Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dMZvY-2jO1VnrGxsnlbHyv_lE_g.roa
File: dMZvY-2jO1VnrGxsnlbHyv_lE_g.roa (raw, json)
Hash identifier: qAhjatfj8ctdLt5+elTOm+0AVYWDmjdW/yMWBeA6HoU=
Subject key identifier: 74:C6:6F:63:ED:A3:3B:55:67:AC:6C:6C:9E:56:C7:CA:FF:E5:13:F8
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E77119924B531C5E10B57D58B809502EC
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dMZvY-2jO1VnrGxsnlbHyv_lE_g.roa
Signing time: Mon 25 Mar 2024 19:23:45 +0000
ROA not before: Mon 25 Mar 2024 19:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47814
IP address blocks: 46.19.204.251/32 maxlen: 32
46.19.205.0/24 maxlen: 24
46.19.206.0/24 maxlen: 24
80.81.44.0/24 maxlen: 24
80.81.46.0/23 maxlen: 23
83.223.139.0/24 maxlen: 24
83.223.149.0/24 maxlen: 24
94.101.233.206/32 maxlen: 32
94.101.238.0/24 maxlen: 24
2001:1bf8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:11:99:24:b5:31:c5:e1:0b:57:d5:8b:80:95:02:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 25 19:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74c66f63eda33b5567ac6c6c9e56c7caffe513f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ed:49:f9:3c:07:1c:68:51:a5:b9:1c:ce:f1:
c9:03:e7:03:05:7f:b0:8f:8f:51:1c:ca:fc:be:c7:
9c:59:ba:45:9a:61:76:22:ac:b9:5d:f7:08:55:56:
22:df:54:88:6c:42:20:d1:03:62:4d:0c:6b:af:1e:
8c:a5:cc:20:54:7b:c0:f0:58:af:b0:60:e4:d8:57:
05:92:9c:6b:02:15:b5:f1:bf:22:4f:80:16:0c:d2:
9a:09:f1:6f:74:ff:be:97:be:21:9e:45:66:a3:52:
be:f0:99:65:14:8c:05:93:eb:bb:bc:ed:2f:c4:33:
fd:fa:14:29:14:ae:d6:38:56:00:98:88:51:cb:63:
04:52:c8:3f:db:02:0f:b4:26:63:f7:8c:8f:b0:9b:
b1:5f:9e:c6:f0:fb:a8:b8:c9:bc:1d:e0:6b:aa:8f:
95:d9:5c:6b:70:bd:af:07:23:e5:e4:e2:30:06:38:
80:77:c8:e2:8e:60:83:30:d6:51:34:cc:58:c5:92:
c2:56:16:b2:ad:bd:07:ee:df:9a:a4:1c:f9:6e:c6:
f1:ab:60:43:55:4f:cd:8f:67:08:e7:86:cf:59:b0:
4e:2d:56:e9:06:f3:79:dd:c0:b3:e8:50:e8:8c:8c:
5e:22:a4:95:77:51:70:ed:1b:aa:69:a1:ad:c3:33:
83:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C6:6F:63:ED:A3:3B:55:67:AC:6C:6C:9E:56:C7:CA:FF:E5:13:F8
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dMZvY-2jO1VnrGxsnlbHyv_lE_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.204.251/32
46.19.205.0-46.19.206.255
80.81.44.0/24
80.81.46.0/23
83.223.139.0/24
83.223.149.0/24
94.101.233.206/32
94.101.238.0/24
IPv6:
2001:1bf8::/29
Signature Algorithm: sha256WithRSAEncryption
5d:c9:b0:3c:27:87:07:7c:1f:f3:4e:2a:cf:79:93:24:ed:89:
70:5e:fc:a3:96:3d:5e:a7:91:d2:71:ea:f7:dc:b2:60:e0:2b:
86:e8:de:93:55:28:5e:50:1d:f8:37:8f:99:c0:40:cf:15:0e:
db:06:ec:f4:0c:cc:f2:fd:70:f3:d3:6e:3d:d7:39:4b:80:77:
3f:d8:05:c2:f8:0f:d3:02:27:9b:5b:f6:81:c5:1b:5a:aa:33:
bd:6d:1b:63:41:1e:f4:22:12:f0:dd:bd:8a:a8:41:da:4e:3e:
bf:74:8e:e6:06:b3:95:6c:91:d4:89:41:85:88:17:b5:6e:95:
a1:57:d0:8e:93:86:a9:61:99:26:b9:2b:21:f9:5f:03:b5:48:
08:9d:59:f2:43:87:e6:9f:53:e6:82:14:77:5c:b6:1a:84:cb:
d9:7f:ed:91:78:f7:8e:44:14:bd:04:98:52:7a:33:03:73:dc:
37:d4:15:b2:82:e9:55:d1:55:5f:dc:f5:1d:e8:05:bb:9a:ee:
70:1f:49:ed:ea:69:eb:ac:b0:4d:2c:63:16:65:b9:4b:f1:c2:
0a:06:c4:57:94:df:a2:94:f1:56:e9:fe:9d:a8:e1:ec:36:b5:
f8:66:a1:b4:26:f5:90:43:6a:d5:83:a2:8c:dd:33:c3:db:03:
ca:20:aa:86
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAY53EZkktTHF4QtX1YuAlQLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI1MTkyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM2NmY2M2VkYTMzYjU1NjdhYzZjNmM5ZTU2YzdjYWZmZTUxM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO1J+TwHHGhRpbkczvHJA+cDBX+w
j49RHMr8vsecWbpFmmF2Iqy5XfcIVVYi31SIbEIg0QNiTQxrrx6MpcwgVHvA8Fiv
sGDk2FcFkpxrAhW18b8iT4AWDNKaCfFvdP++l74hnkVmo1K+8JllFIwFk+u7vO0v
xDP9+hQpFK7WOFYAmIhRy2MEUsg/2wIPtCZj94yPsJuxX57G8PuouMm8HeBrqo+V
2VxrcL2vByPl5OIwBjiAd8jijmCDMNZRNMxYxZLCVhayrb0H7t+apBz5bsbxq2BD
VU/Nj2cI54bPWbBOLVbpBvN53cCz6FDojIxeIqSVd1Fw7RuqaaGtwzODywIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFHTGb2PtoztVZ6xsbJ5Wx8r/5RP4MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZE1adlktMmpPMVZuckd4c25sYkh5dl9sRV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwUALhPM+zAM
AwQALhPNAwQALhPOAwQAUFEsAwQBUFEuAwQAU9+LAwQAU9+VAwUAXmXpzgMEAF5l
7jANBAIAAjAHAwUDIAEb+DANBgkqhkiG9w0BAQsFAAOCAQEAXcmwPCeHB3wf804q
z3mTJO2JcF78o5Y9XqeR0nHq99yyYOArhujek1UoXlAd+DePmcBAzxUO2wbs9AzM
8v1w89NuPdc5S4B3P9gFwvgP0wInm1v2gcUbWqozvW0bY0Ee9CIS8N29iqhB2k4+
v3SO5gazlWyR1IlBhYgXtW6VoVfQjpOGqWGZJrkrIflfA7VICJ1Z8kOH5p9T5oIU
d1y2GoTL2X/tkXj3jkQUvQSYUnozA3PcN9QVsoLpVdFVX9z1HegFu5rucB9J7epp
66ywTSxjFmW5S/HCCgbEV5TfopTxVun+najh7Da1+GahtCb1kENq1YOijN0zw9sD
yiCqhg==
-----END CERTIFICATE-----
Generated at Wed May 1 22:33:05 2024 by rpki-client on console-fra.rpki-client.org