Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/g47iM6S-Z3e03TtahpaY_BKgPP4.roa
File: g47iM6S-Z3e03TtahpaY_BKgPP4.roa (raw, json)
Hash identifier: nG82k34andYMlKFiWLmKSMeIQ6wojgyrn8sbYBcGIp0=
Subject key identifier: 83:8E:E2:33:A4:BE:67:77:B4:DD:3B:5A:86:96:98:FC:12:A0:3C:FE
Certificate issuer: /CN=d425900312ff3bda4d2f896f64df65646fd9c251
Certificate serial: 018CC5DC167E008FCB763802D50FFF1FC186
Authority key identifier: D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/g47iM6S-Z3e03TtahpaY_BKgPP4.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25376
IP address blocks: 82.148.224.0/19 maxlen: 24
185.12.232.0/22 maxlen: 24
2a02:f0a0::/30 maxlen: 32
2a00:1b98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:16:7e:00:8f:cb:76:38:02:d5:0f:ff:1f:c1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d425900312ff3bda4d2f896f64df65646fd9c251
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=838ee233a4be6777b4dd3b5a869698fc12a03cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:36:90:7a:05:99:54:33:01:9b:85:20:fa:fc:
87:16:ca:5c:08:61:5c:36:2b:ee:84:77:47:08:6b:
16:c7:9e:d1:bd:98:56:e2:e5:59:90:25:ac:67:29:
9b:97:c3:df:81:4e:d5:f7:87:27:94:ff:d5:fc:92:
df:01:9d:98:79:ce:33:74:42:e4:6b:7a:43:b8:ca:
80:35:e0:7e:ba:1c:1b:e6:7d:c2:4f:69:ef:e1:52:
f5:a9:06:be:66:fe:6a:0d:59:3b:08:a1:e2:4c:93:
da:96:b8:7b:a3:d2:08:98:9a:a1:84:46:43:8d:b9:
77:2e:ad:8f:84:ea:7b:f6:0d:18:76:05:61:ef:19:
d1:67:e5:30:16:63:92:b8:64:42:73:66:17:5b:57:
6c:64:04:f8:ae:6c:ef:9b:84:07:17:51:91:70:af:
6e:23:80:b2:e3:b7:8a:f2:c9:88:7a:78:bd:da:52:
2d:3d:17:80:1c:85:a0:45:2b:c7:86:14:39:8a:cc:
e4:aa:33:c0:b0:1e:c4:b6:d8:44:47:91:38:3e:4b:
f4:c8:83:cc:66:8e:4c:a7:9d:85:a5:a2:2b:39:4b:
78:33:cb:6f:8a:26:bc:b2:83:2d:2c:8b:be:57:11:
8d:e0:07:ab:f5:5d:10:1a:14:16:d5:47:0b:8f:4a:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8E:E2:33:A4:BE:67:77:B4:DD:3B:5A:86:96:98:FC:12:A0:3C:FE
X509v3 Authority Key Identifier:
keyid:D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/g47iM6S-Z3e03TtahpaY_BKgPP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.224.0/19
185.12.232.0/22
IPv6:
2a00:1b98::/32
2a02:f0a0::/30
Signature Algorithm: sha256WithRSAEncryption
1f:0e:5f:53:0e:c5:a9:3f:f8:82:0d:65:46:a2:8f:59:d8:c1:
11:05:bf:13:08:27:59:a8:13:f2:5f:62:e5:92:e6:c2:a6:06:
97:0a:e7:8f:4b:aa:85:46:17:59:83:d4:b9:77:09:01:f6:8f:
b5:22:10:87:91:b7:41:f0:21:a3:93:38:68:f0:68:08:e3:26:
1e:b2:55:9f:77:77:c7:26:76:94:be:03:a8:37:28:5e:e4:2f:
12:74:bd:fd:b2:a5:10:50:d2:fe:5e:6b:6f:a8:9f:47:23:81:
aa:f3:b3:23:49:75:fc:19:d8:19:af:70:7d:eb:fb:af:5e:51:
cd:49:38:28:e6:a7:89:8d:80:87:db:a0:46:0e:f2:94:27:1e:
43:6e:2c:99:97:c6:19:23:05:2d:ad:a0:ec:b3:4b:d3:48:bf:
f6:d4:56:bb:10:35:a0:8a:21:ae:7b:15:a1:56:66:ba:4d:4e:
42:b9:2a:12:f5:83:61:83:2f:f1:cb:79:7e:62:22:97:90:52:
67:75:a8:67:e0:60:a7:a0:01:b5:67:ba:ea:ec:cd:7f:f0:a4:
a8:8e:69:37:3e:40:40:11:6f:68:0a:a6:fa:8d:45:eb:84:02:
1e:c8:3b:0a:95:a0:b7:93:84:31:6c:e4:7e:76:d5:d5:3e:01:
7d:54:0d:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF3BZ+AI/LdjgC1Q//H8GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjU5MDAzMTJmZjNiZGE0ZDJmODk2ZjY0ZGY2NTY0NmZk
OWMyNTEwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhlZTIzM2E0YmU2Nzc3YjRkZDNiNWE4Njk2OThmYzEyYTAzY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDaQegWZVDMBm4Ug+vyHFspcCGFc
NivuhHdHCGsWx57RvZhW4uVZkCWsZymbl8PfgU7V94cnlP/V/JLfAZ2Yec4zdELk
a3pDuMqANeB+uhwb5n3CT2nv4VL1qQa+Zv5qDVk7CKHiTJPalrh7o9IImJqhhEZD
jbl3Lq2PhOp79g0YdgVh7xnRZ+UwFmOSuGRCc2YXW1dsZAT4rmzvm4QHF1GRcK9u
I4Cy47eK8smIeni92lItPReAHIWgRSvHhhQ5iszkqjPAsB7EtthER5E4Pkv0yIPM
Zo5Mp52FpaIrOUt4M8tviia8soMtLIu+VxGN4Aer9V0QGhQW1UcLj0quSwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIOO4jOkvmd3tN07WoaWmPwSoDz+MB8GA1UdIwQY
MBaAFNQlkAMS/zvaTS+Jb2TfZWRv2cJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMt
Njc2YjQyODkyNWFiLzEvZzQ3aU02Uy1aM2UwM1R0YWhwYVlfQktnUFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMtNjc2YjQyODkyNWFi
LzEvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFUpTgAwQC
uQzoMBQEAgACMA4DBQAqABuYAwUCKgLwoDANBgkqhkiG9w0BAQsFAAOCAQEAHw5f
Uw7FqT/4gg1lRqKPWdjBEQW/EwgnWagT8l9i5ZLmwqYGlwrnj0uqhUYXWYPUuXcJ
AfaPtSIQh5G3QfAho5M4aPBoCOMmHrJVn3d3xyZ2lL4DqDcoXuQvEnS9/bKlEFDS
/l5rb6ifRyOBqvOzI0l1/BnYGa9wfev7r15RzUk4KOaniY2Ah9ugRg7ylCceQ24s
mZfGGSMFLa2g7LNL00i/9tRWuxA1oIohrnsVoVZmuk1OQrkqEvWDYYMv8ct5fmIi
l5BSZ3WoZ+Bgp6ABtWe66uzNf/CkqI5pNz5AQBFvaAqm+o1F64QCHsg7CpWgt5OE
MWzkfnbV1T4BfVQNoQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:04 2024 by rpki-client on console-fra.rpki-client.org