Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a60c29-74aa-4b2b-9066-99bbbafe9c4b/1/kP9ZbsB38pfPeHjroT3rZbLJZCE.roa
File: kP9ZbsB38pfPeHjroT3rZbLJZCE.roa (raw, json)
Hash identifier: 3bzIoxaFXJy6q7VcpbTno84yvogV1DfsC/rHcSE9WO4=
Subject key identifier: 90:FF:59:6E:C0:77:F2:97:CF:78:78:EB:A1:3D:EB:65:B2:C9:64:21
Certificate issuer: /CN=379cd67c0c18959239358553229e91f543cc5a5f
Certificate serial: 018CC3B71523271605053602A72FC18B54A8
Authority key identifier: 37:9C:D6:7C:0C:18:95:92:39:35:85:53:22:9E:91:F5:43:CC:5A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5zWfAwYlZI5NYVTIp6R9UPMWl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a60c29-74aa-4b2b-9066-99bbbafe9c4b/1/kP9ZbsB38pfPeHjroT3rZbLJZCE.roa
Signing time: Mon 01 Jan 2024 06:30:04 +0000
ROA not before: Mon 01 Jan 2024 06:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15169
IP address blocks: 193.186.4.0/24 maxlen: 24
2a00:1450:400c::/48 maxlen: 48
2a00:1450:4007::/48 maxlen: 48
2a00:1450:4002::/48 maxlen: 48
2a00:1450::/32 maxlen: 32
2a00:1450:401b::/48 maxlen: 48
2a00:1450:4016::/48 maxlen: 48
2a00:1450:4011::/48 maxlen: 48
2a00:1450:4004::/48 maxlen: 48
2a00:1450:401a::/48 maxlen: 48
2a00:1450:4015::/48 maxlen: 48
2a00:1450:4018::/48 maxlen: 48
2a00:1450:4013::/48 maxlen: 48
2a00:1450:480e::/48 maxlen: 48
2a00:1450:400e::/48 maxlen: 48
2a00:1450:4009::/48 maxlen: 48
2a00:1450:401c::/48 maxlen: 48
2a00:1450:4017::/48 maxlen: 48
2a00:1450:4012::/48 maxlen: 48
2a00:1450:400d::/48 maxlen: 48
2a00:1450:4010::/48 maxlen: 48
2a00:1450:400b::/48 maxlen: 48
2a00:1450:4006::/48 maxlen: 48
2a00:1450:4001::/48 maxlen: 48
2a00:1450:4014::/48 maxlen: 48
2a00:1450:400f::/48 maxlen: 48
2a00:1450:400a::/48 maxlen: 48
2a00:1450:4005::/48 maxlen: 48
2a00:1450:4008::/48 maxlen: 48
2a00:1450:4003::/48 maxlen: 48
2a00:1450:4019::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/a60c29-74aa-4b2b-9066-99bbbafe9c4b/1/N5zWfAwYlZI5NYVTIp6R9UPMWl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/a60c29-74aa-4b2b-9066-99bbbafe9c4b/1/N5zWfAwYlZI5NYVTIp6R9UPMWl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/N5zWfAwYlZI5NYVTIp6R9UPMWl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:15:23:27:16:05:05:36:02:a7:2f:c1:8b:54:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=379cd67c0c18959239358553229e91f543cc5a5f
Validity
Not Before: Jan 1 06:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90ff596ec077f297cf7878eba13deb65b2c96421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:27:c4:06:bf:80:8e:9d:94:76:16:3d:e1:
ed:22:96:ff:b1:28:f9:da:fd:ce:2b:b4:96:b5:f6:
b8:af:25:a7:9e:25:f8:bc:67:58:dc:5c:d2:29:cb:
4e:f0:03:8a:fa:ba:5b:77:f7:b9:e4:65:46:06:58:
d1:ed:82:29:c8:7b:91:47:e5:20:17:74:b5:6d:50:
3c:77:b0:b3:d7:fa:ca:c3:dc:2e:87:e2:52:26:5f:
9a:36:e5:f1:29:c7:92:7a:50:ea:8d:28:13:ce:77:
10:af:99:3b:3d:43:94:22:1c:e2:19:00:05:41:b3:
2b:28:37:f6:57:35:e6:64:b0:68:4b:05:a3:59:7a:
0d:92:9e:d2:f7:70:7e:7b:05:97:ed:46:1f:c8:f0:
0b:20:60:f1:9d:20:a6:3f:a6:f8:96:23:58:00:b6:
cd:47:8f:81:ef:88:4a:51:c9:b8:0a:49:56:92:1c:
76:75:8e:45:19:f8:84:a3:a5:e2:4b:27:5a:67:4c:
a4:9b:74:dd:d5:fe:15:ef:04:cf:f5:2d:02:0d:16:
b4:3b:5a:41:88:85:45:7c:b7:8e:38:af:cb:5d:ee:
57:07:54:91:18:8f:cc:de:dc:c0:df:72:a5:9a:6d:
42:6b:91:70:68:ea:62:6e:db:37:f5:36:bd:1a:11:
94:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FF:59:6E:C0:77:F2:97:CF:78:78:EB:A1:3D:EB:65:B2:C9:64:21
X509v3 Authority Key Identifier:
keyid:37:9C:D6:7C:0C:18:95:92:39:35:85:53:22:9E:91:F5:43:CC:5A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5zWfAwYlZI5NYVTIp6R9UPMWl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a60c29-74aa-4b2b-9066-99bbbafe9c4b/1/kP9ZbsB38pfPeHjroT3rZbLJZCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a60c29-74aa-4b2b-9066-99bbbafe9c4b/1/N5zWfAwYlZI5NYVTIp6R9UPMWl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.4.0/24
IPv6:
2a00:1450::/32
Signature Algorithm: sha256WithRSAEncryption
ad:73:a4:89:57:94:a0:29:84:8f:a0:5a:fe:6f:2f:fa:a3:35:
10:17:67:c5:03:68:09:e2:33:1c:d1:0b:db:7b:ee:7b:78:0f:
00:d1:6d:9b:56:2a:a4:7b:6f:75:d3:e9:35:0b:1e:ea:49:6b:
e2:b9:b7:a5:26:58:63:db:19:2c:f1:a7:33:4d:43:f9:4e:70:
f8:03:fc:2a:fb:68:ed:a0:f1:9f:55:47:12:b0:fe:52:21:df:
3a:85:c2:28:21:19:1f:f9:e1:a4:a7:c1:49:dd:1b:7e:ce:5a:
75:5e:f9:52:f8:c0:a6:2f:64:07:28:0b:64:16:ff:5f:57:23:
70:ce:91:2c:72:96:3a:1e:ae:26:05:59:28:7b:61:a0:ad:68:
76:01:87:b5:61:0f:b4:b0:51:ba:45:5e:6b:62:62:37:24:ba:
57:c3:30:e0:b0:47:5d:54:d1:9f:d7:98:55:34:06:ec:e4:ad:
1b:28:52:e1:7b:d6:58:7b:39:f0:f2:b2:f4:cf:5d:78:a6:3f:
46:7d:6c:0b:8f:77:62:85:d7:05:6f:15:3b:42:5f:4d:a2:31:
9e:13:86:fb:84:84:ac:cf:6d:f8:e0:4f:88:e8:d9:4f:79:8c:
18:a2:7b:a5:a4:0a:26:ac:4a:74:8b:ca:a7:dc:3f:3b:5c:d2:
75:40:c1:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtxUjJxYFBTYCpy/Bi1SoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OWNkNjdjMGMxODk1OTIzOTM1ODU1MzIyOWU5MWY1NDNj
YzVhNWYwHhcNMjQwMTAxMDYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZmNTk2ZWMwNzdmMjk3Y2Y3ODc4ZWJhMTNkZWI2NWIyYzk2NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDQnxAa/gI6dlHYWPeHtIpb/sSj5
2v3OK7SWtfa4ryWnniX4vGdY3FzSKctO8AOK+rpbd/e55GVGBljR7YIpyHuRR+Ug
F3S1bVA8d7Cz1/rKw9wuh+JSJl+aNuXxKceSelDqjSgTzncQr5k7PUOUIhziGQAF
QbMrKDf2VzXmZLBoSwWjWXoNkp7S93B+ewWX7UYfyPALIGDxnSCmP6b4liNYALbN
R4+B74hKUcm4CklWkhx2dY5FGfiEo6XiSydaZ0ykm3Td1f4V7wTP9S0CDRa0O1pB
iIVFfLeOOK/LXe5XB1SRGI/M3tzA33Klmm1Ca5FwaOpibts39Ta9GhGUCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJD/WW7Ad/KXz3h466E962WyyWQhMB8GA1UdIwQY
MBaAFDec1nwMGJWSOTWFUyKekfVDzFpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjV6V2ZBd1lsWkk1TllWVElwNlI5VVBNV2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hNjBjMjktNzRhYS00YjJiLTkwNjYt
OTliYmJhZmU5YzRiLzEva1A5WmJzQjM4cGZQZUhqcm9UM3JaYkxKWkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hNjBjMjktNzRhYS00YjJiLTkwNjYtOTliYmJhZmU5YzRi
LzEvTjV6V2ZBd1lsWkk1TllWVElwNlI5VVBNV2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwboEMA0E
AgACMAcDBQAqABRQMA0GCSqGSIb3DQEBCwUAA4IBAQCtc6SJV5SgKYSPoFr+by/6
ozUQF2fFA2gJ4jMc0Qvbe+57eA8A0W2bViqke2910+k1Cx7qSWviubelJlhj2xks
8aczTUP5TnD4A/wq+2jtoPGfVUcSsP5SId86hcIoIRkf+eGkp8FJ3Rt+zlp1XvlS
+MCmL2QHKAtkFv9fVyNwzpEscpY6Hq4mBVkoe2GgrWh2AYe1YQ+0sFG6RV5rYmI3
JLpXwzDgsEddVNGf15hVNAbs5K0bKFLhe9ZYeznw8rL0z114pj9GfWwLj3dihdcF
bxU7Ql9NojGeE4b7hISsz2344E+I6NlPeYwYonulpAomrEp0i8qn3D87XNJ1QMGg
-----END CERTIFICATE-----
Generated at Sat May 18 00:38:37 2024 by rpki-client on console-ams.rpki-client.org