Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/S0BSjJ0yKPEoSDzHaX8ectyXeHM.roa
File: S0BSjJ0yKPEoSDzHaX8ectyXeHM.roa (raw, json)
Hash identifier: XgWC49/petuq46cjDCcfl1qNm6v048V8JxsHg1G5vNk=
Subject key identifier: 4B:40:52:8C:9D:32:28:F1:28:48:3C:C7:69:7F:1E:72:DC:97:78:73
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC801340608DB9D59E33E494C86B0978E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/S0BSjJ0yKPEoSDzHaX8ectyXeHM.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202221
IP address blocks: 85.254.31.0/24 maxlen: 24
85.254.146.0/24 maxlen: 24
159.148.174.0/24 maxlen: 24
159.148.173.0/24 maxlen: 24
159.148.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 09:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:34:06:08:db:9d:59:e3:3e:49:4c:86:b0:97:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b40528c9d3228f128483cc7697f1e72dc977873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7c:3e:9b:62:ea:fb:4c:c1:0c:00:f8:da:c3:
55:a4:bc:c3:41:67:7f:28:76:a9:c8:4b:f1:7c:7b:
62:49:6c:e6:8e:b5:ab:a4:1f:67:65:50:46:4b:69:
c4:15:9a:99:1e:05:9d:0b:d6:5a:6d:4d:a2:61:2d:
c1:31:4f:d4:8b:15:bf:6a:b6:8e:68:49:2f:9b:d5:
58:82:01:e2:4d:32:58:15:91:56:41:c4:5e:00:e5:
f0:51:95:d1:9c:6e:60:76:34:da:d5:c8:dd:a5:bc:
30:0c:6e:2d:8e:4e:7b:dd:f2:d6:20:83:54:a1:42:
22:93:2e:bc:a0:ed:a2:6c:20:53:ee:18:15:86:17:
b4:8e:a5:77:8c:d6:bb:6c:32:ed:de:93:0f:eb:a2:
28:01:44:c0:f6:95:ba:b9:76:b4:6b:e5:ad:d4:b1:
be:d3:f7:3a:68:54:3b:9c:47:da:c4:7d:55:30:e2:
29:08:91:04:1a:ee:31:58:1b:c9:d9:f3:5e:df:f9:
22:a2:54:06:62:eb:6b:fa:27:8d:5d:97:c3:20:7a:
59:1a:58:6f:d9:74:8c:f4:f0:75:c3:0e:3b:ba:05:
e9:e6:9a:af:3a:20:38:95:ac:4e:c7:dc:b9:da:c7:
e9:40:00:e9:f5:97:4c:dc:45:5a:1d:c0:62:70:c9:
19:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:40:52:8C:9D:32:28:F1:28:48:3C:C7:69:7F:1E:72:DC:97:78:73
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/S0BSjJ0yKPEoSDzHaX8ectyXeHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.31.0/24
85.254.146.0/24
159.148.104.0/23
159.148.173.0-159.148.174.255
Signature Algorithm: sha256WithRSAEncryption
b8:54:61:45:1b:0e:bb:c1:a1:ba:71:5d:1d:7b:44:c4:33:0c:
e3:74:e8:75:62:50:65:98:89:aa:2e:d5:7b:7f:1e:9f:3b:df:
1b:53:7e:46:4c:86:9c:19:9b:f8:28:18:c6:4b:94:a9:84:10:
38:d6:7e:e7:b2:94:6e:3c:6e:76:f9:12:03:69:92:69:f3:de:
ea:16:39:23:f4:e5:96:61:57:0d:3c:7c:d3:21:df:3c:dc:df:
bf:04:8d:a8:ea:62:8b:2f:50:46:37:d1:9c:bc:b4:09:77:d3:
a5:2a:47:a2:66:cf:06:08:7d:69:96:d4:1f:b7:49:2b:8e:03:
b3:be:8f:b3:5a:03:93:fd:a8:b1:b5:b7:93:c3:11:bb:d3:db:
e5:22:c2:db:da:2a:30:20:d2:a3:5d:0b:d7:c9:92:b1:cf:60:
0e:7d:19:af:7d:b4:c2:95:7b:d4:b4:2a:ca:ee:87:e0:8c:c4:
a8:0c:3b:8e:ee:76:ae:1f:db:0e:a5:3d:38:25:dc:37:1b:9b:
4d:da:0d:31:30:fb:b5:55:69:8d:98:70:69:58:5d:ca:84:02:
92:ea:37:07:25:27:f6:d1:5d:e7:6e:28:3c:4b:bd:ed:89:59:
a9:56:81:f0:87:30:02:50:17:9c:c7:53:69:df:69:fe:57:16:
0e:86:9f:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIATQGCNudWeM+SUyGsJeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQwNTI4YzlkMzIyOGYxMjg0ODNjYzc2OTdmMWU3MmRjOTc3ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHw+m2Lq+0zBDAD42sNVpLzDQWd/
KHapyEvxfHtiSWzmjrWrpB9nZVBGS2nEFZqZHgWdC9ZabU2iYS3BMU/UixW/araO
aEkvm9VYggHiTTJYFZFWQcReAOXwUZXRnG5gdjTa1cjdpbwwDG4tjk573fLWIINU
oUIiky68oO2ibCBT7hgVhhe0jqV3jNa7bDLt3pMP66IoAUTA9pW6uXa0a+Wt1LG+
0/c6aFQ7nEfaxH1VMOIpCJEEGu4xWBvJ2fNe3/kiolQGYutr+ieNXZfDIHpZGlhv
2XSM9PB1ww47ugXp5pqvOiA4laxOx9y52sfpQADp9ZdM3EVaHcBicMkZkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEtAUoydMijxKEg8x2l/HnLcl3hzMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUzBCU2pKMHlLUEVvU0R6SGFYOGVjdHlYZUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVf4fAwQA
Vf6SAwQBn5RoMAwDBACflK0DBACflK4wDQYJKoZIhvcNAQELBQADggEBALhUYUUb
DrvBobpxXR17RMQzDON06HViUGWYiaou1Xt/Hp873xtTfkZMhpwZm/goGMZLlKmE
EDjWfueylG48bnb5EgNpkmnz3uoWOSP05ZZhVw08fNMh3zzc378EjajqYosvUEY3
0Zy8tAl306UqR6JmzwYIfWmW1B+3SSuOA7O+j7NaA5P9qLG1t5PDEbvT2+Uiwtva
KjAg0qNdC9fJkrHPYA59Ga99tMKVe9S0Ksruh+CMxKgMO47udq4f2w6lPTgl3Dcb
m03aDTEw+7VVaY2YcGlYXcqEApLqNwclJ/bRXeduKDxLve2JWalWgfCHMAJQF5zH
U2nfaf5XFg6Gn/g=
-----END CERTIFICATE-----
Generated at Wed May 1 16:39:26 2024 by rpki-client on console-fra.rpki-client.org