Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/M5-8T8TFMcb3J2CvuaHGfYikil8.roa
File: M5-8T8TFMcb3J2CvuaHGfYikil8.roa (raw, json)
Hash identifier: sEuV/u3YL8dSNJyH59zm3ikAH6V5LtH2iezUmG3BKhk=
Subject key identifier: 33:9F:BC:4F:C4:C5:31:C6:F7:27:60:AF:B9:A1:C6:7D:88:A4:8A:5F
Certificate issuer: /CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Certificate serial: 018CC2DB5EDCB0EBD8758EE8BCB84332ABBA
Authority key identifier: B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/M5-8T8TFMcb3J2CvuaHGfYikil8.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39020
IP address blocks: 193.203.118.0/24 maxlen: 24
193.203.119.0/24 maxlen: 24
195.88.152.0/24 maxlen: 24
195.88.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5e:dc:b0:eb:d8:75:8e:e8:bc:b8:43:32:ab:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=339fbc4fc4c531c6f72760afb9a1c67d88a48a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:7b:21:df:ce:20:ca:01:3c:25:94:d7:a9:
6f:68:07:27:fd:6a:b7:2c:30:1e:40:6b:62:6f:64:
5b:39:d1:f1:25:f1:58:d9:d3:31:d4:fd:38:6f:40:
cb:25:e7:4f:bb:dd:d0:fc:91:06:4d:4b:0b:50:9c:
fc:9b:fc:1f:da:89:d2:3d:b6:05:50:cf:04:70:a1:
a9:da:3d:54:15:05:57:e9:df:15:c8:66:64:ae:b7:
70:c2:a4:de:e4:7a:02:52:7d:ea:ad:c3:05:59:76:
d3:35:c5:33:30:a6:90:e7:94:38:7a:41:97:7a:21:
65:9b:27:68:eb:e2:a2:34:85:32:98:8f:1f:c3:c7:
c1:ef:77:0b:9a:dc:7b:b4:7c:25:d6:38:a5:3b:1e:
b2:38:19:de:46:69:78:92:b0:a0:23:25:3d:f7:ca:
de:01:3e:c5:95:e8:9a:c8:c3:de:2a:9f:7e:97:fc:
22:f3:59:73:80:e6:f1:12:47:a5:9e:09:f4:05:1d:
9e:0d:da:cd:cf:2a:ea:cd:93:ea:96:a9:f3:d1:37:
ad:79:6e:0a:e9:e9:2a:49:ed:a4:c3:25:8b:73:f9:
64:5c:25:13:35:38:3b:3f:da:f2:59:8f:c9:fe:40:
5e:81:42:24:d3:96:89:77:a3:bd:2f:cf:29:df:c3:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9F:BC:4F:C4:C5:31:C6:F7:27:60:AF:B9:A1:C6:7D:88:A4:8A:5F
X509v3 Authority Key Identifier:
keyid:B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/M5-8T8TFMcb3J2CvuaHGfYikil8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.118.0/23
195.88.152.0/23
Signature Algorithm: sha256WithRSAEncryption
95:f3:b4:9e:d4:2f:75:fc:35:98:d2:d5:21:35:90:f3:c6:23:
28:45:fc:9a:f2:d2:aa:a8:ab:1e:ca:6b:ea:3c:4b:a0:af:b1:
3d:ae:62:bc:36:0f:c9:ec:03:1e:e5:c6:c0:d4:94:22:27:bc:
fd:93:bd:c1:cb:33:08:c4:7c:5b:6f:c0:fe:d8:f6:14:45:08:
d2:19:5a:ec:b1:b8:6e:28:38:cd:8d:37:05:f1:23:cc:d6:96:
88:61:14:c2:a0:c6:80:14:13:cd:6e:c7:47:47:0d:a9:85:0b:
fb:fb:fa:b7:96:ce:20:78:0e:e4:16:a6:97:14:62:dd:0f:c4:
a9:36:b9:cb:85:c4:25:d4:f4:f9:bc:56:85:1e:91:c9:88:cf:
e2:84:90:72:9e:b8:df:f1:a1:6f:66:09:0b:14:40:9a:88:c4:
2b:61:fb:eb:ea:93:b9:a8:06:94:b2:7e:87:70:2a:af:58:9d:
0f:a0:60:89:3c:ae:5c:62:78:c4:3d:f0:be:74:46:fc:37:d7:
c8:29:40:9e:71:f4:37:46:e8:eb:36:2e:0e:7a:58:14:d9:9d:
78:d8:50:85:ce:57:d0:d6:c0:96:aa:ae:e5:1b:41:9f:b4:68:
a9:2e:35:6a:36:d7:78:4b:e2:60:a9:36:9d:07:16:9a:7b:48:
b0:55:83:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC217csOvYdY7ovLhDMqu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWQyMjY0M2MyZDk3YmQ3MWY4YjYzNGZiOGQxZDRmOWYw
MWY0YTcwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlmYmM0ZmM0YzUzMWM2ZjcyNzYwYWZiOWExYzY3ZDg4YTQ4YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkV7Id/OIMoBPCWU16lvaAcn/Wq3
LDAeQGtib2RbOdHxJfFY2dMx1P04b0DLJedPu93Q/JEGTUsLUJz8m/wf2onSPbYF
UM8EcKGp2j1UFQVX6d8VyGZkrrdwwqTe5HoCUn3qrcMFWXbTNcUzMKaQ55Q4ekGX
eiFlmydo6+KiNIUymI8fw8fB73cLmtx7tHwl1jilOx6yOBneRml4krCgIyU998re
AT7FleiayMPeKp9+l/wi81lzgObxEkelngn0BR2eDdrNzyrqzZPqlqnz0TeteW4K
6ekqSe2kwyWLc/lkXCUTNTg7P9ryWY/J/kBegUIk05aJd6O9L88p38Nm0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDOfvE/ExTHG9ydgr7mhxn2IpIpfMB8GA1UdIwQY
MBaAFLCtImQ8LZe9cfi2NPuNHU+fAfSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUt
MDc0ZmZiNDIzYzEzLzEvTTUtOFQ4VEZNY2IzSjJDdnVhSEdmWWlraWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUtMDc0ZmZiNDIzYzEz
LzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwct2AwQB
w1iYMA0GCSqGSIb3DQEBCwUAA4IBAQCV87Se1C91/DWY0tUhNZDzxiMoRfya8tKq
qKseymvqPEugr7E9rmK8Ng/J7AMe5cbA1JQiJ7z9k73ByzMIxHxbb8D+2PYURQjS
GVrssbhuKDjNjTcF8SPM1paIYRTCoMaAFBPNbsdHRw2phQv7+/q3ls4geA7kFqaX
FGLdD8SpNrnLhcQl1PT5vFaFHpHJiM/ihJBynrjf8aFvZgkLFECaiMQrYfvr6pO5
qAaUsn6HcCqvWJ0PoGCJPK5cYnjEPfC+dEb8N9fIKUCecfQ3RujrNi4OelgU2Z14
2FCFzlfQ1sCWqq7lG0GftGipLjVqNtd4S+JgqTadBxaae0iwVYO1
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:44 2024 by rpki-client on console-fra.rpki-client.org