Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/kHppUTsnrJMMl-qwPCPPYFihPQU.roa
File: kHppUTsnrJMMl-qwPCPPYFihPQU.roa (raw, json)
Hash identifier: /ayIwfBexWzy3IXjSjRqOWK76nB016oSb9HXtMR283Y=
Subject key identifier: 90:7A:69:51:3B:27:AC:93:0C:97:EA:B0:3C:23:CF:60:58:A1:3D:05
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 018CC2DB1570F77629700C1CA32A852C2E83
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/kHppUTsnrJMMl-qwPCPPYFihPQU.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210107
IP address blocks: 193.36.60.80/32 maxlen: 32
193.36.60.97/32 maxlen: 32
193.36.60.60/32 maxlen: 32
193.36.60.0/24 maxlen: 24
193.36.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:15:70:f7:76:29:70:0c:1c:a3:2a:85:2c:2e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=907a69513b27ac930c97eab03c23cf6058a13d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6b:c6:62:d1:e4:53:c2:33:a2:3c:2a:94:74:
7e:16:9b:74:72:c5:38:ad:28:b8:15:81:74:a9:1e:
89:43:47:cc:61:fe:e4:b6:f4:d2:a6:a0:fd:fc:a5:
b5:ad:ea:2b:c9:bb:b8:e9:ac:b0:a1:97:5b:69:8a:
a5:94:4f:0c:0c:04:09:99:1b:1f:ec:b1:b4:50:23:
46:1e:15:8a:b4:ae:75:52:2d:ae:b9:a1:ac:5d:8f:
43:d1:7d:12:16:8a:a9:ed:94:25:fb:c9:a3:89:51:
11:db:49:f0:80:51:39:85:c1:83:20:c8:57:49:1a:
2c:a3:2b:ab:ba:5f:9d:bc:0f:88:ce:de:48:73:0c:
de:7d:b7:06:89:b0:94:76:fd:c8:9a:63:2d:16:f7:
34:a4:fe:64:ec:58:6a:17:89:81:62:78:08:d4:d4:
56:23:37:e7:65:a7:1f:f3:58:a6:46:80:f4:80:e7:
93:24:b7:03:18:c3:da:6b:d9:6f:ea:22:28:a1:e3:
f7:3c:79:85:bc:38:3d:47:7b:c1:4c:96:10:c5:7a:
11:8b:42:62:19:81:79:a4:93:7d:4e:6a:a3:57:cf:
28:c2:fe:14:36:d4:f5:55:ca:79:89:70:50:14:8a:
88:b1:89:49:b6:3b:83:dc:a2:00:91:31:c4:fd:5d:
03:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7A:69:51:3B:27:AC:93:0C:97:EA:B0:3C:23:CF:60:58:A1:3D:05
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/kHppUTsnrJMMl-qwPCPPYFihPQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.60.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:2b:a6:b1:75:e1:04:bc:29:0d:18:2e:59:09:1b:e8:05:e6:
ae:d3:7d:bd:8f:c6:5c:7b:75:bf:92:9d:69:d9:2a:f4:dc:d9:
4e:1a:f6:50:7a:11:08:a0:ed:92:4e:ca:d5:31:7c:3e:5e:5f:
6c:58:71:5d:3a:2b:2d:0b:d0:05:bb:cc:8e:b8:40:d5:f6:52:
a5:51:e2:fd:42:fa:a1:8c:b4:8b:78:1b:e7:a6:7f:45:29:d5:
2a:cf:fa:a6:cc:dd:a8:92:c8:6e:d4:f7:61:2e:06:24:51:42:
d7:77:1f:9a:63:04:dd:02:a1:29:97:84:b2:43:b9:7b:a5:91:
90:b5:ff:8d:5a:45:b3:52:93:8e:e5:e5:83:9a:90:3f:2d:27:
32:1d:25:25:ad:25:35:5d:9b:fc:e0:6e:dc:39:0c:41:ca:ea:
57:88:bf:02:b6:22:7e:c9:fc:58:b4:8f:fa:ca:52:e7:d6:72:
40:70:79:f3:3b:bb:4e:1c:24:5f:c2:a9:9b:be:e9:b9:45:ab:
9f:de:4f:87:d8:8e:b2:9b:2c:21:85:62:8f:af:ed:85:48:2c:
6f:4a:7d:d2:ef:a3:04:98:ad:25:bb:3a:93:0d:e4:6c:4e:96:
13:ec:a6:f5:09:6d:03:89:a2:52:3c:b4:f9:56:ce:e4:17:2f:
f7:01:66:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2xVw93YpcAwcoyqFLC6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdhNjk1MTNiMjdhYzkzMGM5N2VhYjAzYzIzY2Y2MDU4YTEzZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGvGYtHkU8IzojwqlHR+Fpt0csU4
rSi4FYF0qR6JQ0fMYf7ktvTSpqD9/KW1reorybu46aywoZdbaYqllE8MDAQJmRsf
7LG0UCNGHhWKtK51Ui2uuaGsXY9D0X0SFoqp7ZQl+8mjiVER20nwgFE5hcGDIMhX
SRosoyurul+dvA+Izt5IcwzefbcGibCUdv3ImmMtFvc0pP5k7FhqF4mBYngI1NRW
IzfnZacf81imRoD0gOeTJLcDGMPaa9lv6iIooeP3PHmFvDg9R3vBTJYQxXoRi0Ji
GYF5pJN9TmqjV88owv4UNtT1Vcp5iXBQFIqIsYlJtjuD3KIAkTHE/V0DUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJB6aVE7J6yTDJfqsDwjz2BYoT0FMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEva0hwcFVUc25ySk1NbC1xd1BDUFBZRmloUFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSQ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBOK6axdeEEvCkNGC5ZCRvoBeau0329j8Zce3W/kp1p
2Sr03NlOGvZQehEIoO2STsrVMXw+Xl9sWHFdOistC9AFu8yOuEDV9lKlUeL9Qvqh
jLSLeBvnpn9FKdUqz/qmzN2okshu1PdhLgYkUULXdx+aYwTdAqEpl4SyQ7l7pZGQ
tf+NWkWzUpOO5eWDmpA/LScyHSUlrSU1XZv84G7cOQxByupXiL8CtiJ+yfxYtI/6
ylLn1nJAcHnzO7tOHCRfwqmbvum5Rauf3k+H2I6ymywhhWKPr+2FSCxvSn3S76ME
mK0luzqTDeRsTpYT7Kb1CW0DiaJSPLT5Vs7kFy/3AWbO
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:00:08 2024 by rpki-client on console-fra.rpki-client.org