Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e4cBqD7tDHXbPvaInq3z3egvemk.roa
File: e4cBqD7tDHXbPvaInq3z3egvemk.roa (raw, json)
Hash identifier: +xARK/vErIj43vgb2APNxdWJWa4L+poOlVsbsqXtZBY=
Subject key identifier: 7B:87:01:A8:3E:ED:0C:75:DB:3E:F6:88:9E:AD:F3:DD:E8:2F:7A:69
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01924BA443F76DADCA7D35B366B2F5D9EC0A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e4cBqD7tDHXbPvaInq3z3egvemk.roa
Signing time: Wed 02 Oct 2024 05:11:49 +0000
ROA not before: Wed 02 Oct 2024 05:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205138
IP address blocks: 147.78.103.0/24 maxlen: 24
193.37.45.0/24 maxlen: 24
2a00:1728:38::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4b:a4:43:f7:6d:ad:ca:7d:35:b3:66:b2:f5:d9:ec:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 2 05:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b8701a83eed0c75db3ef6889eadf3dde82f7a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ed:96:91:68:97:e5:03:37:21:b1:98:16:bc:
13:ff:46:b3:6b:ac:02:26:44:3b:28:2a:6b:cf:3f:
dc:cd:cd:ee:f5:7e:3b:5d:eb:90:57:25:b9:9d:b9:
63:31:7d:ee:3c:5f:86:9e:ce:7a:17:1e:fc:ed:7f:
83:72:d4:01:44:ae:f8:ed:ac:48:cd:72:0b:21:c8:
00:b8:64:06:1d:35:be:13:89:78:fb:3f:ad:b0:6e:
e8:86:5d:d3:f0:2b:dd:c6:8d:ae:3f:6f:f1:9a:83:
b4:af:b1:be:96:31:4d:52:ff:f6:19:5b:48:7a:8c:
1f:43:5c:a9:bd:87:52:d8:24:88:3d:68:8d:0f:9d:
b2:fa:a8:c6:73:4e:9c:eb:d4:1e:8e:2b:22:49:a9:
98:50:72:96:52:43:89:62:c0:aa:09:42:3a:19:e6:
35:77:0c:34:8c:05:e4:0c:b2:96:fc:2b:5d:8b:ca:
26:58:80:e8:e5:79:7a:73:aa:f9:89:1c:b2:1d:06:
dc:fc:79:bc:01:f1:8a:13:16:f0:a6:f1:b9:4c:01:
8f:3c:9a:b2:a7:e7:58:ee:a6:d2:2d:75:60:c2:8a:
45:da:20:7a:2f:5a:95:28:c3:26:d2:05:c5:1d:ef:
4a:89:01:9b:4d:92:07:c6:d5:37:94:6b:eb:62:fa:
90:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:87:01:A8:3E:ED:0C:75:DB:3E:F6:88:9E:AD:F3:DD:E8:2F:7A:69
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e4cBqD7tDHXbPvaInq3z3egvemk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.103.0/24
193.37.45.0/24
IPv6:
2a00:1728:38::/48
Signature Algorithm: sha256WithRSAEncryption
78:ef:50:dc:bb:fc:d7:1b:7e:87:3e:45:f3:54:27:c1:dd:e2:
ff:e0:18:94:6f:b0:e1:37:04:35:33:54:bb:b6:42:21:69:5a:
9c:cc:af:97:e5:ee:1b:8b:4a:5e:e3:e0:2d:63:6c:6d:fe:ac:
c1:c1:5f:d7:33:be:35:e2:a4:07:2a:a4:2b:ae:93:f2:71:a6:
c7:6d:f7:61:59:13:61:a7:30:b8:04:d7:dd:c0:aa:eb:40:b5:
24:2f:fb:6d:0e:e9:d4:70:00:60:e3:13:2d:16:8b:93:7c:fd:
04:03:8f:8b:39:5e:2a:62:10:ee:49:dd:ee:82:b2:f7:21:19:
84:35:68:2b:a5:b0:80:d5:d4:72:d1:15:05:55:45:b4:ac:a8:
81:dd:4d:61:7f:4c:e8:7f:c9:7b:b3:8f:32:10:09:12:05:2a:
34:0b:56:60:a0:3f:da:74:00:e1:ad:47:d3:d6:16:f2:0c:0a:
2e:c0:d6:93:df:ef:bc:41:6a:1f:df:35:13:1e:7d:38:5c:6a:
5b:0a:43:0e:ed:1f:dc:0a:26:30:04:9b:55:58:0e:8a:a9:04:
fe:60:66:51:f1:f0:19:d2:60:a5:d8:7c:b6:a4:f7:42:fb:1f:
1a:26:be:11:fb:65:db:bf:11:ce:1f:11:d1:10:81:0c:a3:36:
36:db:87:7b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZJLpEP3ba3KfTWzZrL12ewKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDAyMDUxMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjg3MDFhODNlZWQwYzc1ZGIzZWY2ODg5ZWFkZjNkZGU4MmY3YTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+2WkWiX5QM3IbGYFrwT/0aza6wC
JkQ7KCprzz/czc3u9X47XeuQVyW5nbljMX3uPF+Gns56Fx787X+DctQBRK747axI
zXILIcgAuGQGHTW+E4l4+z+tsG7ohl3T8Cvdxo2uP2/xmoO0r7G+ljFNUv/2GVtI
eowfQ1ypvYdS2CSIPWiND52y+qjGc06c69QejisiSamYUHKWUkOJYsCqCUI6GeY1
dww0jAXkDLKW/Ctdi8omWIDo5Xl6c6r5iRyyHQbc/Hm8AfGKExbwpvG5TAGPPJqy
p+dY7qbSLXVgwopF2iB6L1qVKMMm0gXFHe9KiQGbTZIHxtU3lGvrYvqQnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHuHAag+7Qx12z72iJ6t893oL3ppMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZTRjQnFEN3RESFhiUHZhSW5xM3ozZWd2ZW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAk05nAwQA
wSUtMA8EAgACMAkDBwAqABcoADgwDQYJKoZIhvcNAQELBQADggEBAHjvUNy7/Ncb
foc+RfNUJ8Hd4v/gGJRvsOE3BDUzVLu2QiFpWpzMr5fl7huLSl7j4C1jbG3+rMHB
X9czvjXipAcqpCuuk/Jxpsdt92FZE2GnMLgE193AqutAtSQv+20O6dRwAGDjEy0W
i5N8/QQDj4s5XipiEO5J3e6CsvchGYQ1aCulsIDV1HLRFQVVRbSsqIHdTWF/TOh/
yXuzjzIQCRIFKjQLVmCgP9p0AOGtR9PWFvIMCi7A1pPf77xBah/fNRMefThcalsK
Qw7tH9wKJjAEm1VYDoqpBP5gZlHx8BnSYKXYfLak90L7HxomvhH7Zdu/Ec4fEdEQ
gQyjNjbbh3s=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:58 2024 by rpki-client on console-ams.rpki-client.org