Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/566932-dea6-4dfc-8616-ba901a5fcb74/1/aO5WmXefR_sXjpzs5L7bVdpzl4Y.roa
File: aO5WmXefR_sXjpzs5L7bVdpzl4Y.roa (raw, json)
Hash identifier: Kqrn7ZNaNLGdzugqqvocCqJPuwSYoCooRws+137qFz0=
Subject key identifier: 68:EE:56:99:77:9F:47:FB:17:8E:9C:EC:E4:BE:DB:55:DA:73:97:86
Certificate issuer: /CN=0c363574898060e1b6a48cac3f1f2bcb36c86d4e
Certificate serial: 018CC4930ECCB18959BF896740E5BBE3D8D0
Authority key identifier: 0C:36:35:74:89:80:60:E1:B6:A4:8C:AC:3F:1F:2B:CB:36:C8:6D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DDY1dImAYOG2pIysPx8ryzbIbU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/566932-dea6-4dfc-8616-ba901a5fcb74/1/aO5WmXefR_sXjpzs5L7bVdpzl4Y.roa
Signing time: Mon 01 Jan 2024 10:30:20 +0000
ROA not before: Mon 01 Jan 2024 10:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50629
IP address blocks: 193.46.250.0/23 maxlen: 23
193.46.232.0/23 maxlen: 23
2a0f:ba80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/566932-dea6-4dfc-8616-ba901a5fcb74/1/DDY1dImAYOG2pIysPx8ryzbIbU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/566932-dea6-4dfc-8616-ba901a5fcb74/1/DDY1dImAYOG2pIysPx8ryzbIbU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DDY1dImAYOG2pIysPx8ryzbIbU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0e:cc:b1:89:59:bf:89:67:40:e5:bb:e3:d8:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c363574898060e1b6a48cac3f1f2bcb36c86d4e
Validity
Not Before: Jan 1 10:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68ee5699779f47fb178e9cece4bedb55da739786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:08:34:25:1d:19:76:29:69:a2:7a:f5:e0:a3:
6b:e7:34:fd:93:8c:a3:9d:d2:2f:e0:64:e9:ba:bf:
2f:a3:ea:60:91:a2:76:30:63:be:2e:dc:25:71:41:
50:09:2a:fb:b8:7d:f5:2b:2c:73:99:5d:38:bc:b9:
87:2d:42:93:4d:b8:ff:b5:9d:5b:c0:29:a4:19:5f:
d5:78:2a:4e:1d:96:7e:1a:49:ea:0c:49:28:8e:48:
7b:3c:8a:fd:1d:39:86:ac:4c:44:74:31:8a:b3:ae:
f8:6f:7f:7c:52:e9:71:48:22:ef:30:a1:b3:37:e1:
42:4a:1c:9e:6f:98:5e:12:65:f4:15:16:c5:b1:9c:
7e:51:82:34:96:07:02:3b:0e:d1:77:48:87:4d:8b:
6e:94:b2:e2:3a:66:f4:04:5c:df:25:2e:21:83:05:
45:29:3c:ac:e5:7d:05:06:be:71:35:7e:59:cb:13:
2b:8c:ea:87:18:15:94:5d:b3:c7:ce:52:c8:a5:23:
49:60:54:d7:3f:2f:16:30:d3:ac:ed:c5:58:2d:88:
99:24:11:fb:37:ab:78:6f:98:f7:49:26:4a:12:74:
2b:67:ec:4b:fa:1f:4f:98:a7:03:e6:dc:e2:99:e5:
df:95:69:e5:7b:5e:1a:19:85:a3:76:2f:3b:58:2d:
b3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EE:56:99:77:9F:47:FB:17:8E:9C:EC:E4:BE:DB:55:DA:73:97:86
X509v3 Authority Key Identifier:
keyid:0C:36:35:74:89:80:60:E1:B6:A4:8C:AC:3F:1F:2B:CB:36:C8:6D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DDY1dImAYOG2pIysPx8ryzbIbU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/566932-dea6-4dfc-8616-ba901a5fcb74/1/aO5WmXefR_sXjpzs5L7bVdpzl4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/566932-dea6-4dfc-8616-ba901a5fcb74/1/DDY1dImAYOG2pIysPx8ryzbIbU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.232.0/23
193.46.250.0/23
IPv6:
2a0f:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
41:05:de:d3:7e:ae:9f:de:f1:c2:e3:10:68:39:4c:a4:7f:3a:
84:a6:64:35:98:c9:b7:fa:66:d1:d2:5b:98:38:2a:b2:38:dd:
5b:f3:45:22:53:c9:4d:d0:e4:f3:04:aa:ee:58:f1:7f:d1:91:
e5:56:95:d7:bc:39:d9:f1:39:12:2a:f6:09:b3:f5:7d:09:a1:
6f:ee:0f:09:be:b8:22:56:c4:8d:5f:98:9f:fb:aa:34:ee:fd:
d6:20:7e:21:cc:ee:60:7b:f3:f0:a3:d5:db:64:b4:eb:c5:bf:
a0:e9:90:a5:96:f4:c7:55:5e:d9:71:9a:4a:eb:76:48:ce:9e:
29:ec:25:41:4c:66:87:78:20:28:28:0c:13:cb:94:7a:88:f8:
06:06:51:c7:95:9a:ec:25:27:de:26:b9:de:43:39:6c:49:ae:
cb:9a:de:4a:95:29:1b:eb:b6:a0:48:5c:22:f3:1c:29:fa:f1:
48:ae:cd:f0:f6:dc:41:fa:2a:8f:ba:66:eb:06:5b:4f:c5:fa:
f2:11:42:6e:da:c4:8b:61:07:62:19:13:50:85:27:65:36:99:
2b:33:2c:9e:91:6d:d8:06:80:5b:59:97:03:7a:47:3d:09:f6:
0b:13:7e:da:22:99:10:a0:5c:73:69:f5:91:34:7d:d6:a8:be:
be:96:78:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkw7MsYlZv4lnQOW749jQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMzYzNTc0ODk4MDYwZTFiNmE0OGNhYzNmMWYyYmNiMzZj
ODZkNGUwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVlNTY5OTc3OWY0N2ZiMTc4ZTljZWNlNGJlZGI1NWRhNzM5Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQg0JR0Zdilponr14KNr5zT9k4yj
ndIv4GTpur8vo+pgkaJ2MGO+LtwlcUFQCSr7uH31KyxzmV04vLmHLUKTTbj/tZ1b
wCmkGV/VeCpOHZZ+GknqDEkojkh7PIr9HTmGrExEdDGKs674b398UulxSCLvMKGz
N+FCShyeb5heEmX0FRbFsZx+UYI0lgcCOw7Rd0iHTYtulLLiOmb0BFzfJS4hgwVF
KTys5X0FBr5xNX5ZyxMrjOqHGBWUXbPHzlLIpSNJYFTXPy8WMNOs7cVYLYiZJBH7
N6t4b5j3SSZKEnQrZ+xL+h9PmKcD5tzimeXflWnle14aGYWjdi87WC2z6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGjuVpl3n0f7F46c7OS+21Xac5eGMB8GA1UdIwQY
MBaAFAw2NXSJgGDhtqSMrD8fK8s2yG1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRERZMWRJbUFZT0cycEl5c1B4OHJ5emJJYlU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81NjY5MzItZGVhNi00ZGZjLTg2MTYt
YmE5MDFhNWZjYjc0LzEvYU81V21YZWZSX3NYanB6czVMN2JWZHB6bDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81NjY5MzItZGVhNi00ZGZjLTg2MTYtYmE5MDFhNWZjYjc0
LzEvRERZMWRJbUFZT0cycEl5c1B4OHJ5emJJYlU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwS7oAwQB
wS76MA0EAgACMAcDBQMqD7qAMA0GCSqGSIb3DQEBCwUAA4IBAQBBBd7Tfq6f3vHC
4xBoOUykfzqEpmQ1mMm3+mbR0luYOCqyON1b80UiU8lN0OTzBKruWPF/0ZHlVpXX
vDnZ8TkSKvYJs/V9CaFv7g8JvrgiVsSNX5if+6o07v3WIH4hzO5ge/Pwo9XbZLTr
xb+g6ZCllvTHVV7ZcZpK63ZIzp4p7CVBTGaHeCAoKAwTy5R6iPgGBlHHlZrsJSfe
JrneQzlsSa7Lmt5KlSkb67agSFwi8xwp+vFIrs3w9txB+iqPumbrBltPxfryEUJu
2sSLYQdiGRNQhSdlNpkrMyyekW3YBoBbWZcDekc9CfYLE37aIpkQoFxzafWRNH3W
qL6+lngP
-----END CERTIFICATE-----
Generated at Wed May 29 00:43:09 2024 by rpki-client on console-ams.rpki-client.org