Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/51d999-df6c-47e8-8c35-5a60131004e8/1/49vZjt9to8d_kYio_eGKS-9rzt8.roa
File: 49vZjt9to8d_kYio_eGKS-9rzt8.roa (raw, json)
Hash identifier: jGu27rvELLvJqb5DCXtWP9u5oEyobii4Lo+Y6iPvsjw=
Subject key identifier: E3:DB:D9:8E:DF:6D:A3:C7:7F:91:88:A8:FD:E1:8A:4B:EF:6B:CE:DF
Certificate issuer: /CN=158962bc5da2712f208fc8b15ebdc246af4cbecf
Certificate serial: 0192BF5E3CC2921B1B5D755D3AFF93BDF92C
Authority key identifier: 15:89:62:BC:5D:A2:71:2F:20:8F:C8:B1:5E:BD:C2:46:AF:4C:BE:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FYlivF2icS8gj8ixXr3CRq9Mvs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/51d999-df6c-47e8-8c35-5a60131004e8/1/49vZjt9to8d_kYio_eGKS-9rzt8.roa
Signing time: Thu 24 Oct 2024 16:31:17 +0000
ROA not before: Thu 24 Oct 2024 16:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203969
IP address blocks: 185.110.152.0/22 maxlen: 22
185.110.154.0/24 maxlen: 24
185.110.155.0/24 maxlen: 24
2a06:5880:dd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/51d999-df6c-47e8-8c35-5a60131004e8/1/FYlivF2icS8gj8ixXr3CRq9Mvs8.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/51d999-df6c-47e8-8c35-5a60131004e8/1/FYlivF2icS8gj8ixXr3CRq9Mvs8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FYlivF2icS8gj8ixXr3CRq9Mvs8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:5e:3c:c2:92:1b:1b:5d:75:5d:3a:ff:93:bd:f9:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=158962bc5da2712f208fc8b15ebdc246af4cbecf
Validity
Not Before: Oct 24 16:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3dbd98edf6da3c77f9188a8fde18a4bef6bcedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d6:72:db:49:74:f1:43:85:59:fd:2d:97:44:
d5:13:a7:ed:28:cc:ac:1e:55:c8:bc:0e:b9:2a:02:
76:4e:22:35:b9:f1:53:ba:4d:73:74:bb:42:32:7b:
11:ef:ef:39:c7:d1:ed:59:5e:1b:2e:05:e8:03:09:
21:ec:86:78:4a:27:3e:38:c1:11:92:ed:96:2f:c5:
c3:21:86:68:5e:69:af:e9:7e:9a:99:c4:36:ae:0d:
47:c5:e8:96:03:06:fb:9f:3e:ff:cc:c7:f3:18:cd:
dd:ad:86:09:39:00:bb:e8:5f:2d:30:c2:46:24:07:
4c:84:b8:00:1a:13:7a:c1:e4:a6:64:29:93:8f:76:
1e:c0:a9:2a:28:d8:e6:94:7c:a5:f3:77:9b:4a:c6:
ce:2b:dc:e1:d8:d2:7f:2c:12:a7:0f:f2:59:c6:93:
4c:41:85:9a:7a:9f:27:14:8d:bf:b5:d7:59:a5:f3:
a6:e5:de:ea:dd:f3:65:7d:73:05:ec:4b:44:02:2d:
f5:da:04:4d:a3:64:c7:66:3c:ac:d0:7a:0d:8f:41:
0e:c2:29:02:a2:d6:3b:5e:72:6c:f2:3a:a3:31:4a:
14:da:4b:ba:74:51:dc:fd:73:a0:eb:9e:25:d7:02:
5b:69:c8:e3:96:1d:1f:d3:df:c8:9f:3b:58:82:46:
0b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DB:D9:8E:DF:6D:A3:C7:7F:91:88:A8:FD:E1:8A:4B:EF:6B:CE:DF
X509v3 Authority Key Identifier:
keyid:15:89:62:BC:5D:A2:71:2F:20:8F:C8:B1:5E:BD:C2:46:AF:4C:BE:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYlivF2icS8gj8ixXr3CRq9Mvs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/51d999-df6c-47e8-8c35-5a60131004e8/1/49vZjt9to8d_kYio_eGKS-9rzt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/51d999-df6c-47e8-8c35-5a60131004e8/1/FYlivF2icS8gj8ixXr3CRq9Mvs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.152.0/22
IPv6:
2a06:5880:dd::/48
Signature Algorithm: sha256WithRSAEncryption
86:63:d7:3b:22:85:cd:6e:a6:5b:4c:15:91:44:cb:f4:a7:32:
b2:1d:49:9b:1c:02:c4:7e:56:52:ec:e0:b1:1e:6b:ad:32:a6:
51:0e:ea:1d:82:cd:e5:a7:97:ca:01:0f:76:62:8c:1a:7d:94:
8a:fd:27:97:be:98:db:a8:a5:cf:19:71:fa:10:df:c4:ab:03:
af:43:b7:9b:ca:9f:2e:7a:f1:b0:49:35:87:60:dd:b8:61:16:
c6:95:db:22:f6:92:dc:6b:51:20:2a:30:47:9e:8b:23:aa:4c:
5a:37:1c:64:f8:e3:d7:cc:57:90:c5:41:1a:c1:27:2d:93:98:
d9:51:1f:df:03:af:81:52:57:34:e8:c9:c4:42:b1:4d:84:a6:
6f:3e:94:a1:7f:95:73:c5:9c:8e:fb:e5:c9:c4:15:aa:3f:c1:
6b:2c:8b:98:03:5b:3b:c9:ad:ed:ef:1e:76:e8:06:29:d7:6b:
6f:2f:3b:4e:30:22:b6:a8:b9:b1:5d:81:46:d9:da:61:36:a9:
f4:48:71:cc:bf:d7:97:8c:a6:65:13:92:0b:af:23:d6:7b:22:
c0:d1:23:95:49:d0:27:25:c2:ee:fc:1d:d6:6a:a3:2c:87:8f:
c8:35:79:3e:e8:a7:7b:2d:49:e4:35:9a:57:db:8d:87:7d:05:
bd:2d:32:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZK/XjzCkhsbXXVdOv+TvfksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODk2MmJjNWRhMjcxMmYyMDhmYzhiMTVlYmRjMjQ2YWY0
Y2JlY2YwHhcNMjQxMDI0MTYzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RiZDk4ZWRmNmRhM2M3N2Y5MTg4YThmZGUxOGE0YmVmNmJjZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dZy20l08UOFWf0tl0TVE6ftKMys
HlXIvA65KgJ2TiI1ufFTuk1zdLtCMnsR7+85x9HtWV4bLgXoAwkh7IZ4Sic+OMER
ku2WL8XDIYZoXmmv6X6amcQ2rg1HxeiWAwb7nz7/zMfzGM3drYYJOQC76F8tMMJG
JAdMhLgAGhN6weSmZCmTj3YewKkqKNjmlHyl83ebSsbOK9zh2NJ/LBKnD/JZxpNM
QYWaep8nFI2/tddZpfOm5d7q3fNlfXMF7EtEAi312gRNo2THZjys0HoNj0EOwikC
otY7XnJs8jqjMUoU2ku6dFHc/XOg654l1wJbacjjlh0f09/InztYgkYL5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPb2Y7fbaPHf5GIqP3hikvva87fMB8GA1UdIwQY
MBaAFBWJYrxdonEvII/IsV69wkavTL7PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllsaXZGMmljUzhnajhpeFhyM0NScTlNdnM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81MWQ5OTktZGY2Yy00N2U4LThjMzUt
NWE2MDEzMTAwNGU4LzEvNDl2Wmp0OXRvOGRfa1lpb19lR0tTLTlyenQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81MWQ5OTktZGY2Yy00N2U4LThjMzUtNWE2MDEzMTAwNGU4
LzEvRllsaXZGMmljUzhnajhpeFhyM0NScTlNdnM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuW6YMA8E
AgACMAkDBwAqBliAAN0wDQYJKoZIhvcNAQELBQADggEBAIZj1zsihc1upltMFZFE
y/SnMrIdSZscAsR+VlLs4LEea60yplEO6h2CzeWnl8oBD3ZijBp9lIr9J5e+mNuo
pc8ZcfoQ38SrA69Dt5vKny568bBJNYdg3bhhFsaV2yL2ktxrUSAqMEeeiyOqTFo3
HGT449fMV5DFQRrBJy2TmNlRH98Dr4FSVzToycRCsU2Epm8+lKF/lXPFnI775cnE
Fao/wWssi5gDWzvJre3vHnboBinXa28vO04wIraoubFdgUbZ2mE2qfRIccy/15eM
pmUTkguvI9Z7IsDRI5VJ0Cclwu78HdZqoyyHj8g1eT7op3stSeQ1mlfbjYd9Bb0t
MgI=
-----END CERTIFICATE-----
Generated at Fri Dec 27 20:29:33 2024 by rpki-client on console-fra.rpki-client.org