Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/tB0nRKymneZrnDRJ5spzKKTIvcw.roa
File: tB0nRKymneZrnDRJ5spzKKTIvcw.roa (raw, json)
Hash identifier: wXwiSUKrZmGfFYH1RQk54hN+133CbHJDHC1Um3LxZuI=
Subject key identifier: B4:1D:27:44:AC:A6:9D:E6:6B:9C:34:49:E6:CA:73:28:A4:C8:BD:CC
Certificate issuer: /CN=688e713b07c79f97b47e9f0321768b09488b7a03
Certificate serial: 018CC5DC5CF3CA188C7882F761D7205051E9
Authority key identifier: 68:8E:71:3B:07:C7:9F:97:B4:7E:9F:03:21:76:8B:09:48:8B:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aI5xOwfHn5e0fp8DIXaLCUiLegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/tB0nRKymneZrnDRJ5spzKKTIvcw.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50171
IP address blocks: 193.104.160.0/24 maxlen: 24
91.216.0.0/24 maxlen: 24
176.57.192.0/21 maxlen: 21
2a00:f680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/aI5xOwfHn5e0fp8DIXaLCUiLegM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/aI5xOwfHn5e0fp8DIXaLCUiLegM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aI5xOwfHn5e0fp8DIXaLCUiLegM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5c:f3:ca:18:8c:78:82:f7:61:d7:20:50:51:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688e713b07c79f97b47e9f0321768b09488b7a03
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b41d2744aca69de66b9c3449e6ca7328a4c8bdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:60:ff:f0:86:10:eb:ea:70:d3:b4:89:13:23:
08:de:dd:2f:42:2a:0c:5f:02:94:df:8a:f0:8d:86:
75:68:be:90:cf:27:1f:db:f8:6b:01:6a:b4:e9:1c:
9f:cd:01:82:61:52:9e:36:93:5f:9e:37:b0:d2:ed:
8b:ab:4e:5b:d8:4c:96:4e:16:3c:97:e5:24:cf:13:
98:95:2d:56:c8:05:46:74:c1:06:c9:7d:54:d4:46:
6d:18:2f:4e:f0:28:cf:2e:e8:bb:02:63:22:78:f1:
58:b7:2a:63:02:46:cf:4d:fa:c0:3b:e3:79:f5:59:
91:05:53:00:54:33:8e:3e:00:7a:f0:80:5a:8d:4e:
6d:5f:c8:19:3c:c9:4c:aa:d9:54:66:72:36:24:1c:
1a:53:c5:f5:f0:ff:dc:4a:ca:06:ce:25:6d:20:e6:
87:c9:d4:71:97:6d:06:c1:49:a4:b6:14:eb:bb:aa:
2b:49:f6:ba:83:a1:b0:c6:54:6d:6b:61:4b:96:0a:
3a:37:e5:64:1e:fc:b1:a1:74:79:7d:c4:a1:29:b9:
1b:41:3d:d2:ef:a7:b1:48:5c:13:67:6f:d7:2d:e7:
66:be:6d:eb:f9:f6:0d:aa:2b:31:e8:d1:bb:87:76:
28:8d:b8:36:f3:64:3c:5d:67:38:9b:a6:06:38:83:
dc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1D:27:44:AC:A6:9D:E6:6B:9C:34:49:E6:CA:73:28:A4:C8:BD:CC
X509v3 Authority Key Identifier:
keyid:68:8E:71:3B:07:C7:9F:97:B4:7E:9F:03:21:76:8B:09:48:8B:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aI5xOwfHn5e0fp8DIXaLCUiLegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/tB0nRKymneZrnDRJ5spzKKTIvcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/aI5xOwfHn5e0fp8DIXaLCUiLegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.0.0/24
176.57.192.0/21
193.104.160.0/24
IPv6:
2a00:f680::/32
Signature Algorithm: sha256WithRSAEncryption
ab:35:6e:f2:b6:88:ea:e7:9d:a0:a2:f4:62:42:15:18:28:67:
d5:2e:f8:ce:7a:58:23:d8:c3:58:75:76:d7:b1:bc:40:3d:f0:
23:5d:f8:95:8d:ed:6f:ec:cc:1c:10:7f:03:b4:13:41:6a:f7:
b7:8b:d4:18:a5:b4:e3:02:98:3a:67:c6:34:36:c3:03:d2:d8:
52:c8:e1:b3:38:21:bf:0a:b9:2b:2a:a6:75:91:ac:b3:e6:cd:
68:d8:71:c1:5e:71:5c:91:12:08:09:2a:23:a4:33:73:90:a6:
81:95:91:30:02:f5:6a:aa:10:23:80:d1:54:58:53:34:68:9b:
54:0c:e0:3b:b3:4f:45:77:0f:c0:5d:0b:73:97:c1:9f:a0:92:
b9:b7:8c:64:14:15:b9:35:af:a3:18:71:18:1c:69:a3:41:95:
e2:b7:ae:9d:2b:71:5a:07:8b:09:5a:b4:41:ef:a1:e1:cf:4d:
5e:65:e5:4b:5b:57:ed:4b:51:ed:74:fa:a3:be:c8:df:35:78:
7b:df:b4:c6:4f:73:fc:70:ec:70:ce:5a:0e:63:7e:27:22:71:
61:7c:f1:16:25:69:9c:21:c3:d2:d3:7c:60:8f:80:ba:1a:ef:
c2:51:30:8f:3e:ee:a5:e0:ee:cd:b5:3d:a4:10:97:bb:ac:ab:
ec:2b:bd:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3FzzyhiMeIL3YdcgUFHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGU3MTNiMDdjNzlmOTdiNDdlOWYwMzIxNzY4YjA5NDg4
YjdhMDMwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFkMjc0NGFjYTY5ZGU2NmI5YzM0NDllNmNhNzMyOGE0YzhiZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWD/8IYQ6+pw07SJEyMI3t0vQioM
XwKU34rwjYZ1aL6Qzycf2/hrAWq06RyfzQGCYVKeNpNfnjew0u2Lq05b2EyWThY8
l+UkzxOYlS1WyAVGdMEGyX1U1EZtGC9O8CjPLui7AmMiePFYtypjAkbPTfrAO+N5
9VmRBVMAVDOOPgB68IBajU5tX8gZPMlMqtlUZnI2JBwaU8X18P/cSsoGziVtIOaH
ydRxl20GwUmkthTru6orSfa6g6GwxlRta2FLlgo6N+VkHvyxoXR5fcShKbkbQT3S
76exSFwTZ2/XLedmvm3r+fYNqisx6NG7h3Yojbg282Q8XWc4m6YGOIPc0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLQdJ0Sspp3ma5w0SebKcyikyL3MMB8GA1UdIwQY
MBaAFGiOcTsHx5+XtH6fAyF2iwlIi3oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUk1eE93ZkhuNWUwZnA4RElYYUxDVWlMZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wZWJlYjktMzFhOC00NTUwLTgzOTYt
Njk1ZjRhOTI3NjEwLzEvdEIwblJLeW1uZVpybkRSSjVzcHpLS1RJdmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wZWJlYjktMzFhOC00NTUwLTgzOTYtNjk1ZjRhOTI3NjEw
LzEvYUk1eE93ZkhuNWUwZnA4RElYYUxDVWlMZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9gAAwQD
sDnAAwQAwWigMA0EAgACMAcDBQAqAPaAMA0GCSqGSIb3DQEBCwUAA4IBAQCrNW7y
tojq552govRiQhUYKGfVLvjOelgj2MNYdXbXsbxAPfAjXfiVje1v7MwcEH8DtBNB
ave3i9QYpbTjApg6Z8Y0NsMD0thSyOGzOCG/CrkrKqZ1kayz5s1o2HHBXnFckRII
CSojpDNzkKaBlZEwAvVqqhAjgNFUWFM0aJtUDOA7s09Fdw/AXQtzl8GfoJK5t4xk
FBW5Na+jGHEYHGmjQZXit66dK3FaB4sJWrRB76Hhz01eZeVLW1ftS1HtdPqjvsjf
NXh737TGT3P8cOxwzloOY34nInFhfPEWJWmcIcPS03xgj4C6Gu/CUTCPPu6l4O7N
tT2kEJe7rKvsK734
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:27:35 2024 by rpki-client on console-ams.rpki-client.org