Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/DnaT0qJaGMculPKHxQnyJbIbX9Y.roa
File: DnaT0qJaGMculPKHxQnyJbIbX9Y.roa (raw, json)
Hash identifier: lczjgYuCKmP/00NqKfxqvqsCAwfV4h3DFQ2mDCZvhFU=
Subject key identifier: 0E:76:93:D2:A2:5A:18:C7:2E:94:F2:87:C5:09:F2:25:B2:1B:5F:D6
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 018D45E03BD98BBE7698FE09B9B0895C3D13
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/DnaT0qJaGMculPKHxQnyJbIbX9Y.roa
Signing time: Fri 26 Jan 2024 13:05:39 +0000
ROA not before: Fri 26 Jan 2024 13:05:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50434
IP address blocks: 178.248.78.0/24 maxlen: 24
193.169.78.0/23 maxlen: 23
195.42.112.0/24 maxlen: 24
195.42.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:e0:3b:d9:8b:be:76:98:fe:09:b9:b0:89:5c:3d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Jan 26 13:05:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e7693d2a25a18c72e94f287c509f225b21b5fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:20:0d:a7:7d:00:a3:b9:4d:8b:87:2d:21:0f:
d1:4a:bc:83:ca:df:03:78:15:47:80:ee:09:7e:49:
23:b2:2c:13:b2:50:c6:ea:ab:c6:8a:50:00:28:21:
4e:d2:24:53:c4:ec:1e:15:95:d1:0e:d8:ca:fd:5c:
11:10:a8:20:fc:4c:3b:ea:0d:4f:7a:e9:de:b1:ba:
71:4e:25:a3:eb:a5:46:03:4a:63:bb:3b:d9:c9:85:
02:dd:ab:08:62:73:fc:0e:22:a9:f0:a2:cc:78:3a:
03:ea:94:2c:11:73:45:fe:e9:b0:1b:bb:11:08:01:
dd:e1:86:af:bd:18:30:74:b4:e3:ee:c1:e4:ff:88:
42:b3:3f:13:8d:53:34:f9:73:22:f2:de:3a:28:4b:
6d:71:3c:0c:09:d3:1b:60:09:41:86:0e:ba:82:a6:
ee:94:e2:67:d1:96:f8:02:12:8e:ce:34:eb:a7:61:
80:f5:66:18:cc:e2:b7:81:e0:84:30:3d:99:bb:f3:
85:d8:ed:11:51:96:1b:b2:2e:b7:2f:cc:bf:b7:e6:
01:5a:62:20:77:36:fb:46:57:19:d0:e5:b6:4b:28:
42:26:68:a3:29:85:72:e4:31:17:f3:a5:f2:82:2f:
3b:6f:ca:a1:44:c7:81:bf:e0:b8:fb:bf:8c:0e:25:
3a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:76:93:D2:A2:5A:18:C7:2E:94:F2:87:C5:09:F2:25:B2:1B:5F:D6
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/DnaT0qJaGMculPKHxQnyJbIbX9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.78.0/24
193.169.78.0/23
195.42.112.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:40:44:f7:b4:26:ca:2c:4a:31:f9:7c:88:4e:5d:b4:9a:84:
70:da:c1:75:e8:20:37:c3:87:d3:1f:89:70:8b:5e:4e:06:16:
53:93:69:af:88:35:1d:c9:fd:2e:97:c9:9e:78:49:62:14:4b:
5a:71:9f:14:0a:dd:b5:12:55:d6:eb:00:f7:fe:1d:16:2e:ae:
d4:5c:87:14:34:1e:46:93:e9:48:02:12:40:1b:81:61:82:3a:
8b:57:c8:8b:dd:20:f6:a8:34:7f:b4:6b:cf:89:3a:67:24:4b:
77:0e:aa:ad:69:6f:8a:b0:0f:1d:e7:a1:ea:2e:de:85:f7:54:
05:0b:24:d8:87:33:b5:68:bc:4e:b8:d1:e7:bd:a6:e5:eb:f2:
cf:8e:b6:2a:6f:b1:af:a3:12:90:a4:85:e1:b9:58:03:e1:40:
19:a6:14:bb:03:64:0f:f0:2d:d2:87:31:31:67:a3:8f:f1:f3:
68:1b:2c:a9:e7:ab:79:cc:15:94:e1:6a:08:f1:c5:aa:63:3f:
54:86:b2:17:b5:f5:7e:63:ad:c1:67:08:d7:7c:3a:9f:48:71:
fb:7e:79:c2:ba:68:7c:d4:5d:91:22:88:39:76:8f:9d:16:19:
ff:47:c7:a5:5c:05:79:59:d9:02:64:86:38:9c:85:b0:0e:bd:
7c:b7:5d:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1F4DvZi752mP4JubCJXD0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjQwMTI2MTMwNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc2OTNkMmEyNWExOGM3MmU5NGYyODdjNTA5ZjIyNWIyMWI1ZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CANp30Ao7lNi4ctIQ/RSryDyt8D
eBVHgO4JfkkjsiwTslDG6qvGilAAKCFO0iRTxOweFZXRDtjK/VwREKgg/Ew76g1P
eunesbpxTiWj66VGA0pjuzvZyYUC3asIYnP8DiKp8KLMeDoD6pQsEXNF/umwG7sR
CAHd4YavvRgwdLTj7sHk/4hCsz8TjVM0+XMi8t46KEttcTwMCdMbYAlBhg66gqbu
lOJn0Zb4AhKOzjTrp2GA9WYYzOK3geCEMD2Zu/OF2O0RUZYbsi63L8y/t+YBWmIg
dzb7RlcZ0OW2SyhCJmijKYVy5DEX86Xygi87b8qhRMeBv+C4+7+MDiU6cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA52k9KiWhjHLpTyh8UJ8iWyG1/WMB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvRG5hVDBxSmFHTWN1bFBLSHhRbnlKYkliWDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsvhOAwQB
walOAwQBwypwMA0GCSqGSIb3DQEBCwUAA4IBAQBNQET3tCbKLEox+XyITl20moRw
2sF16CA3w4fTH4lwi15OBhZTk2mviDUdyf0ul8meeEliFEtacZ8UCt21ElXW6wD3
/h0WLq7UXIcUNB5Gk+lIAhJAG4FhgjqLV8iL3SD2qDR/tGvPiTpnJEt3DqqtaW+K
sA8d56HqLt6F91QFCyTYhzO1aLxOuNHnvabl6/LPjrYqb7GvoxKQpIXhuVgD4UAZ
phS7A2QP8C3ShzExZ6OP8fNoGyyp56t5zBWU4WoI8cWqYz9UhrIXtfV+Y63BZwjX
fDqfSHH7fnnCumh81F2RIog5do+dFhn/R8elXAV5WdkCZIY4nIWwDr18t13l
-----END CERTIFICATE-----
Generated at Mon Jun 3 10:15:20 2024 by rpki-client on console-ams.rpki-client.org