Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/974672-32b4-438f-ab4a-4454c2fcdb68/1/pwXRtHONVqgIkOU9pk3Id4btOpI.roa
File: pwXRtHONVqgIkOU9pk3Id4btOpI.roa (raw, json)
Hash identifier: tVHD1zQhr9W4iK7a8TmbY1MeoQRVmQr3nz2vN6gNVqQ=
Subject key identifier: A7:05:D1:B4:73:8D:56:A8:08:90:E5:3D:A6:4D:C8:77:86:ED:3A:92
Certificate issuer: /CN=73c15969404789c815225c37463aa7e1db3f2e45
Certificate serial: 018E381BBA47D538B9247A901569E74B80A4
Authority key identifier: 73:C1:59:69:40:47:89:C8:15:22:5C:37:46:3A:A7:E1:DB:3F:2E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8FZaUBHicgVIlw3Rjqn4ds_LkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/974672-32b4-438f-ab4a-4454c2fcdb68/1/pwXRtHONVqgIkOU9pk3Id4btOpI.roa
Signing time: Wed 13 Mar 2024 13:58:44 +0000
ROA not before: Wed 13 Mar 2024 13:58:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6848
IP address blocks: 193.149.240.0/22 maxlen: 22
193.149.244.0/23 maxlen: 23
193.149.246.0/24 maxlen: 24
193.149.247.0/24 maxlen: 24
193.149.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/974672-32b4-438f-ab4a-4454c2fcdb68/1/c8FZaUBHicgVIlw3Rjqn4ds_LkU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/974672-32b4-438f-ab4a-4454c2fcdb68/1/c8FZaUBHicgVIlw3Rjqn4ds_LkU.mft
rsync://rpki.ripe.net/repository/DEFAULT/c8FZaUBHicgVIlw3Rjqn4ds_LkU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:1b:ba:47:d5:38:b9:24:7a:90:15:69:e7:4b:80:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c15969404789c815225c37463aa7e1db3f2e45
Validity
Not Before: Mar 13 13:58:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a705d1b4738d56a80890e53da64dc87786ed3a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:92:f1:26:d1:79:c5:6b:ac:7b:75:b9:14:c4:
cf:0f:c3:0a:5f:da:fe:17:e6:6a:69:eb:ba:5e:1d:
16:53:2f:67:09:9f:26:c6:02:84:2f:6c:51:88:db:
b9:b0:e8:9d:13:8c:94:7b:07:b6:b1:e1:e5:51:41:
6f:4a:99:ba:63:26:64:65:3d:e7:43:ca:30:69:8c:
c1:3b:8c:a1:0e:93:b4:3a:2d:ad:03:83:25:72:9b:
54:3c:c6:28:52:f8:6e:5d:d7:57:e2:b5:32:79:f9:
e7:00:52:c2:d6:63:07:83:26:1b:b5:ce:f4:dc:08:
6c:d2:c0:75:85:d4:4c:a0:ca:31:b0:94:5f:cd:ff:
f5:0e:8d:dc:e7:c6:86:e1:6c:7a:39:9b:b9:5b:96:
12:3a:d9:b6:2e:1b:9e:84:bc:26:fe:31:54:9b:d0:
63:18:51:a4:e8:75:d9:62:c5:f6:1f:46:5e:5e:3f:
a9:00:d2:dc:62:e8:e7:7f:7b:8b:28:a8:dc:30:1c:
d0:cd:5e:dd:83:50:b6:89:d9:11:cc:a2:bb:43:2f:
39:7b:f7:c3:4f:0f:9c:ee:09:5c:ea:3d:2d:bf:e9:
1c:d5:58:7e:8e:1b:26:48:c7:ab:ae:e1:f4:dd:2a:
bf:7b:63:38:c5:dd:e4:06:8d:7f:d2:e1:0a:c7:bf:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:05:D1:B4:73:8D:56:A8:08:90:E5:3D:A6:4D:C8:77:86:ED:3A:92
X509v3 Authority Key Identifier:
keyid:73:C1:59:69:40:47:89:C8:15:22:5C:37:46:3A:A7:E1:DB:3F:2E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8FZaUBHicgVIlw3Rjqn4ds_LkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/974672-32b4-438f-ab4a-4454c2fcdb68/1/pwXRtHONVqgIkOU9pk3Id4btOpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/974672-32b4-438f-ab4a-4454c2fcdb68/1/c8FZaUBHicgVIlw3Rjqn4ds_LkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.149.240.0/20
Signature Algorithm: sha256WithRSAEncryption
69:f3:a4:1c:09:ee:c9:89:50:08:fe:16:73:f1:61:ea:c4:af:
a7:22:fe:a6:47:f1:dc:28:37:a1:ed:9e:b0:59:a5:ae:62:c0:
0a:a3:1c:38:32:b2:d1:f3:49:2c:8e:1a:93:2e:5c:62:3a:53:
0a:79:cc:a2:05:c5:c6:45:05:25:88:31:3c:ed:7a:34:bd:06:
d7:72:83:c0:19:4d:1a:e0:de:cd:0b:96:9b:96:02:96:73:d1:
1e:9b:86:97:7d:28:25:af:11:fc:5b:6f:7a:50:62:a9:2b:84:
ca:1a:47:5d:91:9c:27:81:44:34:a9:a6:48:8d:f0:67:03:6c:
13:8d:09:a8:87:e7:05:2e:6b:57:54:e0:cc:76:4c:42:9f:96:
e0:42:84:46:bd:69:b2:cc:7f:ef:34:18:8e:e6:2c:a9:d0:07:
bb:92:87:94:df:22:f7:80:20:2d:29:e3:26:1d:4a:96:10:91:
ba:b9:f7:ff:07:89:98:99:c6:f9:ce:aa:32:f1:ff:0e:f5:81:
1d:47:a3:42:75:8a:2d:1c:34:7b:4d:5d:48:ec:55:91:bc:14:
ae:11:19:c8:f0:21:d7:af:fe:47:06:e5:65:0b:99:5b:75:4c:
e0:03:88:3a:43:8b:36:03:aa:ee:be:94:27:5f:39:47:76:51:
a7:20:b5:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY44G7pH1Ti5JHqQFWnnS4CkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzE1OTY5NDA0Nzg5YzgxNTIyNWMzNzQ2M2FhN2UxZGIz
ZjJlNDUwHhcNMjQwMzEzMTM1ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA1ZDFiNDczOGQ1NmE4MDg5MGU1M2RhNjRkYzg3Nzg2ZWQzYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5LxJtF5xWuse3W5FMTPD8MKX9r+
F+Zqaeu6Xh0WUy9nCZ8mxgKEL2xRiNu5sOidE4yUewe2seHlUUFvSpm6YyZkZT3n
Q8owaYzBO4yhDpO0Oi2tA4MlcptUPMYoUvhuXddX4rUyefnnAFLC1mMHgyYbtc70
3Ahs0sB1hdRMoMoxsJRfzf/1Do3c58aG4Wx6OZu5W5YSOtm2LhuehLwm/jFUm9Bj
GFGk6HXZYsX2H0ZeXj+pANLcYujnf3uLKKjcMBzQzV7dg1C2idkRzKK7Qy85e/fD
Tw+c7glc6j0tv+kc1Vh+jhsmSMerruH03Sq/e2M4xd3kBo1/0uEKx791lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcF0bRzjVaoCJDlPaZNyHeG7TqSMB8GA1UdIwQY
MBaAFHPBWWlAR4nIFSJcN0Y6p+HbPy5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhGWmFVQkhpY2dWSWx3M1JqcW40ZHNfTGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85NzQ2NzItMzJiNC00MzhmLWFiNGEt
NDQ1NGMyZmNkYjY4LzEvcHdYUnRIT05WcWdJa09VOXBrM0lkNGJ0T3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85NzQ2NzItMzJiNC00MzhmLWFiNGEtNDQ1NGMyZmNkYjY4
LzEvYzhGWmFVQkhpY2dWSWx3M1JqcW40ZHNfTGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwZXwMA0G
CSqGSIb3DQEBCwUAA4IBAQBp86QcCe7JiVAI/hZz8WHqxK+nIv6mR/HcKDeh7Z6w
WaWuYsAKoxw4MrLR80ksjhqTLlxiOlMKecyiBcXGRQUliDE87Xo0vQbXcoPAGU0a
4N7NC5ablgKWc9Eem4aXfSglrxH8W296UGKpK4TKGkddkZwngUQ0qaZIjfBnA2wT
jQmoh+cFLmtXVODMdkxCn5bgQoRGvWmyzH/vNBiO5iyp0Ae7koeU3yL3gCAtKeMm
HUqWEJG6uff/B4mYmcb5zqoy8f8O9YEdR6NCdYotHDR7TV1I7FWRvBSuERnI8CHX
r/5HBuVlC5lbdUzgA4g6Q4s2A6ruvpQnXzlHdlGnILWV
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:43:46 2024 by rpki-client on console-fra.rpki-client.org