Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa
File: 1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa (raw, json)
Hash identifier: 2Yr8K8MtdTZJhGu7SbPhGdZqZrPwsFWuQSmXbpxue3Q=
Subject key identifier: FB:87:F4:01:38:FE:92:E1:65:4C:9B:89:91:2A:20:45:41:05:44:A1
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018D8DE1184E8BF1B02B09094EF3A78D7AE1
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa
Signing time: Fri 09 Feb 2024 12:39:15 +0000
ROA not before: Fri 09 Feb 2024 12:39:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24964
IP address blocks: 82.103.126.0/24 maxlen: 24
82.103.127.0/24 maxlen: 24
89.253.163.0/24 maxlen: 24
195.34.123.0/24 maxlen: 24
212.91.184.0/24 maxlen: 24
212.91.185.0/24 maxlen: 24
212.91.186.0/24 maxlen: 24
212.91.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 06:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:e1:18:4e:8b:f1:b0:2b:09:09:4e:f3:a7:8d:7a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Feb 9 12:39:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb87f40138fe92e1654c9b89912a2045410544a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:87:81:80:e5:49:cd:71:c0:b3:3d:d9:d9:
b8:f7:bc:6d:f4:36:b3:07:d9:d1:df:81:d3:db:88:
69:5a:82:d7:e9:3a:50:ba:d9:23:2e:fe:1f:8b:3d:
9b:c0:02:7c:ea:b4:83:b1:84:1f:4a:f0:87:60:a3:
ee:29:a7:20:1b:5b:d7:b1:21:77:43:73:16:1c:7e:
70:bc:4f:8c:74:1e:a8:fa:a1:ee:85:f8:79:3e:32:
c9:6c:c8:34:30:43:9f:8d:db:55:11:f8:ce:51:e1:
43:cc:9b:92:14:0d:ed:f2:25:ac:33:98:1b:6d:13:
23:f1:a8:2a:52:08:a2:d0:a5:8a:b1:6c:85:f8:56:
2d:09:4f:a6:98:4e:b2:ff:2a:52:7c:49:f2:af:24:
62:80:9b:c7:27:d2:de:34:6c:a5:fc:ff:87:3e:0c:
13:d8:78:02:15:7d:23:03:71:d5:b3:10:38:25:5f:
9e:c4:0c:66:96:ea:53:31:91:24:ba:51:1e:80:1f:
45:00:c2:e5:70:16:33:30:9d:58:02:62:f3:0f:23:
83:e0:ff:89:fa:1d:8e:56:cb:e0:dd:b5:70:f1:36:
03:c7:e5:c4:2c:c4:c7:22:84:66:34:97:50:c6:bb:
87:06:77:58:6e:df:c4:cf:85:b4:f2:5c:3e:c2:0f:
e8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:87:F4:01:38:FE:92:E1:65:4C:9B:89:91:2A:20:45:41:05:44:A1
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.103.126.0/23
89.253.163.0/24
195.34.123.0/24
212.91.184.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:38:73:38:b1:35:f1:7f:e2:35:34:27:d4:2a:18:f1:89:52:
f4:f1:b5:ea:41:b1:5b:68:6e:86:5d:0e:84:16:06:bd:56:2b:
70:fb:ca:75:a0:39:0e:cf:b3:05:23:d2:14:e2:2e:a7:eb:c9:
02:1d:54:c2:14:9c:01:ca:16:5e:14:b4:32:ca:0d:58:f7:75:
c0:f5:3c:30:b9:84:48:3e:6f:3d:76:1f:7e:55:bd:cf:24:dd:
8f:50:19:2c:9f:ce:54:66:45:00:72:08:11:f3:92:ff:1f:19:
ef:fb:6d:85:28:7c:da:37:5b:c1:56:e5:bd:39:54:c6:4f:68:
c3:64:58:37:79:75:68:e9:3c:ba:1a:f0:92:82:98:51:11:8a:
eb:69:26:af:9c:cf:89:1a:c1:8b:61:68:69:4f:78:cf:9a:bd:
8f:1d:93:b1:b3:84:cc:31:08:b5:3b:f4:25:40:a2:2d:9b:fa:
2a:c4:55:51:0d:4e:0a:97:64:9c:bc:6c:ba:27:e5:9a:87:f2:
e1:24:bb:09:d8:f7:ee:fe:2d:60:4b:f4:5f:42:9b:5a:37:49:
c5:4a:e7:f3:cf:32:c5:77:4e:07:dd:26:ac:0a:93:12:cf:b5:
eb:18:b0:d7:3b:9b:4c:70:c1:29:b1:b7:30:26:e6:4c:e4:8c:
d5:67:5f:75
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY2N4RhOi/GwKwkJTvOnjXrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMjA5MTIzOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg3ZjQwMTM4ZmU5MmUxNjU0YzliODk5MTJhMjA0NTQxMDU0NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw+HgYDlSc1xwLM92dm497xt9Daz
B9nR34HT24hpWoLX6TpQutkjLv4fiz2bwAJ86rSDsYQfSvCHYKPuKacgG1vXsSF3
Q3MWHH5wvE+MdB6o+qHuhfh5PjLJbMg0MEOfjdtVEfjOUeFDzJuSFA3t8iWsM5gb
bRMj8agqUgii0KWKsWyF+FYtCU+mmE6y/ypSfEnyryRigJvHJ9LeNGyl/P+HPgwT
2HgCFX0jA3HVsxA4JV+exAxmlupTMZEkulEegB9FAMLlcBYzMJ1YAmLzDyOD4P+J
+h2OVsvg3bVw8TYDx+XELMTHIoRmNJdQxruHBndYbt/Ez4W08lw+wg/oPQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPuH9AE4/pLhZUybiZEqIEVBBUShMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvMS00ZjBBVGota3VGbFRKdUprU29nUlVFRlJLRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQz
Ny8xL0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVJnfgME
AFn9owMEAMMiewMEAtRbuDANBgkqhkiG9w0BAQsFAAOCAQEAmzhzOLE18X/iNTQn
1CoY8YlS9PG16kGxW2huhl0OhBYGvVYrcPvKdaA5Ds+zBSPSFOIup+vJAh1UwhSc
AcoWXhS0MsoNWPd1wPU8MLmESD5vPXYfflW9zyTdj1AZLJ/OVGZFAHIIEfOS/x8Z
7/tthSh82jdbwVblvTlUxk9ow2RYN3l1aOk8uhrwkoKYURGK62kmr5zPiRrBi2Fo
aU94z5q9jx2TsbOEzDEItTv0JUCiLZv6KsRVUQ1OCpdknLxsuiflmofy4SS7Cdj3
7v4tYEv0X0KbWjdJxUrn888yxXdOB90mrAqTEs+16xiw1zubTHDBKbG3MCbmTOSM
1WdfdQ==
-----END CERTIFICATE-----
Generated at Mon May 6 12:05:03 2024 by rpki-client on console-fra.rpki-client.org