Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/exMRT48XZgqYoUE4Xdkgw069dnw.roa
File: exMRT48XZgqYoUE4Xdkgw069dnw.roa (raw, json)
Hash identifier: NOCYQirbexj7msPUMb0IlsLvdjm3hnf9HuTqTA8jicU=
Subject key identifier: 7B:13:11:4F:8F:17:66:0A:98:A1:41:38:5D:D9:20:C3:4E:BD:76:7C
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 018CC424BE900C626467B6771AE31A4741E0
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/exMRT48XZgqYoUE4Xdkgw069dnw.roa
Signing time: Mon 01 Jan 2024 08:29:51 +0000
ROA not before: Mon 01 Jan 2024 08:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50012
IP address blocks: 31.129.232.0/24 maxlen: 24
31.129.233.0/24 maxlen: 24
31.129.235.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
31.129.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:be:90:0c:62:64:67:b6:77:1a:e3:1a:47:41:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 1 08:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b13114f8f17660a98a141385dd920c34ebd767c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:e8:a2:d4:6e:26:81:86:ab:40:e0:13:33:
ba:af:73:c1:ff:86:ed:43:7a:86:a4:d9:71:12:4c:
24:4b:ed:7a:79:ae:53:4d:5f:7b:fa:a8:f5:d5:f3:
01:24:dc:59:07:fa:fe:2a:9d:1b:9e:44:35:44:b7:
17:36:0b:4d:23:0e:30:c5:98:ff:e4:60:b7:07:cd:
02:e7:bd:64:64:30:b6:23:9b:ad:d7:f2:9f:25:0b:
fb:6a:80:bf:09:62:34:95:ac:a2:89:6d:da:ee:ca:
77:be:dd:14:d1:42:5b:47:58:48:24:f4:24:f0:2f:
05:c2:15:c3:83:7d:ec:d7:f0:c8:69:be:24:b6:bb:
31:ea:ee:81:af:ff:6c:95:a8:d3:5e:cc:27:d1:7b:
06:dc:30:7c:4b:b1:ac:59:4c:4a:18:d4:7d:13:6e:
46:2f:0c:f0:52:27:fa:d1:1a:0d:a8:e2:26:63:ae:
2c:c5:22:06:80:7c:f8:fe:31:a4:4c:85:7a:85:c0:
a9:78:da:dd:1b:31:56:c2:cd:d8:8c:f7:2e:3a:36:
7f:97:df:26:ce:16:a7:95:73:9f:92:22:cd:04:2a:
38:f6:7f:7c:16:68:cc:47:68:c1:fc:a8:b9:a7:c4:
0f:81:38:d1:d0:a6:57:29:ad:04:29:df:77:f0:bc:
10:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:13:11:4F:8F:17:66:0A:98:A1:41:38:5D:D9:20:C3:4E:BD:76:7C
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/exMRT48XZgqYoUE4Xdkgw069dnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.232.0/22
31.129.251.0/24
213.5.192.0/22
Signature Algorithm: sha256WithRSAEncryption
90:3f:37:8f:f1:f6:b3:e8:1f:fb:ba:e1:85:04:7d:f4:55:da:
2a:c9:68:20:5e:aa:60:87:93:18:1e:a9:f7:65:fa:4d:7c:4e:
87:3b:79:7b:21:b7:3b:ff:4c:2e:dc:85:57:cc:f8:2a:8a:ef:
97:01:56:97:13:43:9b:d8:a6:c9:6f:22:24:6a:6b:ca:cb:d7:
40:87:7a:84:19:1c:22:d3:ed:15:b5:62:27:9b:4a:3f:0b:ce:
f4:c6:6b:44:76:fd:7d:79:ab:53:65:f9:f3:cc:ce:5b:8f:33:
bf:61:3a:7b:79:2c:df:6a:5e:6d:9e:8c:92:9a:2d:68:fe:ee:
b9:34:51:54:dc:ae:64:af:da:d2:70:f9:1c:b4:70:ef:ac:c2:
1c:e5:33:5b:28:38:31:a2:a9:2d:73:fd:72:99:e5:3f:69:6a:
1c:b1:c6:aa:e2:70:a8:41:08:d0:98:37:bc:5b:0a:fe:e5:64:
f2:6f:98:a8:68:c4:90:e2:2f:eb:d7:29:31:29:6c:80:86:69:
b5:c4:2e:34:ff:8b:a4:b4:27:7c:23:d2:f5:53:f3:94:6a:7e:
8d:38:55:ab:1a:2b:23:a3:6d:9a:b2:26:9c:9f:8f:af:7c:96:
53:66:db:92:c6:8c:63:4d:3e:40:53:60:dc:78:a6:0c:5d:a0:
31:df:06:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJL6QDGJkZ7Z3GuMaR0HgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjQwMTAxMDgyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjEzMTE0ZjhmMTc2NjBhOThhMTQxMzg1ZGQ5MjBjMzRlYmQ3NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRHootRuJoGGq0DgEzO6r3PB/4bt
Q3qGpNlxEkwkS+16ea5TTV97+qj11fMBJNxZB/r+Kp0bnkQ1RLcXNgtNIw4wxZj/
5GC3B80C571kZDC2I5ut1/KfJQv7aoC/CWI0layiiW3a7sp3vt0U0UJbR1hIJPQk
8C8FwhXDg33s1/DIab4ktrsx6u6Br/9slajTXswn0XsG3DB8S7GsWUxKGNR9E25G
LwzwUif60RoNqOImY64sxSIGgHz4/jGkTIV6hcCpeNrdGzFWws3YjPcuOjZ/l98m
zhanlXOfkiLNBCo49n98FmjMR2jB/Ki5p8QPgTjR0KZXKa0EKd938LwQkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHsTEU+PF2YKmKFBOF3ZIMNOvXZ8MB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvZXhNUlQ0OFhaZ3FZb1VFNFhka2d3MDY5ZG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH4HoAwQA
H4H7AwQC1QXAMA0GCSqGSIb3DQEBCwUAA4IBAQCQPzeP8faz6B/7uuGFBH30Vdoq
yWggXqpgh5MYHqn3ZfpNfE6HO3l7Ibc7/0wu3IVXzPgqiu+XAVaXE0Ob2KbJbyIk
amvKy9dAh3qEGRwi0+0VtWInm0o/C870xmtEdv19eatTZfnzzM5bjzO/YTp7eSzf
al5tnoySmi1o/u65NFFU3K5kr9rScPkctHDvrMIc5TNbKDgxoqktc/1ymeU/aWoc
scaq4nCoQQjQmDe8Wwr+5WTyb5ioaMSQ4i/r1ykxKWyAhmm1xC40/4uktCd8I9L1
U/OUan6NOFWrGisjo22asiacn4+vfJZTZtuSxoxjTT5AU2DceKYMXaAx3waE
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:32 2024 by rpki-client on console-fra.rpki-client.org