Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/BU7gSG7A6EzIMXPLa3s2N0S6P-Q.roa
File: BU7gSG7A6EzIMXPLa3s2N0S6P-Q.roa (raw, json)
Hash identifier: fQY60TbH6/mn3uDTNoPxNyQWhHO89rO6WtI9JTS7G34=
Subject key identifier: 05:4E:E0:48:6E:C0:E8:4C:C8:31:73:CB:6B:7B:36:37:44:BA:3F:E4
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018CC56E0350D46A1613C4A79BEF3F860B0E
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/BU7gSG7A6EzIMXPLa3s2N0S6P-Q.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211415
IP address blocks: 193.84.109.0/24 maxlen: 24
185.232.167.0/24 maxlen: 24
178.255.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:03:50:d4:6a:16:13:c4:a7:9b:ef:3f:86:0b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=054ee0486ec0e84cc83173cb6b7b363744ba3fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a1:48:fe:38:bf:67:71:b4:67:6b:b5:f7:39:
a9:3d:f2:44:71:e1:dd:7a:13:58:d2:a8:ea:5a:d2:
82:9c:92:13:97:68:8a:79:64:fb:90:13:d0:51:93:
23:ef:c2:47:84:fc:4f:04:4a:be:b5:75:70:41:cb:
54:75:4b:73:0d:39:7d:e7:1b:09:db:02:e5:bd:97:
82:56:13:af:4f:21:a1:d9:35:fc:36:ae:2d:d4:24:
e1:1a:fd:61:b4:c1:59:32:2c:9a:e2:24:39:c1:61:
2a:08:96:33:a2:c5:2a:15:a1:73:08:09:ee:07:ca:
b8:69:e9:3e:c5:9b:d0:75:40:3e:4e:d8:40:85:f1:
6c:60:27:f7:91:f0:f4:34:89:be:da:3c:26:13:e8:
59:24:c9:02:06:35:f1:c0:94:0d:e9:c3:e8:a4:0c:
93:12:d7:f5:00:50:fd:44:24:d1:a9:d4:de:c5:f3:
b2:1f:83:49:1d:c6:6e:29:1c:44:73:47:b8:31:05:
cd:8f:46:85:80:00:e0:d3:18:86:03:fc:21:12:9d:
8a:fa:17:c7:51:f1:2b:7b:fe:f1:50:12:70:23:48:
77:ac:c1:04:fc:f4:5d:3d:29:ba:9c:4f:94:07:80:
ef:e0:99:a5:f2:f9:57:bf:b3:5c:93:d3:33:8b:98:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4E:E0:48:6E:C0:E8:4C:C8:31:73:CB:6B:7B:36:37:44:BA:3F:E4
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/BU7gSG7A6EzIMXPLa3s2N0S6P-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.221.0/24
185.232.167.0/24
193.84.109.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b2:22:51:25:f1:2b:17:87:8a:ef:6e:fb:9c:52:3a:fd:ec:
0e:ae:40:3f:53:2c:47:7a:79:21:87:1d:29:bb:41:ac:3d:38:
0c:07:1e:72:69:82:8d:76:0d:d6:1d:d0:60:71:ad:69:87:29:
d2:57:33:41:3d:94:ca:45:4d:b8:48:c0:c1:22:e0:aa:f4:20:
bd:db:51:67:5c:89:28:66:9a:57:18:e5:7a:7c:ed:52:6a:de:
e2:f6:fd:66:f7:b9:1b:92:00:09:54:23:2f:58:8a:41:35:f3:
0c:40:83:0e:31:50:bb:5e:12:9f:12:83:53:7f:09:22:d2:c7:
fe:c5:f6:ac:3f:42:f9:65:1a:e2:a2:2c:01:20:11:0c:2b:85:
c3:f0:af:71:50:29:23:0f:f2:5f:d2:64:d4:b0:db:c2:5e:2f:
bf:b1:b2:36:40:74:15:06:2d:26:96:0b:b7:c9:a5:45:d2:33:
9f:68:47:4b:8b:93:94:83:7a:48:56:59:70:ea:a9:66:09:14:
7f:e4:9d:a5:f4:8f:a5:4f:a6:86:41:91:91:1f:05:97:36:b3:
44:a3:8b:e2:e4:70:d2:1b:43:4c:62:2d:e1:ec:18:d9:b6:1e:
7a:d6:40:b4:7d:c9:d7:82:29:eb:69:90:08:94:67:f4:64:ee:
29:17:92:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbgNQ1GoWE8Snm+8/hgsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTRlZTA0ODZlYzBlODRjYzgzMTczY2I2YjdiMzYzNzQ0YmEzZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6FI/ji/Z3G0Z2u19zmpPfJEceHd
ehNY0qjqWtKCnJITl2iKeWT7kBPQUZMj78JHhPxPBEq+tXVwQctUdUtzDTl95xsJ
2wLlvZeCVhOvTyGh2TX8Nq4t1CThGv1htMFZMiya4iQ5wWEqCJYzosUqFaFzCAnu
B8q4aek+xZvQdUA+TthAhfFsYCf3kfD0NIm+2jwmE+hZJMkCBjXxwJQN6cPopAyT
Etf1AFD9RCTRqdTexfOyH4NJHcZuKRxEc0e4MQXNj0aFgADg0xiGA/whEp2K+hfH
UfEre/7xUBJwI0h3rMEE/PRdPSm6nE+UB4Dv4Jml8vlXv7Nck9Mzi5jRFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAVO4EhuwOhMyDFzy2t7NjdEuj/kMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvQlU3Z1NHN0E2RXpJTVhQTGEzczJOMFM2UC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsv/dAwQA
ueinAwQAwVRtMA0GCSqGSIb3DQEBCwUAA4IBAQB3siJRJfErF4eK7277nFI6/ewO
rkA/UyxHenkhhx0pu0GsPTgMBx5yaYKNdg3WHdBgca1phynSVzNBPZTKRU24SMDB
IuCq9CC921FnXIkoZppXGOV6fO1Sat7i9v1m97kbkgAJVCMvWIpBNfMMQIMOMVC7
XhKfEoNTfwki0sf+xfasP0L5ZRrioiwBIBEMK4XD8K9xUCkjD/Jf0mTUsNvCXi+/
sbI2QHQVBi0mlgu3yaVF0jOfaEdLi5OUg3pIVllw6qlmCRR/5J2l9I+lT6aGQZGR
HwWXNrNEo4vi5HDSG0NMYi3h7BjZth561kC0fcnXginraZAIlGf0ZO4pF5JJ
-----END CERTIFICATE-----
Generated at Wed May 15 21:55:20 2024 by rpki-client on console-ams.rpki-client.org