Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/91592e-aebe-42b6-8082-6fd67a92f18f/1/14pfV4nKv4Bma3_1Jh3J9_t-eJc.roa
File: 14pfV4nKv4Bma3_1Jh3J9_t-eJc.roa (raw, json)
Hash identifier: OXDphgmvfOQt5XyN/bTDy6A8yIHIcXuPWelWCLl95hU=
Subject key identifier: D7:8A:5F:57:89:CA:BF:80:66:6B:7F:F5:26:1D:C9:F7:FB:7E:78:97
Certificate issuer: /CN=ffebd54bf05aa50ece9c526d0cd55de62bdb11fb
Certificate serial: 018CC348A65070F8303D1B192A73E5FDA8DB
Authority key identifier: FF:EB:D5:4B:F0:5A:A5:0E:CE:9C:52:6D:0C:D5:5D:E6:2B:DB:11:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-vVS_BapQ7OnFJtDNVd5ivbEfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/91592e-aebe-42b6-8082-6fd67a92f18f/1/14pfV4nKv4Bma3_1Jh3J9_t-eJc.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47481
IP address blocks: 194.35.48.0/24 maxlen: 24
185.24.47.0/24 maxlen: 24
185.24.46.0/24 maxlen: 24
2a0d:fec0:121::/48 maxlen: 48
2a0d:fec0:21::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/91592e-aebe-42b6-8082-6fd67a92f18f/1/_-vVS_BapQ7OnFJtDNVd5ivbEfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/91592e-aebe-42b6-8082-6fd67a92f18f/1/_-vVS_BapQ7OnFJtDNVd5ivbEfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_-vVS_BapQ7OnFJtDNVd5ivbEfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 13:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a6:50:70:f8:30:3d:1b:19:2a:73:e5:fd:a8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffebd54bf05aa50ece9c526d0cd55de62bdb11fb
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d78a5f5789cabf80666b7ff5261dc9f7fb7e7897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:0d:26:94:5b:0e:f3:c9:3e:cf:b7:2c:13:
da:84:46:8e:23:b4:23:0b:b7:52:71:ed:96:b2:95:
52:15:66:f2:5e:ff:3e:aa:10:fe:e0:45:6a:22:38:
4f:cb:df:37:43:e5:b9:82:fa:34:2f:7d:42:66:3a:
9b:f5:3a:e2:1f:7f:39:90:c2:9d:a7:b1:ac:ba:f1:
cc:6f:7c:cb:3c:75:61:70:4c:9a:57:da:02:e6:9b:
11:7b:e4:2f:82:5e:e9:e2:2c:4e:c5:e4:a7:a4:b2:
7b:1d:a2:55:88:0b:3b:b8:0e:4d:be:ba:64:b6:f0:
77:0c:96:c0:27:97:97:9f:a7:38:0e:b5:5d:d5:2c:
81:2b:78:34:78:eb:bb:b8:d6:58:a9:ab:05:bc:50:
66:54:64:04:6c:99:8b:a2:e7:18:75:3c:c9:fb:74:
bb:7e:54:a9:24:7a:89:ba:3a:4a:5c:91:df:cc:59:
f9:6e:04:9b:56:e7:83:39:4e:4a:bb:da:36:36:40:
fa:7f:8e:2f:a2:6e:c5:5c:9e:f4:bb:91:b5:47:cb:
2d:c0:8d:a5:b9:13:85:01:d7:5e:a7:bf:dc:bf:fb:
1f:b7:6b:b6:b6:64:73:7f:eb:9b:43:37:6c:cb:78:
c4:a2:56:5f:af:4f:63:d2:d1:81:ee:c8:c1:2e:da:
80:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8A:5F:57:89:CA:BF:80:66:6B:7F:F5:26:1D:C9:F7:FB:7E:78:97
X509v3 Authority Key Identifier:
keyid:FF:EB:D5:4B:F0:5A:A5:0E:CE:9C:52:6D:0C:D5:5D:E6:2B:DB:11:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-vVS_BapQ7OnFJtDNVd5ivbEfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/91592e-aebe-42b6-8082-6fd67a92f18f/1/14pfV4nKv4Bma3_1Jh3J9_t-eJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/91592e-aebe-42b6-8082-6fd67a92f18f/1/_-vVS_BapQ7OnFJtDNVd5ivbEfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.46.0/23
194.35.48.0/24
IPv6:
2a0d:fec0:21::/48
2a0d:fec0:121::/48
Signature Algorithm: sha256WithRSAEncryption
8d:19:c5:33:d5:fb:66:1f:b2:74:01:c7:3b:d0:89:85:a9:58:
54:7a:48:95:07:9d:eb:3a:3a:4c:d3:2f:2c:1e:9f:54:17:90:
c2:04:ec:a9:fa:f7:c8:77:d4:b6:f6:d8:20:1f:58:76:48:69:
ed:03:13:14:92:93:ea:b2:e0:49:58:9c:05:56:bd:77:6e:04:
a3:65:2e:40:f1:0f:85:8a:c2:b7:74:eb:6e:67:eb:9d:d8:14:
86:da:c7:fa:52:a3:32:e8:e8:11:a1:3f:8f:b8:ef:dd:9e:db:
39:1c:36:e9:03:7c:ce:dd:cc:b7:04:40:1e:1c:50:46:a5:58:
3e:cf:19:46:96:54:f5:d9:e1:45:1b:2b:b4:87:14:35:49:6a:
33:1a:1b:1e:64:86:ff:ec:5a:96:f1:32:b5:87:b4:73:00:9e:
ab:eb:9a:ba:2d:eb:71:20:c1:70:41:fa:05:62:93:2c:af:35:
6a:bb:54:29:98:44:50:b8:ff:52:f8:bb:12:91:f4:9b:b3:9b:
58:49:b7:a1:90:49:45:5f:16:d3:79:a3:5c:c6:80:bd:fe:41:
24:11:3b:56:d2:27:fe:30:48:59:6b:74:59:c7:dc:b7:4c:6d:
59:81:7d:c4:64:64:6e:0d:88:b1:01:0a:18:43:eb:2b:cd:d1:
50:46:cd:8d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSKZQcPgwPRsZKnPl/ajbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZWJkNTRiZjA1YWE1MGVjZTljNTI2ZDBjZDU1ZGU2MmJk
YjExZmIwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzhhNWY1Nzg5Y2FiZjgwNjY2YjdmZjUyNjFkYzlmN2ZiN2U3ODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuYNJpRbDvPJPs+3LBPahEaOI7Qj
C7dSce2WspVSFWbyXv8+qhD+4EVqIjhPy983Q+W5gvo0L31CZjqb9TriH385kMKd
p7GsuvHMb3zLPHVhcEyaV9oC5psRe+Qvgl7p4ixOxeSnpLJ7HaJViAs7uA5Nvrpk
tvB3DJbAJ5eXn6c4DrVd1SyBK3g0eOu7uNZYqasFvFBmVGQEbJmLoucYdTzJ+3S7
flSpJHqJujpKXJHfzFn5bgSbVueDOU5Ku9o2NkD6f44vom7FXJ70u5G1R8stwI2l
uROFAddep7/cv/sft2u2tmRzf+ubQzdsy3jEolZfr09j0tGB7sjBLtqA9QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNeKX1eJyr+AZmt/9SYdyff7fniXMB8GA1UdIwQY
MBaAFP/r1UvwWqUOzpxSbQzVXeYr2xH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy12VlNfQmFwUTdPbkZKdEROVmQ1aXZiRWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85MTU5MmUtYWViZS00MmI2LTgwODIt
NmZkNjdhOTJmMThmLzEvMTRwZlY0bkt2NEJtYTNfMUpoM0o5X3QtZUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85MTU5MmUtYWViZS00MmI2LTgwODItNmZkNjdhOTJmMThm
LzEvXy12VlNfQmFwUTdPbkZKdEROVmQ1aXZiRWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBuRguAwQA
wiMwMBgEAgACMBIDBwAqDf7AACEDBwAqDf7AASEwDQYJKoZIhvcNAQELBQADggEB
AI0ZxTPV+2YfsnQBxzvQiYWpWFR6SJUHnes6OkzTLywen1QXkMIE7Kn698h31Lb2
2CAfWHZIae0DExSSk+qy4ElYnAVWvXduBKNlLkDxD4WKwrd0625n653YFIbax/pS
ozLo6BGhP4+4792e2zkcNukDfM7dzLcEQB4cUEalWD7PGUaWVPXZ4UUbK7SHFDVJ
ajMaGx5khv/sWpbxMrWHtHMAnqvrmrot63EgwXBB+gVikyyvNWq7VCmYRFC4/1L4
uxKR9Juzm1hJt6GQSUVfFtN5o1zGgL3+QSQRO1bSJ/4wSFlrdFnH3LdMbVmBfcRk
ZG4NiLEBChhD6yvN0VBGzY0=
-----END CERTIFICATE-----
Generated at Fri Jun 21 20:15:16 2024 by rpki-client on console-ams.rpki-client.org