Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/U3-2Aub9_7zuX6Vqcc15UX8nBK8.roa
File: U3-2Aub9_7zuX6Vqcc15UX8nBK8.roa (raw, json)
Hash identifier: HV/z7z1MahJf9VLaADpd5J3TEzlLj/DwTGGx7lmfBEY=
Subject key identifier: 53:7F:B6:02:E6:FD:FF:BC:EE:5F:A5:6A:71:CD:79:51:7F:27:04:AF
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 019078060514961B01EE8E68C412FE99E251
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/U3-2Aub9_7zuX6Vqcc15UX8nBK8.roa
Signing time: Wed 03 Jul 2024 09:56:18 +0000
ROA not before: Wed 03 Jul 2024 09:56:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 193.68.92.0/24 maxlen: 24
213.21.226.0/24 maxlen: 24
213.21.230.0/24 maxlen: 24
213.21.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:06:05:14:96:1b:01:ee:8e:68:c4:12:fe:99:e2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jul 3 09:56:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=537fb602e6fdffbcee5fa56a71cd79517f2704af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:28:18:72:7c:a1:96:38:54:22:64:57:f3:87:
d0:ff:a5:6f:cc:1f:46:9d:fc:56:06:6d:bb:ae:01:
8d:dd:80:6a:8c:c5:61:b7:d1:f2:16:04:14:ed:a8:
b3:fc:ba:89:e0:fa:3a:67:b9:b1:52:de:48:e9:e4:
61:ff:b0:7b:aa:80:d9:81:c9:4d:59:32:82:ef:80:
f6:78:1b:78:c2:e7:fb:f5:21:79:43:b9:f8:14:67:
9c:2e:e4:4f:78:9e:f6:80:76:c9:90:5a:e4:9c:fe:
a7:9f:61:49:f8:90:4b:ac:53:00:ed:4e:09:25:06:
e1:48:fe:f5:ad:a7:12:fe:3c:be:d9:3f:e8:43:0a:
b3:ef:4b:92:fa:e0:42:eb:5b:86:1d:4f:c3:22:c9:
ee:e0:5a:ba:ce:22:a3:18:19:7e:62:30:e5:76:3d:
90:c5:c5:80:14:dc:8b:e2:60:83:4e:46:14:ff:04:
b3:b1:70:54:83:9c:31:78:2b:c6:6c:ef:be:43:73:
9a:44:33:0e:dd:59:c9:8b:8d:35:ad:43:22:dd:18:
87:87:b0:7e:d5:44:97:d8:3b:29:74:bd:de:e3:9d:
f5:e9:48:47:35:2d:71:df:6c:24:6b:cb:32:76:3b:
82:f8:99:28:1e:53:61:aa:34:71:f7:21:d5:e8:07:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7F:B6:02:E6:FD:FF:BC:EE:5F:A5:6A:71:CD:79:51:7F:27:04:AF
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/U3-2Aub9_7zuX6Vqcc15UX8nBK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.92.0/24
213.21.226.0/24
213.21.230.0/24
213.21.234.0/24
Signature Algorithm: sha256WithRSAEncryption
40:d4:92:85:66:7b:ed:ea:ca:ce:48:cc:5f:47:ed:af:24:8e:
62:8f:52:c5:57:a0:0d:90:e9:23:24:5e:c8:c2:92:69:7f:06:
63:73:97:e3:64:f7:57:90:1e:dc:73:cc:f6:92:8a:e8:6d:a7:
ce:e5:77:fe:ad:7d:8a:9d:2b:e4:a6:a1:f6:42:8f:b3:37:71:
64:af:30:7f:d1:dd:6c:48:42:56:83:ae:72:64:c7:b9:39:18:
98:6e:97:81:50:f8:62:af:1e:e7:5c:36:88:24:d8:00:70:08:
5a:be:c7:90:32:29:cb:fe:ee:13:93:9c:69:89:84:cb:ca:44:
92:c5:54:be:ff:a6:d9:38:a2:3a:4f:03:43:a0:64:0b:43:38:
10:51:fd:89:80:ec:35:ae:b3:a7:21:c2:3a:97:2f:cf:f9:31:
23:79:da:d2:43:16:c9:47:23:5b:14:90:88:81:ab:35:b3:9d:
58:35:36:06:10:73:95:70:c3:6d:14:18:8b:d2:91:af:b8:4a:
39:0f:3c:d4:bc:d5:a9:1b:a0:86:bb:59:36:cd:dc:49:18:db:
e7:82:0a:51:39:c0:f5:42:44:80:11:43:2d:77:23:85:95:58:
ff:ea:e1:80:99:5d:ba:b5:5a:cc:78:34:8e:be:03:cd:d8:eb:
ab:a9:60:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB4BgUUlhsB7o5oxBL+meJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQwNzAzMDk1NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzdmYjYwMmU2ZmRmZmJjZWU1ZmE1NmE3MWNkNzk1MTdmMjcwNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwigYcnyhljhUImRX84fQ/6VvzB9G
nfxWBm27rgGN3YBqjMVht9HyFgQU7aiz/LqJ4Po6Z7mxUt5I6eRh/7B7qoDZgclN
WTKC74D2eBt4wuf79SF5Q7n4FGecLuRPeJ72gHbJkFrknP6nn2FJ+JBLrFMA7U4J
JQbhSP71racS/jy+2T/oQwqz70uS+uBC61uGHU/DIsnu4Fq6ziKjGBl+YjDldj2Q
xcWAFNyL4mCDTkYU/wSzsXBUg5wxeCvGbO++Q3OaRDMO3VnJi401rUMi3RiHh7B+
1USX2DspdL3e45316UhHNS1x32wka8sydjuC+JkoHlNhqjRx9yHV6Ac39wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFN/tgLm/f+87l+lanHNeVF/JwSvMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvVTMtMkF1YjlfN3p1WDZWcWNjMTVVWDhuQks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwURcAwQA
1RXiAwQA1RXmAwQA1RXqMA0GCSqGSIb3DQEBCwUAA4IBAQBA1JKFZnvt6srOSMxf
R+2vJI5ij1LFV6ANkOkjJF7IwpJpfwZjc5fjZPdXkB7cc8z2korobafO5Xf+rX2K
nSvkpqH2Qo+zN3FkrzB/0d1sSEJWg65yZMe5ORiYbpeBUPhirx7nXDaIJNgAcAha
vseQMinL/u4Tk5xpiYTLykSSxVS+/6bZOKI6TwNDoGQLQzgQUf2JgOw1rrOnIcI6
ly/P+TEjedrSQxbJRyNbFJCIgas1s51YNTYGEHOVcMNtFBiL0pGvuEo5DzzUvNWp
G6CGu1k2zdxJGNvnggpROcD1QkSAEUMtdyOFlVj/6uGAmV26tVrMeDSOvgPN2Our
qWDz
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:20 2024 by rpki-client on console-ams.rpki-client.org