Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/sDeaKoGfn1tlid9YsAUbCjVdHDw.roa
File: sDeaKoGfn1tlid9YsAUbCjVdHDw.roa (raw, json)
Hash identifier: AHS6ipfEzAEoBd7xQmqrm4ClnfrKSsrPBhhRPCaTFsc=
Subject key identifier: B0:37:9A:2A:81:9F:9F:5B:65:89:DF:58:B0:05:1B:0A:35:5D:1C:3C
Certificate issuer: /CN=931e3c8de0add9da95cf44d89f50bfde7ae19a57
Certificate serial: 018CC500D4DC10624DEA46AFB1DDA275C554
Authority key identifier: 93:1E:3C:8D:E0:AD:D9:DA:95:CF:44:D8:9F:50:BF:DE:7A:E1:9A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kx48jeCt2dqVz0TYn1C_3nrhmlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/sDeaKoGfn1tlid9YsAUbCjVdHDw.roa
Signing time: Mon 01 Jan 2024 12:30:15 +0000
ROA not before: Mon 01 Jan 2024 12:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49983
IP address blocks: 109.71.96.0/21 maxlen: 21
185.19.168.0/22 maxlen: 22
91.212.196.0/24 maxlen: 24
2a00:17e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/kx48jeCt2dqVz0TYn1C_3nrhmlc.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/kx48jeCt2dqVz0TYn1C_3nrhmlc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kx48jeCt2dqVz0TYn1C_3nrhmlc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 18:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d4:dc:10:62:4d:ea:46:af:b1:dd:a2:75:c5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=931e3c8de0add9da95cf44d89f50bfde7ae19a57
Validity
Not Before: Jan 1 12:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0379a2a819f9f5b6589df58b0051b0a355d1c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c7:36:cb:fb:99:59:5d:19:82:f5:3e:01:f5:
03:93:8d:be:aa:c3:86:ea:9f:bf:45:f4:f6:d0:ef:
95:a9:28:9c:22:b4:4f:08:ea:bb:b3:ae:eb:42:25:
26:5a:ee:b7:0f:2d:0a:68:06:e5:a9:07:92:0d:03:
66:ae:14:e1:c1:8f:67:16:8e:e7:9f:ef:19:f2:50:
80:d6:05:fb:b3:1d:98:8a:3b:10:23:43:b5:e3:85:
5c:7f:5d:71:dc:9c:c6:39:dc:b7:a8:71:f4:26:5d:
37:bc:57:e5:bc:f6:2e:8c:b5:78:ab:48:6f:0f:3b:
f5:a1:95:91:c0:b9:d0:b3:57:10:69:ff:4a:03:db:
90:77:a0:2b:e3:a4:aa:cd:e4:91:4e:39:49:37:e7:
2d:87:8b:d7:07:a8:e2:1f:6b:36:7e:86:99:9f:7a:
9f:c3:aa:39:4f:d8:0a:ea:00:69:9a:ee:aa:3a:37:
6a:27:71:4c:af:df:69:b7:27:2d:b0:f3:a0:d8:db:
46:87:04:33:88:f5:e0:ed:77:23:a9:1f:57:73:ef:
01:8d:33:ee:a6:aa:cb:54:34:60:e0:43:78:b0:fc:
22:5c:3c:02:c9:66:1b:c8:10:38:a9:5c:7a:00:9a:
85:f0:17:16:53:0f:1a:b3:ed:df:e6:57:33:0e:f5:
ad:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:37:9A:2A:81:9F:9F:5B:65:89:DF:58:B0:05:1B:0A:35:5D:1C:3C
X509v3 Authority Key Identifier:
keyid:93:1E:3C:8D:E0:AD:D9:DA:95:CF:44:D8:9F:50:BF:DE:7A:E1:9A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kx48jeCt2dqVz0TYn1C_3nrhmlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/sDeaKoGfn1tlid9YsAUbCjVdHDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/852cfd-d592-4c2d-94cf-b9ca7555c2c5/1/kx48jeCt2dqVz0TYn1C_3nrhmlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.196.0/24
109.71.96.0/21
185.19.168.0/22
IPv6:
2a00:17e0::/32
Signature Algorithm: sha256WithRSAEncryption
51:02:fc:e3:22:28:5c:48:f7:e4:06:10:5e:aa:13:11:63:27:
57:22:a0:1a:f6:4b:8e:c6:48:71:cf:94:59:81:0f:ef:44:25:
f3:c5:a6:c4:f4:89:91:1c:ca:44:6e:5b:08:f6:2a:9c:e6:fa:
02:a0:43:57:ef:d0:cf:8f:51:d1:8d:72:2a:a4:b6:85:8f:31:
93:cc:bc:be:2f:50:bd:35:62:5b:41:a7:03:46:16:17:84:d6:
81:7c:14:83:09:20:18:c2:0c:2c:30:39:b8:86:a5:72:b4:bd:
a8:28:93:ec:15:9f:ab:1d:60:f4:37:c6:da:42:27:e2:a6:b1:
4d:67:24:42:49:78:03:58:37:66:f2:43:a2:2b:bf:9a:1a:87:
ca:68:cc:e1:c5:a7:a8:73:7a:f3:74:3f:ac:e6:35:e2:39:bd:
29:ba:4c:25:9f:b5:ec:a6:7b:9e:a5:c7:d4:14:c2:83:ca:4c:
ab:09:d4:46:c2:44:b8:2a:ff:27:f1:42:8c:8b:07:63:64:c5:
ba:3f:51:b7:39:90:fb:52:48:82:57:4b:4e:ed:61:05:cb:df:
5c:1b:65:14:0e:3d:51:3c:0f:94:2c:b7:db:08:be:8d:13:e4:
a9:26:4a:fd:f2:53:90:ae:ca:f7:1a:59:c2:55:f4:3e:d8:0a:
40:03:86:45
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFANTcEGJN6kavsd2idcVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMWUzYzhkZTBhZGQ5ZGE5NWNmNDRkODlmNTBiZmRlN2Fl
MTlhNTcwHhcNMjQwMTAxMTIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDM3OWEyYTgxOWY5ZjViNjU4OWRmNThiMDA1MWIwYTM1NWQxYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocc2y/uZWV0ZgvU+AfUDk42+qsOG
6p+/RfT20O+VqSicIrRPCOq7s67rQiUmWu63Dy0KaAblqQeSDQNmrhThwY9nFo7n
n+8Z8lCA1gX7sx2YijsQI0O144Vcf11x3JzGOdy3qHH0Jl03vFflvPYujLV4q0hv
Dzv1oZWRwLnQs1cQaf9KA9uQd6Ar46SqzeSRTjlJN+cth4vXB6jiH2s2foaZn3qf
w6o5T9gK6gBpmu6qOjdqJ3FMr99ptyctsPOg2NtGhwQziPXg7XcjqR9Xc+8BjTPu
pqrLVDRg4EN4sPwiXDwCyWYbyBA4qVx6AJqF8BcWUw8as+3f5lczDvWtKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLA3miqBn59bZYnfWLAFGwo1XRw8MB8GA1UdIwQY
MBaAFJMePI3grdnalc9E2J9Qv9564ZpXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3g0OGplQ3QyZHFWejBUWW4xQ18zbnJobWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84NTJjZmQtZDU5Mi00YzJkLTk0Y2Yt
YjljYTc1NTVjMmM1LzEvc0RlYUtvR2ZuMXRsaWQ5WXNBVWJDalZkSER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84NTJjZmQtZDU5Mi00YzJkLTk0Y2YtYjljYTc1NTVjMmM1
LzEva3g0OGplQ3QyZHFWejBUWW4xQ18zbnJobWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9TEAwQD
bUdgAwQCuROoMA0EAgACMAcDBQAqABfgMA0GCSqGSIb3DQEBCwUAA4IBAQBRAvzj
IihcSPfkBhBeqhMRYydXIqAa9kuOxkhxz5RZgQ/vRCXzxabE9ImRHMpEblsI9iqc
5voCoENX79DPj1HRjXIqpLaFjzGTzLy+L1C9NWJbQacDRhYXhNaBfBSDCSAYwgws
MDm4hqVytL2oKJPsFZ+rHWD0N8baQifiprFNZyRCSXgDWDdm8kOiK7+aGofKaMzh
xaeoc3rzdD+s5jXiOb0pukwln7XspnuepcfUFMKDykyrCdRGwkS4Kv8n8UKMiwdj
ZMW6P1G3OZD7UkiCV0tO7WEFy99cG2UUDj1RPA+ULLfbCL6NE+SpJkr98lOQrsr3
GlnCVfQ+2ApAA4ZF
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:53:16 2024 by rpki-client on console-fra.rpki-client.org