Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/53ZaxLsRIiEzv9Hw7VjvtE-IIgc.roa
File: 53ZaxLsRIiEzv9Hw7VjvtE-IIgc.roa (raw, json)
Hash identifier: wYHPXTY/tLsUNlMkH+E6dFEiDiIXXnknwUPetUHFymU=
Subject key identifier: E7:76:5A:C4:BB:11:22:21:33:BF:D1:F0:ED:58:EF:B4:4F:88:22:07
Certificate issuer: /CN=a4338168cd9d5af0604013fc4274126fc581f3cb
Certificate serial: 018CC56E263B87E0EED533AF84DC82F34C66
Authority key identifier: A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/53ZaxLsRIiEzv9Hw7VjvtE-IIgc.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34927
IP address blocks: 194.76.231.0/24 maxlen: 24
185.44.82.0/24 maxlen: 24
185.44.83.0/24 maxlen: 24
2a12:f340::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:26:3b:87:e0:ee:d5:33:af:84:dc:82:f3:4c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4338168cd9d5af0604013fc4274126fc581f3cb
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7765ac4bb11222133bfd1f0ed58efb44f882207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:4c:94:bf:e8:75:69:26:54:d4:a3:5c:fb:
25:59:6e:98:42:58:98:6e:20:f1:fa:f8:7c:f6:a9:
41:9f:3c:d9:7d:45:80:90:57:bd:01:3c:be:f1:3c:
ef:c1:56:46:68:6c:d4:2e:0b:69:4b:3c:86:ef:5b:
e8:dd:96:82:73:64:b9:ce:b2:35:ba:71:be:4c:46:
b1:21:67:9d:10:f9:be:11:87:3b:c4:17:c5:d5:2d:
c4:4f:97:98:4b:de:10:ce:a2:e3:be:0a:32:bc:2e:
06:01:75:27:90:9b:5d:90:aa:c0:8f:a0:c1:0f:87:
df:62:cb:ab:00:fb:92:8e:d5:e1:64:95:68:0f:d0:
a6:78:1f:30:c0:37:30:69:9a:bf:cf:f3:49:ff:cb:
dc:0b:39:f0:64:7e:74:d4:35:87:00:df:d7:37:22:
b1:b7:33:1b:72:bc:2c:66:08:7f:df:56:6d:cd:39:
75:07:ac:76:e9:cf:db:2b:7e:d0:68:df:a9:f4:14:
fd:9f:23:99:14:c3:13:fc:24:22:5b:95:52:25:d1:
b3:90:b2:5a:16:33:86:a1:69:d4:b5:49:85:4f:3f:
43:60:7b:d8:15:31:90:70:39:af:89:16:5e:fa:f9:
b4:c8:a6:20:37:92:89:5a:cc:6a:37:ff:d5:33:39:
2d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:76:5A:C4:BB:11:22:21:33:BF:D1:F0:ED:58:EF:B4:4F:88:22:07
X509v3 Authority Key Identifier:
keyid:A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/53ZaxLsRIiEzv9Hw7VjvtE-IIgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.82.0/23
194.76.231.0/24
IPv6:
2a12:f340::/48
Signature Algorithm: sha256WithRSAEncryption
29:11:50:8b:be:08:c7:34:c8:19:84:52:40:37:83:6c:82:57:
69:0e:74:f4:4a:99:19:e9:e6:fb:cb:50:6b:17:84:e2:04:b8:
0c:0c:ed:7f:b4:41:45:e7:f2:37:ea:7f:e4:1c:cb:22:df:44:
4e:23:6a:b2:c5:a6:cf:b6:31:81:91:b0:6f:53:81:a3:b6:73:
f7:8f:08:b3:3f:b8:b3:3b:a3:8d:78:5c:18:4f:98:c9:61:43:
ef:ac:73:59:18:da:ae:b6:b7:bb:8a:e5:cc:25:b1:e8:75:a6:
d6:ee:5a:e3:eb:c8:d1:6a:ba:be:37:bc:64:5a:11:a7:a4:ca:
3b:32:b8:99:70:24:d6:da:f8:ea:72:e0:5e:dd:b3:0f:41:b1:
fe:47:23:a3:56:7b:9c:9f:b0:a4:f9:53:6b:6f:bb:49:9a:83:
ef:96:64:d7:96:fb:95:71:1a:27:d4:c7:d9:50:0e:6a:9f:65:
39:2e:55:b0:c7:b4:b1:64:bb:47:ba:14:78:de:60:c4:5b:98:
86:57:ba:46:1f:09:1b:ec:a8:67:bb:d8:a4:2d:3f:26:65:e5:
15:15:18:5b:ac:a4:1a:6a:2a:54:74:c1:fb:20:84:89:fa:9c:
4e:1e:cf:a1:73:b8:02:0f:0b:f8:c3:1f:94:30:f6:72:43:7a:
b1:85:55:a8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbiY7h+Du1TOvhNyC80xmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzM4MTY4Y2Q5ZDVhZjA2MDQwMTNmYzQyNzQxMjZmYzU4
MWYzY2IwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzc2NWFjNGJiMTEyMjIxMzNiZmQxZjBlZDU4ZWZiNDRmODgyMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDRMlL/odWkmVNSjXPslWW6YQliY
biDx+vh89qlBnzzZfUWAkFe9ATy+8TzvwVZGaGzULgtpSzyG71vo3ZaCc2S5zrI1
unG+TEaxIWedEPm+EYc7xBfF1S3ET5eYS94QzqLjvgoyvC4GAXUnkJtdkKrAj6DB
D4ffYsurAPuSjtXhZJVoD9CmeB8wwDcwaZq/z/NJ/8vcCznwZH501DWHAN/XNyKx
tzMbcrwsZgh/31ZtzTl1B6x26c/bK37QaN+p9BT9nyOZFMMT/CQiW5VSJdGzkLJa
FjOGoWnUtUmFTz9DYHvYFTGQcDmviRZe+vm0yKYgN5KJWsxqN//VMzktewIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOd2WsS7ESIhM7/R8O1Y77RPiCIHMB8GA1UdIwQY
MBaAFKQzgWjNnVrwYEAT/EJ0Em/FgfPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERPQmFNMmRXdkJnUUJQOFFuUVNiOFdCODhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xNzZmN2QtNmYwZi00NWU1LTk3ZjIt
YzlkYjk4MWEyYTJmLzEvNTNaYXhMc1JJaUV6djlIdzdWanZ0RS1JSWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xNzZmN2QtNmYwZi00NWU1LTk3ZjItYzlkYjk4MWEyYTJm
LzEvcERPQmFNMmRXdkJnUUJQOFFuUVNiOFdCODhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuSxSAwQA
wkznMA8EAgACMAkDBwAqEvNAAAAwDQYJKoZIhvcNAQELBQADggEBACkRUIu+CMc0
yBmEUkA3g2yCV2kOdPRKmRnp5vvLUGsXhOIEuAwM7X+0QUXn8jfqf+QcyyLfRE4j
arLFps+2MYGRsG9TgaO2c/ePCLM/uLM7o414XBhPmMlhQ++sc1kY2q62t7uK5cwl
seh1ptbuWuPryNFqur43vGRaEaekyjsyuJlwJNba+Opy4F7dsw9Bsf5HI6NWe5yf
sKT5U2tvu0mag++WZNeW+5VxGifUx9lQDmqfZTkuVbDHtLFku0e6FHjeYMRbmIZX
ukYfCRvsqGe72KQtPyZl5RUVGFuspBpqKlR0wfsghIn6nE4ez6FzuAIPC/jDH5Qw
9nJDerGFVag=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:43:03 2024 by rpki-client on console-ams.rpki-client.org