Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/D0hBpGz-WLyGFDi2NemVnhGdka0.roa
File: D0hBpGz-WLyGFDi2NemVnhGdka0.roa (raw, json)
Hash identifier: RTsc2qZK3UTDjrKyX+OgV8tlFo/NrGhjxm9TNt0LhU8=
Subject key identifier: 0F:48:41:A4:6C:FE:58:BC:86:14:38:B6:35:E9:95:9E:11:9D:91:AD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01919342EFC708499CA374809664FA563A22
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/D0hBpGz-WLyGFDi2NemVnhGdka0.roa
Signing time: Tue 27 Aug 2024 09:55:23 +0000
ROA not before: Tue 27 Aug 2024 09:55:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56341
IP address blocks: 46.52.224.0/21 maxlen: 21
79.98.248.0/21 maxlen: 21
109.203.198.0/23 maxlen: 23
188.133.224.0/20 maxlen: 20
188.133.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:93:42:ef:c7:08:49:9c:a3:74:80:96:64:fa:56:3a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 27 09:55:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f4841a46cfe58bc861438b635e9959e119d91ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d2:b0:7d:30:88:a6:68:7b:a2:0f:ed:42:bf:
b6:01:32:6e:1c:b9:1d:48:ec:c5:a6:5f:6c:5e:c2:
9b:94:91:8d:ce:38:8e:89:38:c8:6f:3b:52:5c:f0:
30:c8:44:0a:cb:1b:7b:db:f1:9f:37:06:11:1d:b9:
23:dc:cb:8b:b0:16:e9:f5:50:68:59:f8:d6:26:f3:
a8:c5:18:02:b2:e1:99:ba:b8:a6:a8:d2:65:b1:89:
80:05:80:33:e7:38:55:28:c8:c6:e4:6e:26:78:63:
ed:e2:93:d3:c3:42:9a:94:62:be:f7:3d:39:ea:ae:
f2:59:e5:fa:d9:a5:0e:ff:21:e0:13:f3:b2:01:4e:
00:77:a2:50:62:f3:33:80:ac:4e:9f:58:b0:ac:ed:
c2:b2:e9:10:4f:f5:4e:9a:7e:de:fd:ea:79:01:a5:
e7:b0:61:aa:4f:29:fa:cd:7b:f8:30:79:ba:11:3e:
83:78:58:bf:41:42:3b:dc:44:a0:29:24:a7:7e:0f:
d9:4f:f2:39:0b:52:2e:36:9b:ee:b0:13:b1:d6:a1:
1f:ab:2d:19:46:fa:a1:ef:75:28:9b:39:5b:37:ea:
34:82:60:63:95:5d:a7:22:b1:76:32:33:f6:c8:fa:
d2:19:20:aa:11:22:77:e2:e7:61:31:71:f8:87:94:
77:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:48:41:A4:6C:FE:58:BC:86:14:38:B6:35:E9:95:9E:11:9D:91:AD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/D0hBpGz-WLyGFDi2NemVnhGdka0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.52.224.0/21
79.98.248.0/21
109.203.198.0/23
188.133.224.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:8a:a1:8b:00:06:f0:e3:83:1d:6b:35:58:6b:ef:0b:ac:9c:
a7:12:d6:83:26:db:f3:47:ad:0f:54:ad:c8:cf:05:03:13:c9:
6b:6e:3d:b9:2b:7d:82:02:79:35:0a:6f:a1:dd:09:67:ab:ae:
b8:bf:a3:2f:ac:69:a3:6f:52:92:14:6c:17:46:28:1e:ef:02:
f4:85:72:1b:5f:7a:04:38:9d:9e:0a:8e:09:d7:50:d8:f4:8f:
3e:06:fb:94:d4:18:c1:15:72:1b:05:68:af:4b:5b:63:f0:fb:
9f:69:f8:50:ff:84:a2:43:1a:ed:3c:0b:07:8e:32:0f:04:85:
76:40:b0:8a:37:d5:d4:0d:c7:8e:de:73:64:0b:48:c8:e5:2c:
57:b0:99:4f:e2:28:0e:6a:9b:02:bd:1f:e2:bc:b1:e8:4d:fb:
3b:45:80:3a:9c:6f:31:66:5e:33:f8:a2:01:7b:0b:3b:03:61:
c9:6e:82:19:a8:b9:67:40:a8:ad:4e:e3:58:74:92:18:c3:56:
0b:b1:81:38:9e:49:16:f4:6c:05:9c:b5:60:ce:87:d9:0a:5c:
32:54:63:0e:b1:b0:86:eb:70:59:62:47:c5:93:b9:24:c2:09:
c1:89:48:fe:72:4a:5d:4c:fe:d3:5f:60:13:49:64:d7:1c:6f:
af:40:b2:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGTQu/HCEmco3SAlmT6VjoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI3MDk1NTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQ4NDFhNDZjZmU1OGJjODYxNDM4YjYzNWU5OTU5ZTExOWQ5MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39KwfTCIpmh7og/tQr+2ATJuHLkd
SOzFpl9sXsKblJGNzjiOiTjIbztSXPAwyEQKyxt72/GfNwYRHbkj3MuLsBbp9VBo
WfjWJvOoxRgCsuGZurimqNJlsYmABYAz5zhVKMjG5G4meGPt4pPTw0KalGK+9z05
6q7yWeX62aUO/yHgE/OyAU4Ad6JQYvMzgKxOn1iwrO3CsukQT/VOmn7e/ep5AaXn
sGGqTyn6zXv4MHm6ET6DeFi/QUI73ESgKSSnfg/ZT/I5C1IuNpvusBOx1qEfqy0Z
Rvqh73UomzlbN+o0gmBjlV2nIrF2MjP2yPrSGSCqESJ34udhMXH4h5R3bwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA9IQaRs/li8hhQ4tjXplZ4RnZGtMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvRDBoQnBHei1XTHlHRkRpMk5lbVZuaEdka2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLjTgAwQD
T2L4AwQBbcvGAwQFvIXgMA0GCSqGSIb3DQEBCwUAA4IBAQAeiqGLAAbw44MdazVY
a+8LrJynEtaDJtvzR60PVK3IzwUDE8lrbj25K32CAnk1Cm+h3Qlnq664v6MvrGmj
b1KSFGwXRige7wL0hXIbX3oEOJ2eCo4J11DY9I8+BvuU1BjBFXIbBWivS1tj8Puf
afhQ/4SiQxrtPAsHjjIPBIV2QLCKN9XUDceO3nNkC0jI5SxXsJlP4igOapsCvR/i
vLHoTfs7RYA6nG8xZl4z+KIBews7A2HJboIZqLlnQKitTuNYdJIYw1YLsYE4nkkW
9GwFnLVgzofZClwyVGMOsbCG63BZYkfFk7kkwgnBiUj+ckpdTP7TX2ATSWTXHG+v
QLK+
-----END CERTIFICATE-----
Generated at Sat Sep 28 13:04:56 2024 by rpki-client on console-fra.rpki-client.org