Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/AC0JTbj8qTYFCd2wvZdZneBWH1s.roa
File: AC0JTbj8qTYFCd2wvZdZneBWH1s.roa (raw, json)
Hash identifier: eobkSTL72gL3P56zwpaKGqM3e3j2SABiErUChZBx/wk=
Subject key identifier: 00:2D:09:4D:B8:FC:A9:36:05:09:DD:B0:BD:97:59:9D:E0:56:1F:5B
Certificate issuer: /CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Certificate serial: 018FBA7246FCF330A85DFAF4D66FF5EB0DAB
Authority key identifier: 80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/AC0JTbj8qTYFCd2wvZdZneBWH1s.roa
Signing time: Mon 27 May 2024 14:26:42 +0000
ROA not before: Mon 27 May 2024 14:26:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207143
IP address blocks: 193.135.56.0/24 maxlen: 24
193.135.58.0/24 maxlen: 24
2001:678:e44::/48 maxlen: 48
2001:67c:3d4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:72:46:fc:f3:30:a8:5d:fa:f4:d6:6f:f5:eb:0d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Validity
Not Before: May 27 14:26:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=002d094db8fca9360509ddb0bd97599de0561f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e3:50:f4:da:ad:a8:b7:3a:82:51:cb:3b:21:
16:e9:e9:c0:bd:de:4d:f4:32:30:60:a3:47:36:5a:
d2:9a:fa:b9:ec:06:81:77:62:78:22:15:d5:32:88:
e6:72:a7:39:22:f6:a9:c9:a4:06:14:eb:cd:f3:d9:
54:88:50:56:cf:71:d7:81:44:b6:3a:e4:b9:d6:44:
64:24:2e:17:8e:b3:f5:96:a6:f8:d5:67:85:67:41:
16:83:c1:7f:3a:21:de:a5:3a:81:9e:d1:48:7a:b0:
04:b5:53:7f:bb:30:79:18:ad:36:19:93:7f:f1:73:
a8:ff:60:65:3a:e3:58:84:4d:53:ca:2f:65:29:c8:
bc:e2:cc:8b:42:fe:55:b2:0a:08:78:a9:3f:fd:b4:
40:74:c0:c9:9d:a2:d0:a0:7f:07:36:5b:df:e9:74:
3e:4b:37:bb:d1:5a:5a:07:c9:6d:78:bb:37:bd:f1:
55:45:8e:bf:60:b5:66:11:be:7c:ff:8f:88:0b:47:
21:1f:61:f4:cd:6f:99:84:6a:e8:3d:0b:45:b6:cf:
b7:a4:fe:ff:4f:d9:0b:80:f6:68:1b:6d:ff:f7:0d:
01:35:da:d1:30:74:73:95:98:4d:97:70:c2:2e:c0:
b1:f8:a3:c4:9d:18:e6:44:2c:93:de:34:59:34:6c:
26:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2D:09:4D:B8:FC:A9:36:05:09:DD:B0:BD:97:59:9D:E0:56:1F:5B
X509v3 Authority Key Identifier:
keyid:80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/AC0JTbj8qTYFCd2wvZdZneBWH1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.56.0/24
193.135.58.0/24
IPv6:
2001:678:e44::/48
2001:67c:3d4::/48
Signature Algorithm: sha256WithRSAEncryption
1c:9e:bd:d2:3b:28:7d:bb:ba:b6:ee:70:46:d4:3a:e5:ed:24:
22:fc:50:a2:c1:62:0c:78:1b:ec:9c:2f:35:74:29:3f:30:7b:
d4:ac:62:f9:ad:05:78:36:ae:bc:b1:45:eb:0b:0d:23:0c:82:
13:e2:a0:6a:26:2c:80:75:c9:e2:de:fd:d8:bf:d3:95:16:5f:
c8:44:67:7f:ef:dd:52:0b:5e:2c:9a:dd:6a:9e:86:52:bb:86:
a5:a6:a2:8c:8c:56:9a:79:4e:16:f5:23:3f:fd:78:00:bd:59:
a3:cf:00:ab:02:be:7f:20:01:ce:10:02:45:36:de:27:bc:71:
0d:f5:c7:a4:50:0c:20:6e:78:71:4d:97:7e:61:56:f6:f8:fa:
ba:f9:46:51:df:20:07:6f:d5:17:2a:b4:84:e5:f5:c0:db:18:
6b:4e:c5:bd:73:fd:fc:0e:8f:3d:9b:38:12:6d:d0:2d:80:c0:
32:7a:99:51:85:71:9e:fa:91:42:9e:63:87:d7:81:cd:e1:5a:
5b:c3:fc:5c:57:bc:9b:40:ab:69:14:3b:02:18:eb:f6:d6:64:
7f:24:51:aa:79:c8:d0:bb:a4:fe:bd:ca:07:ff:2d:6d:ce:14:
6f:64:b3:d3:40:20:75:b3:e4:8e:56:1d:de:b4:ec:96:7c:38:
d7:c7:5b:c7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY+6ckb88zCoXfr01m/16w2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNTA1MDRmNGIxNzc2ZTgwYjhhZDlmOGIzNTZlNjEzYjU4
NWIzNWEwHhcNMjQwNTI3MTQyNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDJkMDk0ZGI4ZmNhOTM2MDUwOWRkYjBiZDk3NTk5ZGUwNTYxZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uNQ9NqtqLc6glHLOyEW6enAvd5N
9DIwYKNHNlrSmvq57AaBd2J4IhXVMojmcqc5IvapyaQGFOvN89lUiFBWz3HXgUS2
OuS51kRkJC4XjrP1lqb41WeFZ0EWg8F/OiHepTqBntFIerAEtVN/uzB5GK02GZN/
8XOo/2BlOuNYhE1Tyi9lKci84syLQv5VsgoIeKk//bRAdMDJnaLQoH8HNlvf6XQ+
Sze70VpaB8lteLs3vfFVRY6/YLVmEb58/4+IC0chH2H0zW+ZhGroPQtFts+3pP7/
T9kLgPZoG23/9w0BNdrRMHRzlZhNl3DCLsCx+KPEnRjmRCyT3jRZNGwmNwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAAtCU24/Kk2BQndsL2XWZ3gVh9bMB8GA1UdIwQY
MBaAFIBQUE9LF3boC4rZ+LNW5hO1hbNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjIt
MDE0NGEzMjgyYTJlLzEvQUMwSlRiajhxVFlGQ2Qyd3ZaZFpuZUJXSDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjItMDE0NGEzMjgyYTJl
LzEvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwYc4AwQA
wYc6MBgEAgACMBIDBwAgAQZ4DkQDBwAgAQZ8A9QwDQYJKoZIhvcNAQELBQADggEB
AByevdI7KH27urbucEbUOuXtJCL8UKLBYgx4G+ycLzV0KT8we9SsYvmtBXg2rryx
ResLDSMMghPioGomLIB1yeLe/di/05UWX8hEZ3/v3VILXiya3WqehlK7hqWmooyM
Vpp5Thb1Iz/9eAC9WaPPAKsCvn8gAc4QAkU23ie8cQ31x6RQDCBueHFNl35hVvb4
+rr5RlHfIAdv1RcqtITl9cDbGGtOxb1z/fwOjz2bOBJt0C2AwDJ6mVGFcZ76kUKe
Y4fXgc3hWlvD/FxXvJtAq2kUOwIY6/bWZH8kUap5yNC7pP69ygf/LW3OFG9ks9NA
IHWz5I5WHd607JZ8ONfHW8c=
-----END CERTIFICATE-----
Generated at Wed Nov 27 10:45:08 2024 by rpki-client on console-fra.rpki-client.org