFYYm9zTlJwdjA1NEtpemtpcFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yYjcyOWYtMDhhNy00YzkzLThiYzkt
ODE1YzVmMjc2NWQwLzEvbjF4RUxMRWpuT3FwUnZtenl6eWRqX21EaGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yYjcyOWYtMDhhNy00YzkzLThiYzktODE1YzVmMjc2NWQw
LzEvNm9nTHpEQXFYYm9zTlJwdjA1NEtpemtpcFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPBI/gD
BADBI/oDBALBI/wwDQYJKoZIhvcNAQELBQADggEBAHjuW3RWV7CORL7znSS8RcdD
WfE3DuCLuRm/+VFyPe5QqU3kutzt5hSixB3wEdCZj7ouUru1+Qg6O3I/87QoyY2H
NWCx6rWYcMifDg7Jmyl5QJ0gc5MhJqrbl+IPGQ7KvLEbbvGyq9r4w4C3Dry7LYn5
orwRDPNDvUe//ycBkRGnKM6NQpQQbQA8gc5uPHsVGz+B1kDuzLOi/Z4w/QotWaKs
WJ8hZlkdz2e0bQRgPChhdwNDZgaJQj6ui7ZUcK6Yx+i80l68Bn2vmhf8RrDjk9x1
yk1Hh3WW39X4a3AfQ3kP8LBdsdoWi7BHeClMvRQfgvNcJGx1kiFG4PUcVDsNXS0=
-----END CERTIFICATE-----
Generated at Sun May 19 02:01:42 2024 by rpki-client on console-fra.rpki-client.org