Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/exBN5RZcgUchYQrPR-x7ySRjwRA.roa
File: exBN5RZcgUchYQrPR-x7ySRjwRA.roa (raw, json)
Hash identifier: k49trRIQMMJIfd/6KAF0Tf8/CICTkLETh3ugkZq/eLg=
Subject key identifier: 7B:10:4D:E5:16:5C:81:47:21:61:0A:CF:47:EC:7B:C9:24:63:C1:10
Certificate issuer: /CN=483fb37d1fb0ccd216dadec40009561a844aa83b
Certificate serial: 019320DB67465CA4080E187C979B67FD75D5
Authority key identifier: 48:3F:B3:7D:1F:B0:CC:D2:16:DA:DE:C4:00:09:56:1A:84:4A:A8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SD-zfR-wzNIW2t7EAAlWGoRKqDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/exBN5RZcgUchYQrPR-x7ySRjwRA.roa
Signing time: Tue 12 Nov 2024 14:51:09 +0000
ROA not before: Tue 12 Nov 2024 14:51:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47625
IP address blocks: 91.206.182.0/23 maxlen: 23
188.64.184.0/23 maxlen: 23
188.64.186.0/23 maxlen: 23
188.64.188.0/23 maxlen: 23
188.64.190.0/23 maxlen: 23
195.216.196.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/SD-zfR-wzNIW2t7EAAlWGoRKqDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/SD-zfR-wzNIW2t7EAAlWGoRKqDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/SD-zfR-wzNIW2t7EAAlWGoRKqDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:db:67:46:5c:a4:08:0e:18:7c:97:9b:67:fd:75:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=483fb37d1fb0ccd216dadec40009561a844aa83b
Validity
Not Before: Nov 12 14:51:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b104de5165c814721610acf47ec7bc92463c110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b1:a1:de:a2:cf:2d:f0:b6:f9:9e:f6:cc:bc:
55:73:0d:5c:08:98:03:cc:e2:85:4d:68:5d:30:83:
b6:71:04:73:5a:8f:65:fc:0b:b6:89:11:e9:c5:79:
a6:bd:38:a8:51:c0:89:fd:3d:68:30:47:6a:60:39:
c9:30:e8:7c:f8:c2:44:5c:81:5d:fa:e9:e1:a3:4c:
df:e3:63:a8:f6:28:0b:b2:03:ab:44:8f:33:f8:de:
fc:d5:b2:0c:76:bd:b1:c5:76:fb:1a:b7:85:2d:3e:
02:87:5d:59:40:3c:f2:19:91:09:50:50:da:56:31:
72:c3:3e:82:d3:85:e5:3b:6a:4a:05:82:f3:59:b1:
36:82:6f:02:da:14:fe:31:d3:ae:ef:fa:ad:c8:f5:
65:d2:27:51:60:72:d5:7d:c3:3b:59:60:eb:8a:0a:
9e:51:54:5c:27:82:e0:08:08:80:ae:f0:02:8e:09:
9d:43:c9:0a:2b:46:cf:c6:0e:fb:41:b4:35:f1:0e:
30:c5:d0:27:8d:38:4e:c6:39:f8:64:1b:28:41:27:
49:1f:c4:54:72:80:be:f8:1d:76:51:d1:a7:d0:be:
8d:92:c7:9c:d4:14:ed:8d:57:e4:69:65:42:75:a1:
a9:2c:ee:f2:42:a7:fa:f1:5d:cf:73:22:a1:12:46:
5e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:10:4D:E5:16:5C:81:47:21:61:0A:CF:47:EC:7B:C9:24:63:C1:10
X509v3 Authority Key Identifier:
keyid:48:3F:B3:7D:1F:B0:CC:D2:16:DA:DE:C4:00:09:56:1A:84:4A:A8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SD-zfR-wzNIW2t7EAAlWGoRKqDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/exBN5RZcgUchYQrPR-x7ySRjwRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a1eb66-cc87-4a90-9c5d-ee3ca74bbb79/1/SD-zfR-wzNIW2t7EAAlWGoRKqDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.182.0/23
188.64.184.0/21
195.216.196.0/23
Signature Algorithm: sha256WithRSAEncryption
18:b5:2f:2f:5d:b4:c7:e6:72:17:66:c4:de:3b:05:ed:d5:9d:
77:22:91:ed:76:49:17:00:c5:d8:4c:2c:b3:fd:a9:89:6e:33:
ac:59:9d:76:10:bb:0f:27:64:cf:84:8c:34:07:72:19:5e:10:
3a:31:43:e1:a1:26:0f:31:fe:71:d3:52:4d:1c:e6:f1:c5:01:
47:29:70:7a:52:aa:5a:01:36:ca:42:e9:ba:82:10:7b:5b:59:
ba:b5:81:33:96:4b:dc:9c:43:63:31:e9:7a:9f:76:e8:fa:10:
5e:d2:82:fe:9a:7d:14:79:f8:8c:2d:08:bc:de:d8:70:ed:24:
e9:d9:cf:fa:f3:46:8a:b0:87:a1:e7:72:ef:bd:07:98:b2:e1:
29:21:45:47:1e:09:1e:60:0d:0d:be:bc:c8:07:fe:ff:f6:ff:
e6:e2:a6:80:fc:94:6a:27:64:27:0a:3e:e3:01:45:b1:93:8a:
ff:c9:e8:4c:ae:42:29:0c:46:dc:ba:be:e5:f8:df:06:a4:de:
e5:32:c0:3c:6c:70:33:65:e8:d6:c4:6b:c7:81:d0:2c:a5:b3:
43:a1:a1:9d:b3:55:45:22:8f:46:3a:30:4e:b2:ad:c3:c3:4b:
a9:0b:f8:9b:d9:bb:e9:a7:35:91:1e:9e:40:97:a0:77:b3:7a:
7c:a3:79:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMg22dGXKQIDhh8l5tn/XXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4M2ZiMzdkMWZiMGNjZDIxNmRhZGVjNDAwMDk1NjFhODQ0
YWE4M2IwHhcNMjQxMTEyMTQ1MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjEwNGRlNTE2NWM4MTQ3MjE2MTBhY2Y0N2VjN2JjOTI0NjNjMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77Gh3qLPLfC2+Z72zLxVcw1cCJgD
zOKFTWhdMIO2cQRzWo9l/Au2iRHpxXmmvTioUcCJ/T1oMEdqYDnJMOh8+MJEXIFd
+unho0zf42Oo9igLsgOrRI8z+N781bIMdr2xxXb7GreFLT4Ch11ZQDzyGZEJUFDa
VjFywz6C04XlO2pKBYLzWbE2gm8C2hT+MdOu7/qtyPVl0idRYHLVfcM7WWDrigqe
UVRcJ4LgCAiArvACjgmdQ8kKK0bPxg77QbQ18Q4wxdAnjThOxjn4ZBsoQSdJH8RU
coC++B12UdGn0L6Nksec1BTtjVfkaWVCdaGpLO7yQqf68V3PcyKhEkZeCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHsQTeUWXIFHIWEKz0fse8kkY8EQMB8GA1UdIwQY
MBaAFEg/s30fsMzSFtrexAAJVhqESqg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0QtemZSLXd6TklXMnQ3RUFBbFdHb1JLcURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMWViNjYtY2M4Ny00YTkwLTljNWQt
ZWUzY2E3NGJiYjc5LzEvZXhCTjVSWmNnVWNoWVFyUFIteDd5U1Jqd1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMWViNjYtY2M4Ny00YTkwLTljNWQtZWUzY2E3NGJiYjc5
LzEvU0QtemZSLXd6TklXMnQ3RUFBbFdHb1JLcURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW862AwQD
vEC4AwQBw9jEMA0GCSqGSIb3DQEBCwUAA4IBAQAYtS8vXbTH5nIXZsTeOwXt1Z13
IpHtdkkXAMXYTCyz/amJbjOsWZ12ELsPJ2TPhIw0B3IZXhA6MUPhoSYPMf5x01JN
HObxxQFHKXB6UqpaATbKQum6ghB7W1m6tYEzlkvcnENjMel6n3bo+hBe0oL+mn0U
efiMLQi83thw7STp2c/680aKsIeh53LvvQeYsuEpIUVHHgkeYA0NvrzIB/7/9v/m
4qaA/JRqJ2QnCj7jAUWxk4r/yehMrkIpDEbcur7l+N8GpN7lMsA8bHAzZejWxGvH
gdAspbNDoaGds1VFIo9GOjBOsq3Dw0upC/ib2bvppzWRHp5Al6B3s3p8o3l7
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:33:59 2024 by rpki-client on console-ams.rpki-client.org