Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/7hsD7gHsyY4ERbhEncNpMVV9bdY.roa
File: 7hsD7gHsyY4ERbhEncNpMVV9bdY.roa (raw, json)
Hash identifier: qkDbSJE8IVcg6eh0uaDe35Rl3uaY3UczyVKxCv8yck0=
Subject key identifier: EE:1B:03:EE:01:EC:C9:8E:04:45:B8:44:9D:C3:69:31:55:7D:6D:D6
Certificate issuer: /CN=16497d8453c5ee3ebbb388e1a47a195ff30fe009
Certificate serial: 018CC6B8ECC5E0C31881A9CE9B53B37750A1
Authority key identifier: 16:49:7D:84:53:C5:EE:3E:BB:B3:88:E1:A4:7A:19:5F:F3:0F:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/7hsD7gHsyY4ERbhEncNpMVV9bdY.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207983
IP address blocks: 193.33.165.0/24 maxlen: 24
193.33.164.0/24 maxlen: 24
193.33.205.0/24 maxlen: 24
193.33.204.0/24 maxlen: 24
2a0f:640::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ec:c5:e0:c3:18:81:a9:ce:9b:53:b3:77:50:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16497d8453c5ee3ebbb388e1a47a195ff30fe009
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee1b03ee01ecc98e0445b8449dc36931557d6dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:9a:72:bc:fd:13:1f:0d:28:91:e2:d9:ef:
43:4c:1f:81:f5:e0:e1:a6:15:18:1a:72:f7:2d:4d:
41:8a:07:3d:64:95:c1:22:7a:a5:92:65:47:8a:25:
c4:23:5e:72:bc:7a:c4:4c:d1:ed:d8:a5:02:4e:9c:
bd:37:26:40:ba:a7:5c:26:8f:ff:f4:d3:bd:4e:e1:
34:b6:9f:e7:6c:fd:d0:df:d7:9b:5a:21:2a:7c:7e:
60:1d:3b:fd:45:20:44:30:bb:af:76:76:36:1d:77:
2c:60:04:9b:ab:8f:f8:f2:50:db:a2:7e:c4:92:fd:
7e:ee:79:dd:da:fb:0a:2e:f7:4e:a2:97:36:e8:ac:
2f:1b:47:37:8f:a5:af:fa:9f:7c:14:df:ec:45:13:
4b:34:27:0a:a2:c1:1d:f1:54:d5:b5:47:cd:8e:1b:
09:84:0d:3f:f4:9c:ce:cb:6a:19:88:0f:5d:76:56:
e6:a2:fa:02:ce:f9:94:1b:c4:ee:4d:f2:ce:32:9e:
0d:6e:63:ad:ce:4c:13:f9:36:8b:5e:55:5f:6b:53:
75:f4:60:2b:13:32:77:29:bc:be:00:50:81:3e:90:
94:1e:11:fb:00:51:31:a3:4e:b8:94:ac:89:27:ec:
7d:1b:89:92:25:25:6c:4a:ff:2b:4f:de:be:ae:b5:
9f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:1B:03:EE:01:EC:C9:8E:04:45:B8:44:9D:C3:69:31:55:7D:6D:D6
X509v3 Authority Key Identifier:
keyid:16:49:7D:84:53:C5:EE:3E:BB:B3:88:E1:A4:7A:19:5F:F3:0F:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/7hsD7gHsyY4ERbhEncNpMVV9bdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.164.0/23
193.33.204.0/23
IPv6:
2a0f:640::/48
Signature Algorithm: sha256WithRSAEncryption
98:07:50:6e:85:ea:5a:21:2a:f2:c2:d7:e9:3b:57:5f:b4:96:
fe:df:00:01:17:d5:34:6a:8c:e3:3c:9a:8a:d0:3b:e9:ee:5b:
35:f2:b7:a8:6b:5c:e0:6d:86:c2:3a:b5:55:26:6c:db:d6:89:
81:bd:85:45:55:df:7d:36:27:4e:02:3d:f9:e9:50:e9:d2:1c:
aa:81:11:b3:5e:27:b2:53:44:1b:ff:4c:d7:29:52:7c:f8:47:
24:1a:0b:9b:be:32:10:6c:71:2a:8f:49:51:50:03:e9:81:a7:
cb:d6:2e:dc:f3:81:2f:b3:29:c9:d5:8c:6f:bb:8c:dd:86:82:
54:a6:25:06:86:64:06:6d:39:58:b0:ea:46:37:b6:d3:91:c4:
5c:76:b7:ab:e2:62:99:dc:8a:65:39:f3:32:4d:75:6d:ac:25:
27:b9:85:c9:32:5a:b0:93:dd:d4:98:0a:e9:22:8d:8c:a5:c1:
83:82:4c:d3:f5:0e:15:1c:8c:1e:3c:2d:0e:69:b3:fb:fc:83:
8c:8b:f0:9c:7c:5f:01:8f:56:f7:76:d4:fc:32:27:28:57:90:
78:00:ee:a2:b9:c7:e8:fd:48:a5:a3:3f:84:64:11:a1:26:12:
f6:f1:df:54:37:8c:91:56:19:ed:5c:dd:94:f1:1c:88:58:88:
d7:9e:cd:4a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGuOzF4MMYganOm1Ozd1ChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NDk3ZDg0NTNjNWVlM2ViYmIzODhlMWE0N2ExOTVmZjMw
ZmUwMDkwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTFiMDNlZTAxZWNjOThlMDQ0NWI4NDQ5ZGMzNjkzMTU1N2Q2ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeWacrz9Ex8NKJHi2e9DTB+B9eDh
phUYGnL3LU1Bigc9ZJXBInqlkmVHiiXEI15yvHrETNHt2KUCTpy9NyZAuqdcJo//
9NO9TuE0tp/nbP3Q39ebWiEqfH5gHTv9RSBEMLuvdnY2HXcsYASbq4/48lDbon7E
kv1+7nnd2vsKLvdOopc26KwvG0c3j6Wv+p98FN/sRRNLNCcKosEd8VTVtUfNjhsJ
hA0/9JzOy2oZiA9ddlbmovoCzvmUG8TuTfLOMp4NbmOtzkwT+TaLXlVfa1N19GAr
EzJ3Kby+AFCBPpCUHhH7AFExo064lKyJJ+x9G4mSJSVsSv8rT96+rrWf3wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFO4bA+4B7MmOBEW4RJ3DaTFVfW3WMB8GA1UdIwQY
MBaAFBZJfYRTxe4+u7OI4aR6GV/zD+AJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmtsOWhGUEY3ajY3czRqaHBIb1pYX01QNEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jOTdmY2YtMWE4ZC00YWM5LWJmZWEt
YjIzNGRkNmVkNjM3LzEvN2hzRDdnSHN5WTRFUmJoRW5jTnBNVlY5YmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jOTdmY2YtMWE4ZC00YWM5LWJmZWEtYjIzNGRkNmVkNjM3
LzEvRmtsOWhGUEY3ajY3czRqaHBIb1pYX01QNEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBwSGkAwQB
wSHMMA8EAgACMAkDBwAqDwZAAAAwDQYJKoZIhvcNAQELBQADggEBAJgHUG6F6loh
KvLC1+k7V1+0lv7fAAEX1TRqjOM8morQO+nuWzXyt6hrXOBthsI6tVUmbNvWiYG9
hUVV3302J04CPfnpUOnSHKqBEbNeJ7JTRBv/TNcpUnz4RyQaC5u+MhBscSqPSVFQ
A+mBp8vWLtzzgS+zKcnVjG+7jN2GglSmJQaGZAZtOViw6kY3ttORxFx2t6viYpnc
imU58zJNdW2sJSe5hckyWrCT3dSYCukijYylwYOCTNP1DhUcjB48LQ5ps/v8g4yL
8Jx8XwGPVvd21PwyJyhXkHgA7qK5x+j9SKWjP4RkEaEmEvbx31Q3jJFWGe1c3ZTx
HIhYiNeezUo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:39:33 2024 by rpki-client on console-fra.rpki-client.org