Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/gD_qP5wozjXEM4Z1BSiPFMvXfKI.roa
File: gD_qP5wozjXEM4Z1BSiPFMvXfKI.roa (raw, json)
Hash identifier: ZsCuLACybMS4KWThv6KcZKziQnvUs+3UPruKwcnIjAA=
Subject key identifier: 80:3F:EA:3F:9C:28:CE:35:C4:33:86:75:05:28:8F:14:CB:D7:7C:A2
Certificate issuer: /CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Certificate serial: 018E331569754D90D05DD2EB89B63CA6BC05
Authority key identifier: AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/gD_qP5wozjXEM4Z1BSiPFMvXfKI.roa
Signing time: Tue 12 Mar 2024 14:33:45 +0000
ROA not before: Tue 12 Mar 2024 14:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24763
IP address blocks: 193.56.124.0/24 maxlen: 24
193.56.131.0/24 maxlen: 24
2a00:4f40:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:15:69:75:4d:90:d0:5d:d2:eb:89:b6:3c:a6:bc:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Validity
Not Before: Mar 12 14:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=803fea3f9c28ce35c433867505288f14cbd77ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bc:0b:b9:88:c2:89:08:6b:67:ec:33:e4:f0:
5e:72:31:a0:80:04:26:6d:54:aa:ce:b8:3c:95:c3:
13:63:73:84:a8:72:e4:bd:58:cb:82:cb:7d:9c:34:
7d:5c:92:05:56:b1:7d:f4:f3:f4:f1:de:05:42:d6:
a5:80:38:40:94:08:e4:b7:d5:76:bb:c3:16:41:56:
5d:a6:01:32:64:98:53:dc:54:07:f4:bf:66:f2:c8:
e2:90:8c:8c:2a:07:c1:fc:17:19:b8:96:4f:ee:f3:
32:0f:8e:5c:50:b7:c0:b7:28:8d:7b:e8:50:a9:96:
06:a8:5f:60:a2:5e:3a:cd:28:e7:91:fb:6b:f3:56:
64:0e:f2:42:d0:0a:ed:17:2d:19:a2:c1:62:9c:79:
dd:c8:2f:61:e7:c8:48:b2:02:41:b5:e0:c6:d8:f8:
55:8a:55:e5:79:fc:a3:30:00:db:0e:96:b5:c9:42:
61:d9:2a:19:78:ce:ed:b7:09:0d:8a:53:72:42:29:
2e:11:e7:60:9c:d7:2f:47:03:34:bc:fe:39:49:89:
40:f6:fb:a8:2b:b2:a8:71:61:3c:e8:36:ba:6a:d5:
03:e5:87:07:64:f4:e9:e1:5e:93:7b:78:55:28:4e:
02:35:58:ca:73:ae:38:c2:ad:9b:dc:03:91:d6:85:
34:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3F:EA:3F:9C:28:CE:35:C4:33:86:75:05:28:8F:14:CB:D7:7C:A2
X509v3 Authority Key Identifier:
keyid:AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/gD_qP5wozjXEM4Z1BSiPFMvXfKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.124.0/24
193.56.131.0/24
IPv6:
2a00:4f40:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
35:86:4c:16:7c:db:35:e2:f1:07:eb:b4:fe:2f:d1:33:13:5f:
29:ed:6d:d7:44:8d:65:a9:8a:3f:0b:89:34:db:df:a5:e0:c5:
73:52:6c:42:1f:5e:6c:55:d0:f2:85:b3:ca:b3:56:7c:b9:c3:
c3:e9:09:f5:d3:8a:80:ee:9c:3f:37:9c:f0:cb:9e:9d:4f:c9:
81:1d:a9:dd:3b:b6:24:8c:76:8f:c7:ed:ad:df:16:20:26:2c:
52:ac:53:94:a6:6a:b6:13:64:de:e1:80:5f:14:7e:29:18:4b:
fe:8c:16:68:63:b9:a9:51:bb:72:fb:df:98:4f:fa:27:4a:96:
f9:f2:82:f0:82:ed:9e:a9:8a:be:2e:9a:b7:0f:2f:29:91:09:
35:59:1c:20:b4:5b:82:42:5a:6a:24:75:15:e6:bd:11:01:cb:
1a:7e:94:70:1b:27:31:0e:1b:b3:f2:71:b9:97:b5:c9:c7:8d:
13:dd:6e:ec:85:67:67:40:ce:48:7e:14:f7:0f:04:d0:3b:85:
c9:6e:6f:2e:51:77:f0:ca:75:71:dc:b5:e5:7d:0d:3d:69:ce:
dd:ff:d3:ff:47:3f:52:ea:ca:e5:32:74:67:00:a5:af:3f:e7:
c9:75:74:08:fd:4e:6f:8a:4d:12:32:f2:3b:67:cf:43:52:0c:
d7:da:e6:ef
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY4zFWl1TZDQXdLribY8prwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWUyZWZjZGMyMTNhYzViMWIwODc5ZDkyMmExNzhiODUw
ZjQ1MWYwHhcNMjQwMzEyMTQzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNmZWEzZjljMjhjZTM1YzQzMzg2NzUwNTI4OGYxNGNiZDc3Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47wLuYjCiQhrZ+wz5PBecjGggAQm
bVSqzrg8lcMTY3OEqHLkvVjLgst9nDR9XJIFVrF99PP08d4FQtalgDhAlAjkt9V2
u8MWQVZdpgEyZJhT3FQH9L9m8sjikIyMKgfB/BcZuJZP7vMyD45cULfAtyiNe+hQ
qZYGqF9gol46zSjnkftr81ZkDvJC0ArtFy0ZosFinHndyC9h58hIsgJBteDG2PhV
ilXlefyjMADbDpa1yUJh2SoZeM7ttwkNilNyQikuEedgnNcvRwM0vP45SYlA9vuo
K7KocWE86Da6atUD5YcHZPTp4V6Te3hVKE4CNVjKc644wq2b3AOR1oU04wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIA/6j+cKM41xDOGdQUojxTL13yiMB8GA1UdIwQY
MBaAFKyeLvzcITrFsbCHnZIqF4uFD0UfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEt
N2M3YmYyNzE3NWM1LzEvZ0RfcVA1d296alhFTTRaMUJTaVBGTXZYZktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEtN2M3YmYyNzE3NWM1
LzEvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwTh8AwQA
wTiDMA8EAgACMAkDBwAqAE9A//4wDQYJKoZIhvcNAQELBQADggEBADWGTBZ82zXi
8QfrtP4v0TMTXyntbddEjWWpij8LiTTb36XgxXNSbEIfXmxV0PKFs8qzVny5w8Pp
CfXTioDunD83nPDLnp1PyYEdqd07tiSMdo/H7a3fFiAmLFKsU5SmarYTZN7hgF8U
fikYS/6MFmhjualRu3L735hP+idKlvnygvCC7Z6pir4umrcPLymRCTVZHCC0W4JC
WmokdRXmvREByxp+lHAbJzEOG7PycbmXtcnHjRPdbuyFZ2dAzkh+FPcPBNA7hclu
by5Rd/DKdXHcteV9DT1pzt3/0/9HP1LqyuUydGcApa8/58l1dAj9Tm+KTRIy8jtn
z0NSDNfa5u8=
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:18:32 2024 by rpki-client on console-fra.rpki-client.org