Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/1-i4YiypHIcsQXIlXsjFt1KwGqVc.roa
File: 1-i4YiypHIcsQXIlXsjFt1KwGqVc.roa (raw, json)
Hash identifier: szH4zedltSFGYBh+Sx9WLLJSMz1v+nuu4Zreg9OH8fM=
Subject key identifier: FA:2E:18:8B:2A:47:21:CB:10:5C:89:57:B2:31:6D:D4:AC:06:A9:57
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 018CC2DB19B57A609B064925B384BB64A211
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/1-i4YiypHIcsQXIlXsjFt1KwGqVc.roa
Signing time: Mon 01 Jan 2024 02:29:47 +0000
ROA not before: Mon 01 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47674
IP address blocks: 185.11.146.0/24 maxlen: 32
185.11.147.0/24 maxlen: 32
188.209.49.0/24 maxlen: 24
188.209.52.0/24 maxlen: 32
185.62.188.0/24 maxlen: 32
185.62.189.0/24 maxlen: 32
185.62.190.0/24 maxlen: 32
185.11.145.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:19:b5:7a:60:9b:06:49:25:b3:84:bb:64:a2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 1 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa2e188b2a4721cb105c8957b2316dd4ac06a957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9c:c5:41:b0:77:94:7e:62:73:4e:5c:45:99:
d6:61:eb:21:1a:4c:6b:e8:2e:88:09:0b:3c:38:cc:
52:8b:24:09:a5:e5:8f:86:72:b8:d9:6e:d1:34:0a:
ac:14:0e:b8:31:09:8d:5e:28:db:98:22:1f:3c:f8:
8d:ad:07:e9:51:cb:d3:ac:da:6b:64:65:40:0c:38:
5a:cd:cc:2a:1a:9b:ae:0a:d8:a0:c3:9b:d6:6d:96:
04:37:e2:66:d4:40:e2:b6:0b:e2:d4:37:aa:ab:d5:
4f:c2:7e:a3:a3:a7:16:5c:ca:7e:71:f3:41:92:d8:
57:81:02:4d:1d:d5:20:f5:bb:0d:ee:ca:ef:10:7e:
c8:f7:ef:4c:45:4f:c0:5e:cf:10:30:a6:36:a5:23:
fc:cd:12:ac:79:ae:97:ae:c9:fd:2a:1f:6e:12:5e:
42:e6:50:6b:95:70:f5:2e:53:4b:f7:cd:04:87:87:
07:e0:15:14:39:2a:06:6f:8e:6e:e4:f2:bf:94:03:
5d:88:95:db:79:c7:a0:6b:67:a2:ab:17:92:4d:d2:
6e:b9:b9:77:16:ce:02:27:5d:1d:ed:3c:6d:01:6d:
fc:95:53:de:c9:08:51:f9:fc:44:27:01:c1:6d:bb:
59:56:67:3a:72:3c:96:a1:d1:7e:f8:b0:dd:a1:3e:
e4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2E:18:8B:2A:47:21:CB:10:5C:89:57:B2:31:6D:D4:AC:06:A9:57
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/1-i4YiypHIcsQXIlXsjFt1KwGqVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.145.0-185.11.147.255
185.62.188.0-185.62.190.255
188.209.49.0/24
188.209.52.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a1:0e:c8:48:80:71:04:43:2e:25:2d:ae:67:75:6b:db:52:
77:22:5b:87:69:a4:68:bb:5b:41:15:d0:89:1d:38:02:4e:60:
16:61:4e:58:2f:5d:4d:7c:f4:46:c5:00:62:a3:5f:df:9c:38:
f3:7e:04:13:e4:22:1c:3f:bd:eb:8a:de:0e:f6:2f:e1:93:f9:
6f:57:22:03:79:c1:ce:11:4b:a2:25:4a:a1:93:d5:07:55:be:
2e:97:3a:62:4b:c3:7a:c4:95:46:37:9e:e5:80:ac:17:54:db:
3e:e8:23:b3:25:57:00:14:9e:cb:ba:a7:d8:f6:6f:e2:05:55:
eb:c7:16:3c:6e:07:81:dd:b3:8d:b0:c1:b6:a2:11:4d:b0:10:
52:91:6f:4b:ad:76:9a:a5:7e:46:cd:b1:8d:66:4a:8f:0f:bb:
dc:2c:f4:c8:5a:63:78:fa:be:fa:5c:b4:e4:a8:e4:ec:68:8c:
23:39:cf:d8:a3:d0:59:c4:69:54:c4:12:ca:e3:98:1d:c9:80:
53:d5:d9:bf:4f:df:a5:81:f4:10:ec:ac:44:aa:7e:08:80:82:
0f:11:d5:ad:94:8f:72:9e:6b:d7:b6:90:ca:34:e7:3b:b3:ce:
aa:47:06:66:78:c7:a8:1b:5d:21:c0:3e:de:65:1d:cd:18:df:
50:8b:c4:7e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzC2xm1emCbBkkls4S7ZKIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjQwMTAxMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJlMTg4YjJhNDcyMWNiMTA1Yzg5NTdiMjMxNmRkNGFjMDZhOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJzFQbB3lH5ic05cRZnWYeshGkxr
6C6ICQs8OMxSiyQJpeWPhnK42W7RNAqsFA64MQmNXijbmCIfPPiNrQfpUcvTrNpr
ZGVADDhazcwqGpuuCtigw5vWbZYEN+Jm1EDitgvi1Deqq9VPwn6jo6cWXMp+cfNB
kthXgQJNHdUg9bsN7srvEH7I9+9MRU/AXs8QMKY2pSP8zRKsea6Xrsn9Kh9uEl5C
5lBrlXD1LlNL980Eh4cH4BUUOSoGb45u5PK/lANdiJXbecega2eiqxeSTdJuubl3
Fs4CJ10d7TxtAW38lVPeyQhR+fxEJwHBbbtZVmc6cjyWodF++LDdoT7kMwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPouGIsqRyHLEFyJV7IxbdSsBqlXMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvMS1pNFlpeXBISWNzUVhJbFhzakZ0MUt3R3FWYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGYvMGI3ZmQzLTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3
MS8xLzRUanNKQ3BENmNuVXpySmR5UTVVVXpjOVAwWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBBBggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAuQuR
AwQCuQuQMAwDBAK5PrwDBAC5Pr4DBAC80TEDBAC80TQwDQYJKoZIhvcNAQELBQAD
ggEBABqhDshIgHEEQy4lLa5ndWvbUnciW4dppGi7W0EV0IkdOAJOYBZhTlgvXU18
9EbFAGKjX9+cOPN+BBPkIhw/veuK3g72L+GT+W9XIgN5wc4RS6IlSqGT1QdVvi6X
OmJLw3rElUY3nuWArBdU2z7oI7MlVwAUnsu6p9j2b+IFVevHFjxuB4Hds42wwbai
EU2wEFKRb0utdpqlfkbNsY1mSo8Pu9ws9MhaY3j6vvpctOSo5OxojCM5z9ij0FnE
aVTEEsrjmB3JgFPV2b9P36WB9BDsrESqfgiAgg8R1a2Uj3Kea9e2kMo05zuzzqpH
BmZ4x6gbXSHAPt5lHc0Y31CLxH4=
-----END CERTIFICATE-----
Generated at Tue Jun 4 08:36:19 2024 by rpki-client on console-fra.rpki-client.org