Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/C1MBGOsE5pBHtJF_Ia15mdBps8E.roa
File: C1MBGOsE5pBHtJF_Ia15mdBps8E.roa (raw, json)
Hash identifier: kPD4HAOnOCcDQVsLerFGK0eSLRzTIQYPGATEAd/ESEE=
Subject key identifier: 0B:53:01:18:EB:04:E6:90:47:B4:91:7F:21:AD:79:99:D0:69:B3:C1
Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Certificate serial: 01900DF761753029868A23AE7BD19B381519
Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/C1MBGOsE5pBHtJF_Ia15mdBps8E.roa
Signing time: Wed 12 Jun 2024 19:40:34 +0000
ROA not before: Wed 12 Jun 2024 19:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 193.33.236.0/23 maxlen: 24
193.33.236.0/24 maxlen: 24
193.33.237.0/24 maxlen: 24
195.211.117.0/24 maxlen: 24
195.211.118.0/24 maxlen: 24
195.211.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:f7:61:75:30:29:86:8a:23:ae:7b:d1:9b:38:15:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Validity
Not Before: Jun 12 19:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b530118eb04e69047b4917f21ad7999d069b3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ba:42:48:dc:83:e8:b0:23:c5:96:af:ce:2c:
a8:c6:41:99:dc:aa:6e:a3:5b:75:d9:50:04:9b:6e:
0b:61:41:75:78:d9:13:fd:5f:48:e7:d3:65:09:e0:
6f:ab:6d:2e:d6:f7:a3:2f:8a:14:db:75:7f:06:25:
cf:4e:a6:e5:60:1e:47:fd:2e:a1:f2:ef:00:21:3d:
d4:72:07:3a:88:4e:ab:01:f1:48:38:67:3d:00:1a:
20:a7:f1:90:32:71:6c:d4:9f:7b:5a:e4:77:00:79:
e1:62:22:9f:3f:9d:43:6e:8d:74:34:96:7f:a3:ee:
69:13:ae:27:4b:6c:9b:44:38:6a:0f:db:fa:6d:e5:
85:83:cc:2e:42:94:52:13:77:cd:c8:d1:25:bb:74:
c1:48:c5:28:27:60:26:2a:ab:6b:15:1c:d1:8a:c8:
01:88:a5:d2:ad:8e:0e:77:4d:dc:f8:09:5e:0d:22:
4f:30:71:f5:61:11:3c:ed:7b:0b:14:6a:37:a7:0e:
08:b7:f9:49:52:2b:66:45:d6:ad:54:90:f4:b2:e1:
37:73:92:38:30:0a:a0:43:f4:0b:39:c2:45:58:cf:
7c:85:bc:f8:e9:36:2f:1e:ff:95:88:ea:ed:7c:43:
d6:cd:68:94:d8:37:0e:4e:62:f4:9c:0c:96:a1:ca:
36:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:53:01:18:EB:04:E6:90:47:B4:91:7F:21:AD:79:99:D0:69:B3:C1
X509v3 Authority Key Identifier:
keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/C1MBGOsE5pBHtJF_Ia15mdBps8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.236.0/23
195.211.117.0-195.211.119.255
Signature Algorithm: sha256WithRSAEncryption
91:e8:50:6e:23:6e:8d:cf:1f:66:cd:37:44:27:4c:0b:a2:91:
15:04:d0:46:ed:9f:8a:cd:0a:68:19:2b:c6:fd:42:11:b2:f1:
a0:1c:18:be:e1:eb:c3:e0:7e:4d:35:50:0a:89:4e:f1:57:f4:
8c:c3:9b:d3:df:08:bd:5d:b6:6d:d8:b8:94:45:0b:0d:8d:e3:
13:78:20:a4:db:5f:0d:cc:16:3f:4e:c4:b9:a8:57:bf:d4:51:
5b:33:4d:3d:29:bd:3e:10:25:ec:f2:d0:53:19:b7:61:1d:bb:
4f:a7:15:7b:6a:f4:01:64:8e:85:21:21:a4:17:f6:37:53:0f:
a2:65:51:f1:ed:cf:01:06:92:36:b7:d5:97:c9:f9:88:c0:aa:
90:42:f8:57:e2:5e:36:d5:8e:f8:c9:7b:c4:27:a4:83:20:d3:
91:74:4b:3f:37:34:2d:21:aa:55:8a:de:20:1a:90:dd:4d:9b:
cb:ea:2c:ee:f9:f3:a9:90:aa:56:2d:5f:68:c9:a0:90:0c:0c:
ab:ca:b7:98:e0:20:8d:06:43:3e:9f:42:1b:54:24:e2:68:ff:
a8:fe:cd:8f:55:b5:6f:1d:2a:4d:4b:a4:8b:21:11:88:1c:bd:
53:08:6e:9d:de:2d:3f:b8:5f:73:f9:57:9a:52:6d:e9:1e:91:
59:28:96:a5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZAN92F1MCmGiiOue9GbOBUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx
OTZhYTEwHhcNMjQwNjEyMTk0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUzMDExOGViMDRlNjkwNDdiNDkxN2YyMWFkNzk5OWQwNjliM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LpCSNyD6LAjxZavziyoxkGZ3Kpu
o1t12VAEm24LYUF1eNkT/V9I59NlCeBvq20u1vejL4oU23V/BiXPTqblYB5H/S6h
8u8AIT3Ucgc6iE6rAfFIOGc9ABogp/GQMnFs1J97WuR3AHnhYiKfP51Dbo10NJZ/
o+5pE64nS2ybRDhqD9v6beWFg8wuQpRSE3fNyNElu3TBSMUoJ2AmKqtrFRzRisgB
iKXSrY4Od03c+AleDSJPMHH1YRE87XsLFGo3pw4It/lJUitmRdatVJD0suE3c5I4
MAqgQ/QLOcJFWM98hbz46TYvHv+ViOrtfEPWzWiU2DcOTmL0nAyWoco2ZwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAtTARjrBOaQR7SRfyGteZnQabPBMB8GA1UdIwQY
MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt
ZGQ4NjI3NzRhMDkyLzEvQzFNQkdPc0U1cEJIdEpGX0lhMTVtZEJwczhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky
LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwSHsMAwD
BADD03UDBAPD03AwDQYJKoZIhvcNAQELBQADggEBAJHoUG4jbo3PH2bNN0QnTAui
kRUE0Ebtn4rNCmgZK8b9QhGy8aAcGL7h68Pgfk01UAqJTvFX9IzDm9PfCL1dtm3Y
uJRFCw2N4xN4IKTbXw3MFj9OxLmoV7/UUVszTT0pvT4QJezy0FMZt2Edu0+nFXtq
9AFkjoUhIaQX9jdTD6JlUfHtzwEGkja31ZfJ+YjAqpBC+FfiXjbVjvjJe8QnpIMg
05F0Sz83NC0hqlWK3iAakN1Nm8vqLO7586mQqlYtX2jJoJAMDKvKt5jgII0GQz6f
QhtUJOJo/6j+zY9VtW8dKk1LpIshEYgcvVMIbp3eLT+4X3P5V5pSbekekVkolqU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:32:33 2024 by rpki-client on console-ams.rpki-client.org