Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/uEF77_q7WiKJxjTIYBJbrAUmwjw.roa
File: uEF77_q7WiKJxjTIYBJbrAUmwjw.roa (raw, json)
Hash identifier: ABIDuZ187Xcn8XOuibdM0M4tnZuAoZ12BM55KxJwq14=
Subject key identifier: B8:41:7B:EF:FA:BB:5A:22:89:C6:34:C8:60:12:5B:AC:05:26:C2:3C
Certificate issuer: /CN=5b087d1dc98e26e4c959d09f6146d7fdf869e4fc
Certificate serial: 018F571A0EFE999F3FFAACF35343618BEDC2
Authority key identifier: 5B:08:7D:1D:C9:8E:26:E4:C9:59:D0:9F:61:46:D7:FD:F8:69:E4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/uEF77_q7WiKJxjTIYBJbrAUmwjw.roa
Signing time: Wed 08 May 2024 07:27:56 +0000
ROA not before: Wed 08 May 2024 07:27:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208336
IP address blocks: 193.17.53.0/24 maxlen: 24
193.203.24.0/24 maxlen: 24
193.203.110.0/24 maxlen: 24
193.203.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:1a:0e:fe:99:9f:3f:fa:ac:f3:53:43:61:8b:ed:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b087d1dc98e26e4c959d09f6146d7fdf869e4fc
Validity
Not Before: May 8 07:27:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8417beffabb5a2289c634c860125bac0526c23c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:b4:a6:83:d1:36:1d:90:8a:4b:6b:fb:de:
2c:f5:8f:bf:dc:8f:f1:0b:5b:95:3b:5c:6d:fa:b3:
bb:a5:bd:3a:34:2e:e2:95:c5:9f:7a:3f:16:71:c4:
a8:4d:be:ab:fa:60:a7:29:16:20:27:fb:9b:55:a9:
97:cc:0d:7c:9c:a9:25:47:6f:af:09:9e:e9:25:0b:
84:37:e7:94:b1:48:7b:95:e3:2a:d0:7d:bd:7b:cd:
a7:38:f4:c4:4c:25:ee:ca:df:dd:e7:13:3e:b9:1f:
4f:5b:be:25:20:9b:65:47:0c:f5:7b:1b:66:41:7b:
21:e8:3e:c3:d2:66:cf:19:00:33:18:9e:16:20:cd:
80:2d:94:ce:3a:98:67:2e:7b:44:14:59:35:1f:87:
01:81:e3:61:30:a1:6b:28:cb:ef:51:3c:c1:e4:d4:
fd:86:7a:4a:65:e2:a3:3a:10:a6:7c:fa:00:97:4c:
7b:fa:ed:b3:2f:90:7d:a8:08:69:71:4c:ee:4c:fb:
83:17:b7:34:4e:3e:c8:f2:ae:f4:0c:7e:98:d7:9a:
a0:46:56:e8:5c:cf:bb:e1:a7:22:3b:d0:0c:69:9e:
e3:a7:c8:1a:f9:75:c4:6e:01:88:36:30:34:2c:36:
fb:0d:60:d6:a5:62:ae:0c:51:fe:09:a8:38:c9:ba:
84:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:41:7B:EF:FA:BB:5A:22:89:C6:34:C8:60:12:5B:AC:05:26:C2:3C
X509v3 Authority Key Identifier:
keyid:5B:08:7D:1D:C9:8E:26:E4:C9:59:D0:9F:61:46:D7:FD:F8:69:E4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/uEF77_q7WiKJxjTIYBJbrAUmwjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a9a06e-69ac-45ce-badc-09dbd08cbe2d/1/Wwh9HcmOJuTJWdCfYUbX_fhp5Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.53.0/24
193.203.24.0/24
193.203.110.0/23
Signature Algorithm: sha256WithRSAEncryption
96:8e:b1:19:0e:09:cd:b1:62:98:71:ca:45:24:a6:dd:24:4f:
c0:52:15:10:60:33:43:26:5a:37:6f:1f:86:ba:db:17:e1:57:
f9:26:04:f8:7c:19:1c:23:63:76:39:5d:e6:b8:19:8d:cf:5f:
d1:52:7e:b9:1f:bb:93:bb:d9:c0:dc:8a:55:44:0e:6a:98:16:
f2:11:67:0f:64:6f:c6:c6:3f:3f:92:b2:86:88:52:52:5f:c8:
62:af:17:e2:a9:97:4b:88:b3:ac:6c:6f:fa:c7:ca:ab:bc:e6:
b3:f6:d8:33:98:fe:7c:aa:23:e8:52:c2:2f:a1:bb:cd:48:c2:
84:c0:de:c5:89:17:93:b0:2b:40:25:8b:9b:09:f9:36:b7:62:
ea:73:b9:ca:9e:cd:86:c2:96:35:f8:c3:9a:92:42:6a:05:3b:
92:6b:b0:7c:16:ba:a4:08:b9:7f:ac:c3:0f:41:c9:30:41:1c:
32:d5:8c:9a:53:aa:ec:64:e7:03:d1:77:cb:63:c2:42:4e:cf:
30:b8:f4:8e:d2:5c:36:06:8d:07:18:80:6f:6f:81:7c:07:b2:
8a:96:5d:a8:f2:8e:9f:f2:3d:14:7a:43:48:7e:a6:da:b9:a3:
aa:bf:fc:6a:54:86:12:1d:3d:1f:3f:cc:25:33:87:b0:b3:1a:
10:5c:d0:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9XGg7+mZ8/+qzzU0Nhi+3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDg3ZDFkYzk4ZTI2ZTRjOTU5ZDA5ZjYxNDZkN2ZkZjg2
OWU0ZmMwHhcNMjQwNTA4MDcyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQxN2JlZmZhYmI1YTIyODljNjM0Yzg2MDEyNWJhYzA1MjZjMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1O0poPRNh2Qiktr+94s9Y+/3I/x
C1uVO1xt+rO7pb06NC7ilcWfej8WccSoTb6r+mCnKRYgJ/ubVamXzA18nKklR2+v
CZ7pJQuEN+eUsUh7leMq0H29e82nOPTETCXuyt/d5xM+uR9PW74lIJtlRwz1extm
QXsh6D7D0mbPGQAzGJ4WIM2ALZTOOphnLntEFFk1H4cBgeNhMKFrKMvvUTzB5NT9
hnpKZeKjOhCmfPoAl0x7+u2zL5B9qAhpcUzuTPuDF7c0Tj7I8q70DH6Y15qgRlbo
XM+74aciO9AMaZ7jp8ga+XXEbgGINjA0LDb7DWDWpWKuDFH+Cag4ybqERwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLhBe+/6u1oiicY0yGASW6wFJsI8MB8GA1UdIwQY
MBaAFFsIfR3JjibkyVnQn2FG1/34aeT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3doOUhjbU9KdVRKV2RDZllVYlhfZmhwNVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hOWEwNmUtNjlhYy00NWNlLWJhZGMt
MDlkYmQwOGNiZTJkLzEvdUVGNzdfcTdXaUtKeGpUSVlCSmJyQVVtd2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hOWEwNmUtNjlhYy00NWNlLWJhZGMtMDlkYmQwOGNiZTJk
LzEvV3doOUhjbU9KdVRKV2RDZllVYlhfZmhwNVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRE1AwQA
wcsYAwQBwctuMA0GCSqGSIb3DQEBCwUAA4IBAQCWjrEZDgnNsWKYccpFJKbdJE/A
UhUQYDNDJlo3bx+GutsX4Vf5JgT4fBkcI2N2OV3muBmNz1/RUn65H7uTu9nA3IpV
RA5qmBbyEWcPZG/Gxj8/krKGiFJSX8hirxfiqZdLiLOsbG/6x8qrvOaz9tgzmP58
qiPoUsIvobvNSMKEwN7FiReTsCtAJYubCfk2t2Lqc7nKns2GwpY1+MOakkJqBTuS
a7B8FrqkCLl/rMMPQckwQRwy1YyaU6rsZOcD0XfLY8JCTs8wuPSO0lw2Bo0HGIBv
b4F8B7KKll2o8o6f8j0UekNIfqbauaOqv/xqVIYSHT0fP8wlM4ewsxoQXNCV
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:25 2024 by rpki-client on console-fra.rpki-client.org