Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/R-s3SqkIcxrQAlUsiSw5hg8lK_M.roa
File: R-s3SqkIcxrQAlUsiSw5hg8lK_M.roa (raw, json)
Hash identifier: XJ6263TEuQHs8Xl5XS5jB7PJ/ROzAkqReOIG8HHjpLE=
Subject key identifier: 47:EB:37:4A:A9:08:73:1A:D0:02:55:2C:89:2C:39:86:0F:25:2B:F3
Certificate issuer: /CN=654d96672a59ec3895fc15847aca1b29db791244
Certificate serial: 018DA8A0410B8EF63581AF72811FAFA01251
Authority key identifier: 65:4D:96:67:2A:59:EC:38:95:FC:15:84:7A:CA:1B:29:DB:79:12:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZU2WZypZ7DiV_BWEesobKdt5EkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/R-s3SqkIcxrQAlUsiSw5hg8lK_M.roa
Signing time: Wed 14 Feb 2024 17:18:11 +0000
ROA not before: Wed 14 Feb 2024 17:18:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 327909
IP address blocks: 193.151.244.0/24 maxlen: 24
2a13:6040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/ZU2WZypZ7DiV_BWEesobKdt5EkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/ZU2WZypZ7DiV_BWEesobKdt5EkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZU2WZypZ7DiV_BWEesobKdt5EkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:a0:41:0b:8e:f6:35:81:af:72:81:1f:af:a0:12:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=654d96672a59ec3895fc15847aca1b29db791244
Validity
Not Before: Feb 14 17:18:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47eb374aa908731ad002552c892c39860f252bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:47:53:6d:8a:5a:06:b7:8a:02:65:c7:c9:4a:
b7:dd:04:51:91:0b:05:c5:b9:1a:20:58:5f:c3:df:
7d:77:9f:31:68:fc:1f:bf:bd:16:d8:96:ec:4f:a0:
1e:c4:08:ae:d8:96:24:50:3b:12:85:ba:86:bf:16:
be:50:15:e1:6b:49:09:fa:34:b7:60:83:ed:67:e7:
57:31:1e:7b:6a:3f:61:75:0a:dd:b7:78:c4:23:d6:
d5:56:5c:e6:a9:46:b4:c6:70:2f:97:86:49:cd:4d:
07:8e:85:f9:03:05:d1:a2:f4:57:14:66:0c:a1:f4:
7e:ae:79:72:0a:1d:d7:02:a3:45:62:a9:30:14:d0:
48:fe:8c:29:cb:85:1e:60:2e:b2:90:3a:87:a3:86:
c7:84:17:93:91:09:cd:3b:6b:9d:d9:47:f5:56:26:
6a:76:61:a5:4d:94:fd:2a:b7:73:f5:f9:58:71:64:
dc:52:0e:25:53:32:a7:d1:f5:ff:19:24:70:a9:08:
db:02:4d:66:bc:07:53:cf:0f:7b:dd:bf:1a:56:f0:
2a:63:34:29:c0:a3:e3:6a:d1:30:c3:37:74:8d:b9:
d1:0e:08:ee:5f:c3:0b:07:0d:e4:2f:72:53:c6:6c:
ae:8c:b8:c5:ba:62:0d:ff:27:0b:fa:72:41:95:ad:
ff:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:EB:37:4A:A9:08:73:1A:D0:02:55:2C:89:2C:39:86:0F:25:2B:F3
X509v3 Authority Key Identifier:
keyid:65:4D:96:67:2A:59:EC:38:95:FC:15:84:7A:CA:1B:29:DB:79:12:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU2WZypZ7DiV_BWEesobKdt5EkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/R-s3SqkIcxrQAlUsiSw5hg8lK_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/ZU2WZypZ7DiV_BWEesobKdt5EkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.244.0/24
IPv6:
2a13:6040::/29
Signature Algorithm: sha256WithRSAEncryption
1f:63:36:e3:4f:7e:69:90:04:7c:6b:31:7c:e0:f7:27:37:4f:
1c:67:75:35:34:9d:13:9b:da:18:28:60:f0:94:79:f5:47:a0:
7b:3c:80:5c:5d:58:98:99:17:25:ca:5b:1e:6e:30:ca:52:24:
da:39:e7:5b:07:97:6c:50:ff:85:c6:5c:9f:ef:f1:81:a2:ad:
c8:f1:a1:60:03:ac:bc:22:3e:6e:a5:e4:69:1d:72:d3:ee:85:
95:23:36:62:15:2f:38:d7:c2:af:f9:72:ef:28:62:09:fb:c0:
08:41:2c:b1:cc:bc:1a:c3:89:07:37:7a:2d:b7:a9:2e:c5:b4:
15:a6:8f:5b:f1:eb:15:bd:3c:d8:fb:85:c1:f2:1e:70:f3:96:
ac:9e:d6:34:dc:86:4f:9e:12:12:73:27:a3:e3:d4:43:c9:c7:
6b:0c:0f:d7:f1:68:8f:6d:e8:40:df:5c:21:5f:87:22:80:8f:
e1:a8:fe:0a:48:6d:55:e0:2f:35:16:97:c8:1a:14:32:ff:1d:
a2:4b:cb:14:88:b7:71:ca:32:0c:9e:14:75:f7:3e:c2:6e:b3:
82:97:0a:a1:4f:16:60:f6:a6:79:d1:fb:dd:33:f2:4b:81:13:
6a:17:4a:02:d2:34:b3:ca:1e:df:6a:23:84:f7:7a:8b:47:f5:
7e:c9:68:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2ooEELjvY1ga9ygR+voBJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ5NjY3MmE1OWVjMzg5NWZjMTU4NDdhY2ExYjI5ZGI3
OTEyNDQwHhcNMjQwMjE0MTcxODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ViMzc0YWE5MDg3MzFhZDAwMjU1MmM4OTJjMzk4NjBmMjUyYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0dTbYpaBreKAmXHyUq33QRRkQsF
xbkaIFhfw999d58xaPwfv70W2JbsT6AexAiu2JYkUDsShbqGvxa+UBXha0kJ+jS3
YIPtZ+dXMR57aj9hdQrdt3jEI9bVVlzmqUa0xnAvl4ZJzU0HjoX5AwXRovRXFGYM
ofR+rnlyCh3XAqNFYqkwFNBI/owpy4UeYC6ykDqHo4bHhBeTkQnNO2ud2Uf1ViZq
dmGlTZT9Krdz9flYcWTcUg4lUzKn0fX/GSRwqQjbAk1mvAdTzw973b8aVvAqYzQp
wKPjatEwwzd0jbnRDgjuX8MLBw3kL3JTxmyujLjFumIN/ycL+nJBla3/sQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEfrN0qpCHMa0AJVLIksOYYPJSvzMB8GA1UdIwQY
MBaAFGVNlmcqWew4lfwVhHrKGynbeRJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUyV1p5cFo3RGlWX0JXRWVzb2JLZHQ1RWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zZWJlMzAtZWU4OS00OGRlLTg3NGMt
YjQ2OWRiMTBiNjhhLzEvUi1zM1Nxa0ljeHJRQWxVc2lTdzVoZzhsS19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zZWJlMzAtZWU4OS00OGRlLTg3NGMtYjQ2OWRiMTBiNjhh
LzEvWlUyV1p5cFo3RGlWX0JXRWVzb2JLZHQ1RWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwZf0MA0E
AgACMAcDBQMqE2BAMA0GCSqGSIb3DQEBCwUAA4IBAQAfYzbjT35pkAR8azF84Pcn
N08cZ3U1NJ0Tm9oYKGDwlHn1R6B7PIBcXViYmRclylsebjDKUiTaOedbB5dsUP+F
xlyf7/GBoq3I8aFgA6y8Ij5upeRpHXLT7oWVIzZiFS8418Kv+XLvKGIJ+8AIQSyx
zLwaw4kHN3ott6kuxbQVpo9b8esVvTzY+4XB8h5w85asntY03IZPnhIScyej49RD
ycdrDA/X8WiPbehA31whX4cigI/hqP4KSG1V4C81FpfIGhQy/x2iS8sUiLdxyjIM
nhR19z7CbrOClwqhTxZg9qZ50fvdM/JLgRNqF0oC0jSzyh7faiOE93qLR/V+yWhL
-----END CERTIFICATE-----
Generated at Mon May 6 01:08:47 2024 by rpki-client on console-fra.rpki-client.org