Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/0-jqqpXRjT1FiW6f4lIdfYEeiD8.roa
File: 0-jqqpXRjT1FiW6f4lIdfYEeiD8.roa (raw, json)
Hash identifier: Vi5H9oZp/RjN8eC1M9aHlRS+W+m88UkqvdIMH+8EwBA=
Subject key identifier: D3:E8:EA:AA:95:D1:8D:3D:45:89:6E:9F:E2:52:1D:7D:81:1E:88:3F
Certificate issuer: /CN=4ad467f16d0951e430713832c6c759561e76041f
Certificate serial: 018CC348A402DD177532E213F582DDCA8D02
Authority key identifier: 4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/0-jqqpXRjT1FiW6f4lIdfYEeiD8.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9074
IP address blocks: 185.248.108.0/24 maxlen: 24
185.248.109.0/24 maxlen: 24
185.248.110.0/24 maxlen: 24
37.131.254.0/24 maxlen: 24
37.131.255.0/24 maxlen: 24
37.131.251.0/24 maxlen: 24
37.131.252.0/24 maxlen: 24
37.131.253.0/24 maxlen: 24
37.131.248.0/24 maxlen: 24
37.131.249.0/24 maxlen: 24
37.131.250.0/24 maxlen: 24
2a0b:9bc0:1::/48 maxlen: 48
2a0b:9bc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a4:02:dd:17:75:32:e2:13:f5:82:dd:ca:8d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad467f16d0951e430713832c6c759561e76041f
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3e8eaaa95d18d3d45896e9fe2521d7d811e883f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c3:15:08:f4:03:5c:7e:34:7d:20:7a:ad:e0:
4b:37:4a:44:e3:d3:36:74:ac:9a:f0:b9:1e:4c:bb:
72:2b:05:b5:28:f1:47:b1:45:b3:3a:f8:71:21:58:
df:66:db:71:b2:3f:73:1c:6d:3d:0a:62:5d:39:95:
46:b8:06:29:a4:7d:fe:4d:54:3a:76:a2:ab:f5:24:
e1:34:52:ce:ee:e2:90:b9:40:17:d7:e8:19:4a:08:
24:21:ec:70:72:0c:b3:9d:ec:c1:44:13:e5:2a:9c:
51:f3:21:24:3e:31:22:71:49:34:f3:58:7c:35:1d:
96:17:21:3b:bf:b3:3d:e5:93:79:d6:69:64:41:a2:
d6:42:ff:73:0e:9b:aa:a0:d2:65:a5:de:56:f8:2e:
ff:e6:15:a9:86:fa:ef:cd:c7:4a:d7:e3:24:ac:3a:
a5:c4:fb:f2:16:0e:ce:ba:54:7e:2f:33:05:2e:3d:
40:9e:7a:c8:0c:87:17:68:fc:35:93:1b:a4:a6:fa:
84:ed:48:ee:1b:97:50:ba:36:1f:3b:02:0d:3a:63:
2c:16:df:b7:93:4f:43:79:f0:7d:c7:18:cb:2a:56:
a8:1b:16:43:fc:ba:0d:f3:3a:83:fe:46:d8:bd:5e:
21:2d:b3:75:a5:80:5a:e4:ff:1a:59:ba:9b:95:ff:
b3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E8:EA:AA:95:D1:8D:3D:45:89:6E:9F:E2:52:1D:7D:81:1E:88:3F
X509v3 Authority Key Identifier:
keyid:4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/0-jqqpXRjT1FiW6f4lIdfYEeiD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.248.0/21
185.248.108.0-185.248.110.255
IPv6:
2a0b:9bc0:1::-2a0b:9bc0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:ad:7a:01:f4:1c:29:a8:92:43:fb:08:69:fa:9a:76:56:c0:
c7:6f:39:5d:00:11:76:b5:d0:56:24:20:9e:00:23:01:de:af:
8b:29:4f:8c:ad:ab:70:53:d9:f7:2e:58:7f:5c:91:5f:9e:00:
c1:d1:5b:25:3e:f9:03:e2:81:5d:bc:d3:8d:79:aa:53:02:b2:
86:76:c4:8a:a7:1f:1d:2a:79:c0:10:8e:17:0c:e4:07:44:8a:
15:e7:4d:f3:f3:c3:92:1d:ba:5a:c4:b0:9b:82:19:b9:a1:19:
60:03:59:ff:3b:03:b8:13:57:32:4b:3e:d3:79:08:a6:bf:1d:
ee:2d:25:ea:5e:a1:b9:5c:31:6f:58:c0:8e:8f:1b:cb:ee:91:
81:6a:0b:b8:40:2d:d6:29:38:e9:c2:2b:89:af:da:a4:dd:46:
38:15:0a:5a:f1:18:02:f0:62:40:1c:82:47:2d:06:3a:cf:4e:
09:3d:81:d4:72:26:3d:a5:d3:36:7a:a7:74:7a:1a:91:7a:60:
20:4f:62:47:15:59:85:df:db:40:e5:dc:82:87:2e:19:66:27:
f9:fa:64:dd:1e:b9:57:95:a5:a2:59:12:d2:62:53:44:90:5b:
27:7f:8e:90:7e:03:73:be:a0:5a:fb:1b:61:43:f8:10:fd:d7:
e6:1e:33:e4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzDSKQC3Rd1MuIT9YLdyo0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDQ2N2YxNmQwOTUxZTQzMDcxMzgzMmM2Yzc1OTU2MWU3
NjA0MWYwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U4ZWFhYTk1ZDE4ZDNkNDU4OTZlOWZlMjUyMWQ3ZDgxMWU4ODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcMVCPQDXH40fSB6reBLN0pE49M2
dKya8LkeTLtyKwW1KPFHsUWzOvhxIVjfZttxsj9zHG09CmJdOZVGuAYppH3+TVQ6
dqKr9SThNFLO7uKQuUAX1+gZSggkIexwcgyznezBRBPlKpxR8yEkPjEicUk081h8
NR2WFyE7v7M95ZN51mlkQaLWQv9zDpuqoNJlpd5W+C7/5hWphvrvzcdK1+MkrDql
xPvyFg7OulR+LzMFLj1AnnrIDIcXaPw1kxukpvqE7UjuG5dQujYfOwINOmMsFt+3
k09DefB9xxjLKlaoGxZD/LoN8zqD/kbYvV4hLbN1pYBa5P8aWbqblf+zpwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNPo6qqV0Y09RYlun+JSHX2BHog/MB8GA1UdIwQY
MBaAFErUZ/FtCVHkMHE4MsbHWVYedgQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zMzg2MDUtNGRiNC00ZWRlLWEzMTAt
NTY0MjM1M2Q0MzFhLzEvMC1qcXFwWFJqVDFGaVc2ZjRsSWRmWUVlaUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zMzg2MDUtNGRiNC00ZWRlLWEzMTAtNTY0MjM1M2Q0MzFh
LzEvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAaBAIAATAUAwQDJYP4MAwD
BAK5+GwDBAC5+G4wGgQCAAIwFDASAwcAKgubwAABAwcAKgubwAACMA0GCSqGSIb3
DQEBCwUAA4IBAQBsrXoB9BwpqJJD+whp+pp2VsDHbzldABF2tdBWJCCeACMB3q+L
KU+MratwU9n3Llh/XJFfngDB0VslPvkD4oFdvNONeapTArKGdsSKpx8dKnnAEI4X
DOQHRIoV503z88OSHbpaxLCbghm5oRlgA1n/OwO4E1cySz7TeQimvx3uLSXqXqG5
XDFvWMCOjxvL7pGBagu4QC3WKTjpwiuJr9qk3UY4FQpa8RgC8GJAHIJHLQY6z04J
PYHUciY9pdM2eqd0ehqRemAgT2JHFVmF39tA5dyChy4ZZif5+mTdHrlXlaWiWRLS
YlNEkFsnf46QfgNzvqBa+xthQ/gQ/dfmHjPk
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:12 2024 by rpki-client on console-ams.rpki-client.org