Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/RihKQ1DZfuV_tdeajMl20NPjMzc.roa
File: RihKQ1DZfuV_tdeajMl20NPjMzc.roa (raw, json)
Hash identifier: pvpOVT2u2y7micHnoPR1OO8PmhCVksaJEkRP96rXh6I=
Subject key identifier: 46:28:4A:43:50:D9:7E:E5:7F:B5:D7:9A:8C:C9:76:D0:D3:E3:33:37
Certificate issuer: /CN=97bf5be73f1823274498df52a37535d13da5be62
Certificate serial: 018CC3B7181F21649EA117A274BACA77B62C
Authority key identifier: 97:BF:5B:E7:3F:18:23:27:44:98:DF:52:A3:75:35:D1:3D:A5:BE:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/RihKQ1DZfuV_tdeajMl20NPjMzc.roa
Signing time: Mon 01 Jan 2024 06:30:05 +0000
ROA not before: Mon 01 Jan 2024 06:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20897
IP address blocks: 193.93.101.0/24 maxlen: 24
193.93.102.0/24 maxlen: 24
193.93.103.0/24 maxlen: 24
193.93.102.0/23 maxlen: 23
193.93.100.0/24 maxlen: 24
193.108.162.0/23 maxlen: 23
2001:67c:2380::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:18:1f:21:64:9e:a1:17:a2:74:ba:ca:77:b6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bf5be73f1823274498df52a37535d13da5be62
Validity
Not Before: Jan 1 06:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46284a4350d97ee57fb5d79a8cc976d0d3e33337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:88:7e:c3:d3:22:02:69:1c:d0:65:f3:c6:a1:
90:a0:32:00:c5:3f:86:05:9e:98:ad:f8:32:3e:be:
13:62:e5:bd:75:3d:77:31:6b:25:f3:d2:8e:2f:bf:
87:14:e8:7e:d5:b2:b2:a1:49:65:cb:78:49:47:88:
b2:6f:8b:d2:75:a0:04:f2:df:d5:84:54:6d:41:90:
95:d2:b8:12:08:c1:b4:d3:08:fa:32:57:3e:6b:31:
56:fb:b7:19:4d:33:07:0f:0e:c1:95:73:1b:69:21:
e2:e9:bb:a8:9f:84:6b:c7:93:a0:e0:c4:2d:6c:ff:
87:a7:09:45:c3:d7:4f:38:99:97:36:0d:23:d9:7c:
97:b2:ba:c6:ed:da:d3:12:f4:28:3d:d5:c1:c1:59:
8e:ee:aa:b2:35:a6:40:e3:a7:b7:2d:03:e1:70:43:
88:eb:bb:dc:d6:ea:30:ce:9f:08:52:71:dd:34:21:
b0:85:26:36:d8:f3:d6:bc:7b:fe:50:61:22:6c:c0:
b7:fe:c6:e8:14:c5:f5:80:49:31:7d:95:33:69:82:
30:36:4f:2a:99:62:ea:64:2b:4d:60:42:2e:7d:81:
de:41:09:06:28:29:94:28:96:44:af:03:c6:11:2f:
1b:4c:37:14:82:3d:82:3c:19:92:2f:e0:ff:bf:25:
08:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:28:4A:43:50:D9:7E:E5:7F:B5:D7:9A:8C:C9:76:D0:D3:E3:33:37
X509v3 Authority Key Identifier:
keyid:97:BF:5B:E7:3F:18:23:27:44:98:DF:52:A3:75:35:D1:3D:A5:BE:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/RihKQ1DZfuV_tdeajMl20NPjMzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.100.0/22
193.108.162.0/23
IPv6:
2001:67c:2380::/48
Signature Algorithm: sha256WithRSAEncryption
27:8b:59:24:f3:80:20:5a:2c:81:00:b3:c2:6e:6f:28:d7:87:
5a:46:24:f8:bd:56:30:e1:54:d0:ba:e8:9c:b4:ce:31:3b:dc:
54:68:dc:fa:27:67:e1:11:91:cf:ae:c0:de:d0:b7:cf:ec:a6:
68:56:dc:9e:34:9d:6a:a0:70:df:6d:15:db:80:de:94:38:9e:
0c:28:48:3e:a0:74:57:e3:54:50:33:ed:c6:3a:82:04:33:b4:
f5:df:07:a5:91:53:61:cd:ca:d8:2d:aa:05:ce:75:eb:7e:96:
a2:67:55:8b:b6:40:d8:f8:f5:a5:ae:67:21:ff:b1:30:ec:02:
d3:3e:de:eb:9c:63:a6:60:30:4d:19:96:a7:5b:17:1a:05:aa:
1e:4a:89:c0:54:99:b6:6e:5d:47:3d:82:9e:ab:c7:a5:dd:1e:
b7:55:fc:db:82:f5:e4:91:11:47:84:55:43:a5:d2:c1:ff:1c:
e6:5b:bd:ec:54:e1:88:32:7d:68:e6:47:92:27:6c:11:77:0f:
e7:4a:1e:5e:30:32:ba:b0:f2:d4:fc:be:93:16:ad:aa:d6:4c:
84:37:89:7a:9b:b1:46:a6:b4:a0:fb:4c:ea:8c:70:72:13:a1:
a3:cc:3c:81:fe:1e:28:6c:d7:c0:e1:23:84:d4:00:52:ca:da:
65:d9:42:98
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtxgfIWSeoReidLrKd7YsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmY1YmU3M2YxODIzMjc0NDk4ZGY1MmEzNzUzNWQxM2Rh
NWJlNjIwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI4NGE0MzUwZDk3ZWU1N2ZiNWQ3OWE4Y2M5NzZkMGQzZTMzMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4h+w9MiAmkc0GXzxqGQoDIAxT+G
BZ6YrfgyPr4TYuW9dT13MWsl89KOL7+HFOh+1bKyoUlly3hJR4iyb4vSdaAE8t/V
hFRtQZCV0rgSCMG00wj6Mlc+azFW+7cZTTMHDw7BlXMbaSHi6buon4Rrx5Og4MQt
bP+HpwlFw9dPOJmXNg0j2XyXsrrG7drTEvQoPdXBwVmO7qqyNaZA46e3LQPhcEOI
67vc1uowzp8IUnHdNCGwhSY22PPWvHv+UGEibMC3/sboFMX1gEkxfZUzaYIwNk8q
mWLqZCtNYEIufYHeQQkGKCmUKJZErwPGES8bTDcUgj2CPBmSL+D/vyUI3QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEYoSkNQ2X7lf7XXmozJdtDT4zM3MB8GA1UdIwQY
MBaAFJe/W+c/GCMnRJjfUqN1NdE9pb5iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDc5YjV6OFlJeWRFbU45U28zVTEwVDJsdm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82MDkwYWItYjhmYS00M2Q5LThkMTUt
M2Y0NDUxOTY2NWFjLzEvUmloS1ExRFpmdVZfdGRlYWpNbDIwTlBqTXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82MDkwYWItYjhmYS00M2Q5LThkMTUtM2Y0NDUxOTY2NWFj
LzEvbDc5YjV6OFlJeWRFbU45U28zVTEwVDJsdm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCwV1kAwQB
wWyiMA8EAgACMAkDBwAgAQZ8I4AwDQYJKoZIhvcNAQELBQADggEBACeLWSTzgCBa
LIEAs8JubyjXh1pGJPi9VjDhVNC66Jy0zjE73FRo3PonZ+ERkc+uwN7Qt8/spmhW
3J40nWqgcN9tFduA3pQ4ngwoSD6gdFfjVFAz7cY6ggQztPXfB6WRU2HNytgtqgXO
det+lqJnVYu2QNj49aWuZyH/sTDsAtM+3uucY6ZgME0ZlqdbFxoFqh5KicBUmbZu
XUc9gp6rx6XdHrdV/NuC9eSREUeEVUOl0sH/HOZbvexU4YgyfWjmR5InbBF3D+dK
Hl4wMrqw8tT8vpMWrarWTIQ3iXqbsUamtKD7TOqMcHIToaPMPIH+Hihs18DhI4TU
AFLK2mXZQpg=
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:59:47 2024 by rpki-client on console-fra.rpki-client.org