Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/prziMSCIPZONcl5mE22gBQiKiyQ.roa
File: prziMSCIPZONcl5mE22gBQiKiyQ.roa (raw, json)
Hash identifier: IqqPOP9F4Q4uVfKqJsjok7gm9GdUc/dJCDgw8ghAU9Y=
Subject key identifier: A6:BC:E2:31:20:88:3D:93:8D:72:5E:66:13:6D:A0:05:08:8A:8B:24
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 018CC6B7C3C338693470DC5EAF2370FDDACF
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/prziMSCIPZONcl5mE22gBQiKiyQ.roa
Signing time: Mon 01 Jan 2024 20:29:41 +0000
ROA not before: Mon 01 Jan 2024 20:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 143.196.125.0/24 maxlen: 24
143.196.124.0/24 maxlen: 24
143.196.126.0/24 maxlen: 24
143.196.127.0/24 maxlen: 24
143.196.130.0/24 maxlen: 24
143.196.144.0/24 maxlen: 24
143.196.143.0/24 maxlen: 24
143.196.159.0/24 maxlen: 24
143.196.158.0/24 maxlen: 24
143.196.250.0/24 maxlen: 24
143.196.252.0/24 maxlen: 24
143.196.253.0/24 maxlen: 24
143.196.160.0/24 maxlen: 24
143.196.161.0/24 maxlen: 24
143.196.166.0/24 maxlen: 24
143.196.163.0/24 maxlen: 24
143.196.162.0/24 maxlen: 24
143.196.165.0/24 maxlen: 24
143.196.164.0/24 maxlen: 24
143.196.167.0/24 maxlen: 24
143.196.0.0/24 maxlen: 24
143.196.1.0/24 maxlen: 24
143.196.17.0/24 maxlen: 24
143.196.16.0/24 maxlen: 24
143.196.20.0/24 maxlen: 24
143.196.21.0/24 maxlen: 24
143.196.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:c3:c3:38:69:34:70:dc:5e:af:23:70:fd:da:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Jan 1 20:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6bce23120883d938d725e66136da005088a8b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7f:8a:55:94:0a:79:88:cf:6a:26:42:b5:20:
25:4a:7d:ec:bf:f0:b2:93:24:62:c9:cc:aa:f8:c4:
a6:03:ff:27:a5:58:f9:53:28:03:2d:fc:40:be:87:
3c:60:c8:e0:9b:ba:71:5b:89:04:05:18:9b:22:05:
3a:57:af:ed:74:ba:4d:dc:5e:8f:b1:00:eb:3e:1e:
b2:3b:d7:0d:af:df:42:a9:03:45:cd:b2:1d:5a:e6:
9d:ba:93:13:ac:65:d0:fb:31:4f:74:0a:79:54:0d:
8e:ab:84:fb:37:fb:d2:62:8c:da:10:55:8d:5a:27:
d2:98:ef:03:a2:b0:ad:3c:e7:cd:b3:49:b0:b7:98:
45:b9:3d:01:cd:be:7f:a6:23:49:c1:97:1b:c6:5d:
eb:50:ca:e0:71:bf:2b:3b:87:6a:61:5d:8d:0a:ae:
cb:89:9d:29:55:23:3b:f8:42:b6:89:05:cc:ba:01:
9f:d9:b9:b8:d4:2d:d7:24:86:ea:d1:2a:fe:40:37:
a8:7a:a0:6e:41:c0:da:97:4c:51:82:5f:c6:ac:db:
4e:da:14:6c:5a:77:b3:c1:17:95:9b:70:f0:e2:61:
97:7e:a1:fc:16:9c:3f:8f:bf:2c:f6:b8:dd:da:6c:
34:2e:ba:dd:d6:96:f0:a4:d1:a2:03:cb:ae:29:75:
1a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BC:E2:31:20:88:3D:93:8D:72:5E:66:13:6D:A0:05:08:8A:8B:24
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/prziMSCIPZONcl5mE22gBQiKiyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.0.0/23
143.196.16.0-143.196.18.255
143.196.20.0/23
143.196.124.0/22
143.196.130.0/24
143.196.143.0-143.196.144.255
143.196.158.0-143.196.167.255
143.196.250.0/24
143.196.252.0/23
Signature Algorithm: sha256WithRSAEncryption
54:fb:ed:49:18:04:8e:6d:95:dd:bc:f5:0e:68:d1:36:a8:67:
c3:39:89:e5:9f:60:5e:e7:45:e0:66:a0:d5:22:3a:7c:86:98:
84:b8:41:9d:8c:fd:40:ac:c4:f0:f3:ef:92:0e:a4:02:28:2a:
cb:85:1e:96:79:3f:a4:0d:64:4a:fc:57:c2:81:ab:e5:92:43:
bb:2c:65:75:00:4c:c1:b5:92:19:0e:ae:22:fd:26:2c:ce:80:
1a:0d:86:23:7c:e2:b2:be:3d:57:ac:26:a4:54:c5:8b:d4:ff:
da:b4:97:25:d5:3f:52:7c:d1:af:ad:dc:00:fc:86:b2:41:ec:
4e:d5:5f:87:76:c2:8f:33:1b:01:d8:d1:02:78:9e:64:39:ab:
38:37:bb:06:f7:b1:d3:1c:79:f8:bc:c4:1e:b4:d9:f9:77:ba:
b9:92:1a:87:46:e2:32:34:0d:d8:fb:1b:7c:7b:b9:b5:00:de:
5f:51:28:4b:25:78:dc:10:25:ca:76:1a:0a:1d:74:45:28:bf:
48:f1:c9:0e:2f:d7:91:be:8f:8d:1c:bf:ff:20:f6:b3:e1:ba:
ed:e2:45:62:4c:df:c8:fa:ba:6f:18:a1:ab:d3:15:78:dc:d5:
5f:17:03:98:97:3e:8f:da:89:aa:59:b5:76:10:29:0b:82:29:
d2:cd:ef:ed
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzGt8PDOGk0cNxeryNw/drPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjQwMTAxMjAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJjZTIzMTIwODgzZDkzOGQ3MjVlNjYxMzZkYTAwNTA4OGE4YjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX+KVZQKeYjPaiZCtSAlSn3sv/Cy
kyRiycyq+MSmA/8npVj5UygDLfxAvoc8YMjgm7pxW4kEBRibIgU6V6/tdLpN3F6P
sQDrPh6yO9cNr99CqQNFzbIdWuadupMTrGXQ+zFPdAp5VA2Oq4T7N/vSYozaEFWN
WifSmO8DorCtPOfNs0mwt5hFuT0Bzb5/piNJwZcbxl3rUMrgcb8rO4dqYV2NCq7L
iZ0pVSM7+EK2iQXMugGf2bm41C3XJIbq0Sr+QDeoeqBuQcDal0xRgl/GrNtO2hRs
WnezwReVm3Dw4mGXfqH8Fpw/j78s9rjd2mw0Lrrd1pbwpNGiA8uuKXUaRQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKa84jEgiD2TjXJeZhNtoAUIioskMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvcHJ6aU1TQ0lQWk9OY2w1bUUyMmdCUWlLaXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBj8QAMAwD
BASPxBADBACPxBIDBAGPxBQDBAKPxHwDBACPxIIwDAMEAI/EjwMEAI/EkDAMAwQB
j8SeAwQDj8SgAwQAj8T6AwQBj8T8MA0GCSqGSIb3DQEBCwUAA4IBAQBU++1JGASO
bZXdvPUOaNE2qGfDOYnln2Be50XgZqDVIjp8hpiEuEGdjP1ArMTw8++SDqQCKCrL
hR6WeT+kDWRK/FfCgavlkkO7LGV1AEzBtZIZDq4i/SYszoAaDYYjfOKyvj1XrCak
VMWL1P/atJcl1T9SfNGvrdwA/IayQexO1V+HdsKPMxsB2NECeJ5kOas4N7sG97HT
HHn4vMQetNn5d7q5khqHRuIyNA3Y+xt8e7m1AN5fUShLJXjcECXKdhoKHXRFKL9I
8ckOL9eRvo+NHL//IPaz4brt4kViTN/I+rpvGKGr0xV43NVfFwOYlz6P2omqWbV2
ECkLginSze/t
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:45:44 2024 by rpki-client on console-fra.rpki-client.org