Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1-ru45WX50nqE1nkkiAh6wbMYSKE.roa
File: 1-ru45WX50nqE1nkkiAh6wbMYSKE.roa (raw, json)
Hash identifier: 6VMyn58eJX/7qjDu0gid/FtESObauEZYtrO05J2qzTY=
Subject key identifier: FA:BB:B8:E5:65:F9:D2:7A:84:D6:79:24:88:08:7A:C1:B3:18:48:A1
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B94BAC0E9A9B637BE15F5E67F14F13
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1-ru45WX50nqE1nkkiAh6wbMYSKE.roa
Signing time: Mon 01 Jan 2024 20:31:21 +0000
ROA not before: Mon 01 Jan 2024 20:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50613
IP address blocks: 37.235.49.0/24 maxlen: 24
151.236.24.0/24 maxlen: 24
2a03:f80:354::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:4b:ac:0e:9a:9b:63:7b:e1:5f:5e:67:f1:4f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fabbb8e565f9d27a84d6792488087ac1b31848a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f8:29:90:eb:ef:85:38:46:fe:f5:a9:35:a9:
8b:60:00:09:09:bc:ba:24:59:91:a2:10:5f:4c:44:
e1:70:0f:61:c0:6d:20:ca:dd:25:80:14:e9:5b:84:
eb:f4:db:a9:1b:22:09:cd:09:33:bd:7f:92:7d:23:
f9:08:be:d9:be:4e:3a:ea:ee:4e:3f:d8:02:c4:44:
d4:b4:42:df:ac:99:cd:d2:3a:5f:fd:16:17:04:0a:
a6:10:9b:f5:07:03:e3:e3:af:54:bc:6f:bc:7a:e5:
50:42:cb:94:a9:e8:4f:ba:78:7b:f1:71:61:aa:7b:
8e:84:db:f4:09:03:56:73:46:37:43:57:46:a9:0f:
76:03:de:1b:bb:59:25:25:e6:19:1a:6a:a5:73:63:
e4:44:0a:4a:a1:99:1b:0b:e6:bd:b9:e7:5e:1c:13:
28:81:f4:24:91:6f:5f:f0:f6:46:32:b6:b7:36:b3:
5d:8b:ba:cf:6e:27:c7:5d:d2:16:f6:a8:2f:ce:ef:
dd:ab:a9:a3:6f:fa:26:cf:0e:a1:10:a0:0d:a9:87:
2c:df:a2:e2:cf:39:2e:ea:07:cb:d4:fd:88:31:11:
24:6f:8f:c2:f6:f1:00:f8:91:f0:b3:db:d6:1d:e2:
1f:ee:4f:40:ad:a8:0d:ad:40:7b:76:6d:4a:bf:a6:
79:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BB:B8:E5:65:F9:D2:7A:84:D6:79:24:88:08:7A:C1:B3:18:48:A1
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1-ru45WX50nqE1nkkiAh6wbMYSKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.49.0/24
151.236.24.0/24
IPv6:
2a03:f80:354::/48
Signature Algorithm: sha256WithRSAEncryption
55:7e:2e:e8:c0:09:0e:ab:d3:2d:6e:4d:20:c5:c2:c5:96:0b:
c3:80:4a:3b:54:d9:6b:a8:1e:69:39:11:8c:b7:0b:e4:56:46:
55:19:b1:b6:7d:2d:b0:32:20:11:89:67:20:bb:4b:63:49:f6:
f7:5d:e3:bd:a6:4f:99:01:31:7c:b6:08:5f:7d:74:7b:be:1c:
2e:51:88:71:21:6d:dc:42:73:cd:00:ea:a3:b6:f7:28:b4:7f:
36:62:2c:3c:f9:83:35:71:2e:37:25:f6:75:41:23:79:a9:9f:
1a:c2:7b:8d:52:86:9b:4f:75:a2:60:c0:b6:b2:aa:a5:f1:71:
8f:7d:b0:fa:d1:f3:f1:91:9e:b9:6d:10:f6:f5:42:ad:f8:5f:
ba:96:f7:44:69:d5:a7:94:8b:8f:1d:60:03:6b:1b:c0:08:41:
bc:10:25:2c:55:d8:29:ea:8a:1d:78:32:b7:05:ad:bc:8f:3b:
d7:19:4d:da:75:ec:0d:ca:13:6d:a8:2f:dc:0e:17:56:43:16:
ba:9f:e2:3d:a7:d7:16:23:04:18:99:f2:c3:9d:e7:f5:c9:9c:
93:db:ba:31:18:8e:5b:d0:59:15:77:66:ff:19:37:bc:40:b7:
1e:4f:73:54:8b:58:db:05:42:ff:fc:bb:c3:fe:84:cf:ed:e0:
8a:4b:e8:69
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGuUusDpqbY3vhX15n8U8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJiYjhlNTY1ZjlkMjdhODRkNjc5MjQ4ODA4N2FjMWIzMTg0OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfgpkOvvhThG/vWpNamLYAAJCby6
JFmRohBfTEThcA9hwG0gyt0lgBTpW4Tr9NupGyIJzQkzvX+SfSP5CL7Zvk466u5O
P9gCxETUtELfrJnN0jpf/RYXBAqmEJv1BwPj469UvG+8euVQQsuUqehPunh78XFh
qnuOhNv0CQNWc0Y3Q1dGqQ92A94bu1klJeYZGmqlc2PkRApKoZkbC+a9uedeHBMo
gfQkkW9f8PZGMra3NrNdi7rPbifHXdIW9qgvzu/dq6mjb/omzw6hEKANqYcs36Li
zzku6gfL1P2IMREkb4/C9vEA+JHws9vWHeIf7k9AragNrUB7dm1Kv6Z5NwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPq7uOVl+dJ6hNZ5JIgIesGzGEihMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMS1ydTQ1V1g1MG5xRTFua2tpQWg2d2JNWVNLRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNk
Yy8xLzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEACXrMQME
AJfsGDAPBAIAAjAJAwcAKgMPgANUMA0GCSqGSIb3DQEBCwUAA4IBAQBVfi7owAkO
q9Mtbk0gxcLFlgvDgEo7VNlrqB5pORGMtwvkVkZVGbG2fS2wMiARiWcgu0tjSfb3
XeO9pk+ZATF8tghffXR7vhwuUYhxIW3cQnPNAOqjtvcotH82Yiw8+YM1cS43JfZ1
QSN5qZ8awnuNUoabT3WiYMC2sqql8XGPfbD60fPxkZ65bRD29UKt+F+6lvdEadWn
lIuPHWADaxvACEG8ECUsVdgp6oodeDK3Ba28jzvXGU3adewNyhNtqC/cDhdWQxa6
n+I9p9cWIwQYmfLDnef1yZyT27oxGI5b0FkVd2b/GTe8QLceT3NUi1jbBUL//LvD
/oTP7eCKS+hp
-----END CERTIFICATE-----
Generated at Sat May 18 13:46:38 2024 by rpki-client on console-ams.rpki-client.org