Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0S1wFaIGx6CVNrbpcMsMCJVNRro.roa
File: 0S1wFaIGx6CVNrbpcMsMCJVNRro.roa (raw, json)
Hash identifier: 6vToYkYXE6Sq4aKOJvTR+/ccfpLnRQszJXTBKhNiiSA=
Subject key identifier: D1:2D:70:15:A2:06:C7:A0:95:36:B6:E9:70:CB:0C:08:95:4D:46:BA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE14E959DFEB2C552AFB70B1C50AF47A9
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0S1wFaIGx6CVNrbpcMsMCJVNRro.roa
Signing time: Mon 15 Apr 2024 10:30:07 +0000
ROA not before: Mon 15 Apr 2024 10:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30749
IP address blocks: 193.19.66.0/23 maxlen: 23
193.19.70.0/23 maxlen: 23
193.19.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:4e:95:9d:fe:b2:c5:52:af:b7:0b:1c:50:af:47:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 15 10:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d12d7015a206c7a09536b6e970cb0c08954d46ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:4b:b4:a3:78:a6:46:25:41:53:d2:7c:f7:
1b:62:4d:5a:26:14:00:78:54:50:48:73:90:3e:72:
a2:24:72:e7:3a:39:cf:3f:f2:2f:e3:3e:6e:4f:16:
d4:4b:95:f3:fc:0e:96:12:cf:e4:df:6e:31:02:e7:
47:c5:d5:62:d8:d3:20:4c:d9:85:29:36:5f:d0:ff:
80:36:d6:74:2c:72:b6:f3:77:e0:16:bb:b4:e6:9f:
40:87:da:43:7e:91:05:91:f9:18:5d:d4:18:6d:a1:
ac:92:7e:7d:0c:88:77:17:2a:67:b2:9e:1d:b9:0d:
9a:ab:71:e4:0d:dd:48:f5:f2:a2:97:7e:15:18:93:
d1:30:2f:57:5a:45:a6:d9:a1:30:a8:05:b7:7a:c6:
21:84:b0:d9:75:14:3f:97:d4:73:74:1e:9f:05:04:
62:16:44:30:e3:78:3b:db:f4:b8:d7:f8:7f:bd:31:
98:8f:5d:d5:34:cf:df:bb:94:03:5e:0e:02:b7:ee:
30:e9:e9:3a:ae:0f:57:24:c4:3d:ce:1d:f4:28:c7:
f7:ff:89:99:03:66:4c:71:ec:ee:4e:15:fb:4b:f4:
15:59:67:ca:f5:e5:75:b0:d0:cf:80:a3:4c:e4:f8:
f2:a6:a0:9b:6d:08:74:f9:a2:f1:56:03:51:d3:df:
7c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2D:70:15:A2:06:C7:A0:95:36:B6:E9:70:CB:0C:08:95:4D:46:BA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0S1wFaIGx6CVNrbpcMsMCJVNRro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.66.0/23
193.19.70.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:aa:06:80:55:fd:6b:2d:b8:19:43:ce:a7:6a:80:71:dd:b5:
7a:1f:c2:a0:18:30:80:69:7b:9a:8d:38:ac:bf:44:6f:29:66:
a0:26:72:ce:43:9d:8c:79:3a:34:f0:cb:88:a5:f8:ba:3b:bb:
f0:bf:1f:cd:18:29:3b:57:10:b9:46:bc:a8:a2:53:56:ef:e2:
29:de:1e:3a:ff:39:aa:61:c8:bf:66:14:b4:5d:68:ae:26:58:
28:5d:eb:09:d0:ea:3d:a2:c0:24:32:76:15:bf:30:02:5f:80:
25:21:5f:87:ff:dc:9b:ce:4c:9b:56:f9:d0:af:6b:dc:9d:c7:
3f:2f:ca:51:5a:07:cd:a3:c2:2c:fe:e9:52:67:e8:e7:07:bf:
13:e7:4f:50:9c:34:94:dc:31:27:b9:5d:5e:d3:44:35:e9:e7:
41:3b:01:71:b5:c1:56:4c:f7:74:6e:93:da:92:bd:f8:49:cf:
51:5f:fa:70:c7:83:52:f0:e1:c9:01:f9:29:f8:d3:b6:5e:c6:
68:6b:14:24:e8:42:06:cc:ca:be:31:78:52:c9:66:68:43:8b:
89:14:44:32:ea:0b:aa:73:a4:3b:44:12:f1:b9:6c:a9:86:d8:
4a:bf:f6:27:33:53:fb:4e:bb:3d:b9:56:2e:12:dc:af:a2:da:
84:91:d2:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7hTpWd/rLFUq+3CxxQr0epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE1MTAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJkNzAxNWEyMDZjN2EwOTUzNmI2ZTk3MGNiMGMwODk1NGQ0NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqdLtKN4pkYlQVPSfPcbYk1aJhQA
eFRQSHOQPnKiJHLnOjnPP/Iv4z5uTxbUS5Xz/A6WEs/k324xAudHxdVi2NMgTNmF
KTZf0P+ANtZ0LHK283fgFru05p9Ah9pDfpEFkfkYXdQYbaGskn59DIh3Fypnsp4d
uQ2aq3HkDd1I9fKil34VGJPRMC9XWkWm2aEwqAW3esYhhLDZdRQ/l9RzdB6fBQRi
FkQw43g72/S41/h/vTGYj13VNM/fu5QDXg4Ct+4w6ek6rg9XJMQ9zh30KMf3/4mZ
A2ZMcezuThX7S/QVWWfK9eV1sNDPgKNM5PjypqCbbQh0+aLxVgNR0998KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNEtcBWiBseglTa26XDLDAiVTUa6MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMFMxd0ZhSUd4NkNWTnJicGNNc01DSlZOUnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwRNCAwQB
wRNGMA0GCSqGSIb3DQEBCwUAA4IBAQBqqgaAVf1rLbgZQ86naoBx3bV6H8KgGDCA
aXuajTisv0RvKWagJnLOQ52MeTo08MuIpfi6O7vwvx/NGCk7VxC5RryoolNW7+Ip
3h46/zmqYci/ZhS0XWiuJlgoXesJ0Oo9osAkMnYVvzACX4AlIV+H/9ybzkybVvnQ
r2vcncc/L8pRWgfNo8Is/ulSZ+jnB78T509QnDSU3DEnuV1e00Q16edBOwFxtcFW
TPd0bpPakr34Sc9RX/pwx4NS8OHJAfkp+NO2XsZoaxQk6EIGzMq+MXhSyWZoQ4uJ
FEQy6guqc6Q7RBLxuWyphthKv/YnM1P7Trs9uVYuEtyvotqEkdIV
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org