Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/L0473ywtyioVmyfqlTUfn8Bi3r0.roa
File: L0473ywtyioVmyfqlTUfn8Bi3r0.roa (raw, json)
Hash identifier: dbpFuDBWgLHbcnEWBvzN3yCt+cR0/mOqEkkRzbmjYPI=
Subject key identifier: 2F:4E:3B:DF:2C:2D:CA:2A:15:9B:27:EA:95:35:1F:9F:C0:62:DE:BD
Certificate issuer: /CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Certificate serial: 018CC5DBF36677DB56FABAC64B6E1CE4A810
Authority key identifier: C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/L0473ywtyioVmyfqlTUfn8Bi3r0.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 188.119.104.0/24 maxlen: 24
185.50.207.0/24 maxlen: 24
193.43.75.0/24 maxlen: 24
45.13.11.0/24 maxlen: 24
193.43.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f3:66:77:db:56:fa:ba:c6:4b:6e:1c:e4:a8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f4e3bdf2c2dca2a159b27ea95351f9fc062debd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:d7:b3:09:96:80:2f:fb:90:81:2a:cb:74:b3:
ad:63:45:1a:ed:c9:c6:ec:46:60:5e:0c:63:e5:79:
db:44:8c:6f:d2:74:56:62:de:65:46:74:99:23:06:
11:91:a2:70:75:3e:f9:e3:de:cd:d5:f7:43:b0:c5:
52:5c:db:b6:bb:01:51:f1:cc:e1:6a:34:46:0a:06:
8f:39:40:a9:b5:28:a6:2d:c0:5e:2a:41:bb:8c:74:
22:6d:26:53:49:8a:68:89:59:55:3f:c9:4a:57:e0:
c0:94:02:28:ea:a9:6b:b8:ab:31:25:e8:b1:e4:43:
c7:50:fc:ec:31:49:e8:f5:33:45:0b:f1:d6:a8:f6:
3d:0e:d9:19:a8:d7:27:71:a9:83:65:c1:b0:33:84:
5d:dd:55:ce:51:71:61:a8:1f:c5:57:3a:8e:0a:cc:
92:e8:48:ac:60:5b:99:d7:ce:eb:2b:23:70:97:8e:
66:9c:48:47:d1:4d:90:c4:d8:b5:21:24:fb:4c:03:
f7:74:3a:32:f5:8d:69:9b:cf:a1:7a:bd:79:21:65:
35:4c:6c:9d:6d:16:da:90:1e:e4:aa:60:2d:dc:b3:
db:f8:e2:5d:4a:ee:59:a0:68:9e:99:77:17:3f:2b:
72:db:00:94:9c:bb:1f:51:da:4a:af:2e:85:48:f0:
d0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4E:3B:DF:2C:2D:CA:2A:15:9B:27:EA:95:35:1F:9F:C0:62:DE:BD
X509v3 Authority Key Identifier:
keyid:C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/L0473ywtyioVmyfqlTUfn8Bi3r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.11.0/24
185.50.207.0/24
188.119.104.0/24
193.43.75.0/24
193.43.98.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:0b:4d:c2:7f:ef:74:a3:2f:06:70:a9:2d:fd:ca:89:4d:a0:
cf:28:a7:ad:67:ae:94:5e:f0:91:16:af:64:60:66:77:c8:4e:
8b:c0:59:40:25:2e:22:77:33:4a:0e:03:8d:63:c6:67:e3:1f:
51:65:0f:7e:a2:9e:11:eb:87:ac:7f:b9:de:ad:72:e2:e1:14:
a3:5a:15:55:6a:0a:9c:f8:1b:d6:52:ad:fb:e2:9c:50:3e:e8:
7d:f4:59:a9:ca:fb:fa:84:92:97:fc:b3:b5:44:20:d0:a8:15:
2b:92:c0:c3:60:d5:a0:bc:ed:9f:94:9c:e6:19:ee:76:1a:18:
18:7a:a4:a9:5a:78:1d:97:26:7c:b2:f5:39:35:35:cc:6d:29:
c1:f5:19:ea:0a:7d:d5:04:66:f0:18:bb:13:09:21:56:91:8e:
64:d1:b8:1b:e0:46:a7:26:83:de:36:6d:12:59:27:de:37:07:
77:6b:3b:01:13:fc:5a:f4:2d:a2:e4:f1:29:b1:e0:40:f1:34:
6d:cd:d9:43:c4:58:8f:f4:93:a7:99:77:36:10:d8:3e:0b:bf:
e7:fa:df:98:30:a0:79:44:12:e1:fc:65:c2:d7:b7:2f:82:87:
e0:ba:d0:29:f0:27:ad:ba:95:11:d5:50:19:10:f1:39:0a:8f:
cc:75:d8:7f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF2/Nmd9tW+rrGS24c5KgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjBkNTM1ZWViY2YyOGU2MGFjOThhZTQ5NWIzNDk4MWI1
YTkzZWMwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRlM2JkZjJjMmRjYTJhMTU5YjI3ZWE5NTM1MWY5ZmMwNjJkZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9dezCZaAL/uQgSrLdLOtY0Ua7cnG
7EZgXgxj5XnbRIxv0nRWYt5lRnSZIwYRkaJwdT75497N1fdDsMVSXNu2uwFR8czh
ajRGCgaPOUCptSimLcBeKkG7jHQibSZTSYpoiVlVP8lKV+DAlAIo6qlruKsxJeix
5EPHUPzsMUno9TNFC/HWqPY9DtkZqNcncamDZcGwM4Rd3VXOUXFhqB/FVzqOCsyS
6EisYFuZ187rKyNwl45mnEhH0U2QxNi1IST7TAP3dDoy9Y1pm8+her15IWU1TGyd
bRbakB7kqmAt3LPb+OJdSu5ZoGiemXcXPyty2wCUnLsfUdpKry6FSPDQYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC9OO98sLcoqFZsn6pU1H5/AYt69MB8GA1UdIwQY
MBaAFMOw1TXuvPKOYKyYrklbNJgbWpPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmIt
OTUxOTY5M2VhYTdiLzEvTDA0NzN5d3R5aW9WbXlmcWxUVWZuOEJpM3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmItOTUxOTY5M2VhYTdi
LzEvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ0LAwQA
uTLPAwQAvHdoAwQAwStLAwQAwStiMA0GCSqGSIb3DQEBCwUAA4IBAQAKC03Cf+90
oy8GcKkt/cqJTaDPKKetZ66UXvCRFq9kYGZ3yE6LwFlAJS4idzNKDgONY8Zn4x9R
ZQ9+op4R64esf7nerXLi4RSjWhVVagqc+BvWUq374pxQPuh99Fmpyvv6hJKX/LO1
RCDQqBUrksDDYNWgvO2flJzmGe52GhgYeqSpWngdlyZ8svU5NTXMbSnB9RnqCn3V
BGbwGLsTCSFWkY5k0bgb4EanJoPeNm0SWSfeNwd3azsBE/xa9C2i5PEpseBA8TRt
zdlDxFiP9JOnmXc2ENg+C7/n+t+YMKB5RBLh/GXC17cvgofgutAp8CetupUR1VAZ
EPE5Co/Mddh/
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:09:00 2024 by rpki-client on console-ams.rpki-client.org