Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/sMEmbmqhLaHBx9jrVa4phVMOmvU.roa
File: sMEmbmqhLaHBx9jrVa4phVMOmvU.roa (raw, json)
Hash identifier: am0i1Z86myvrfWqvwaPabQqvmkEv1qr93RPvhjEf9I4=
Subject key identifier: B0:C1:26:6E:6A:A1:2D:A1:C1:C7:D8:EB:55:AE:29:85:53:0E:9A:F5
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 018F72AF285BFD5AD7A95361761A32DE56AC
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/sMEmbmqhLaHBx9jrVa4phVMOmvU.roa
Signing time: Mon 13 May 2024 16:00:32 +0000
ROA not before: Mon 13 May 2024 16:00:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62257
IP address blocks: 194.36.172.0/24 maxlen: 24
194.147.150.0/24 maxlen: 24
194.147.170.0/24 maxlen: 24
194.180.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:af:28:5b:fd:5a:d7:a9:53:61:76:1a:32:de:56:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: May 13 16:00:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c1266e6aa12da1c1c7d8eb55ae2985530e9af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:40:76:6f:72:08:69:6d:b6:e1:0b:5a:08:e9:
22:13:3e:67:ff:52:85:ba:37:c5:86:af:c6:44:aa:
a0:b6:a3:1d:f0:57:75:7b:9d:b8:c4:00:a9:4f:c9:
40:5f:c9:4e:b6:b3:ee:14:0d:7f:ff:b0:77:11:ae:
66:12:28:9c:8d:ea:9d:af:19:fb:eb:9b:ae:58:51:
3a:c8:60:55:a3:23:56:eb:21:68:27:b1:91:b0:ba:
b6:1b:88:75:a7:33:e2:56:03:85:83:cd:9e:e6:f8:
99:69:ac:46:21:ba:05:fe:f9:b8:a6:49:3f:9a:bb:
b8:d4:79:2c:c2:4a:7a:eb:ad:ca:7a:8d:6b:a2:c3:
8d:f0:26:e4:e5:08:0f:2a:30:36:05:87:be:4c:2f:
c8:de:f6:73:77:c0:dd:a8:2c:2d:d8:6c:56:75:31:
88:1c:ed:09:dc:50:69:9d:6e:9d:b2:44:b8:91:62:
9a:7a:16:69:c1:87:b3:70:3c:c8:d3:f7:be:d2:a9:
e3:08:1d:c3:4b:f2:32:01:e1:a1:38:c1:fe:7e:26:
a4:a1:b0:bd:ee:4e:14:2b:0f:0d:cc:39:8d:53:30:
78:92:33:5c:84:59:13:e9:e2:c1:cc:1c:00:6e:3a:
64:7f:70:80:b4:df:71:d0:fe:7b:cf:71:b8:48:fd:
d3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C1:26:6E:6A:A1:2D:A1:C1:C7:D8:EB:55:AE:29:85:53:0E:9A:F5
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/sMEmbmqhLaHBx9jrVa4phVMOmvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.172.0/24
194.147.150.0/24
194.147.170.0/24
194.180.208.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b1:c5:ca:f6:fe:11:67:ec:29:e2:9f:c1:3b:2d:ef:21:30:
d2:dc:d5:bd:e7:ae:c7:20:28:e3:1a:65:e4:2b:33:d8:5f:23:
10:f8:3e:7c:4f:69:54:b9:98:b9:c7:67:3d:50:af:ca:59:11:
a3:8f:ad:b8:78:1b:91:4e:36:25:e2:85:e4:07:7a:2a:0e:96:
15:0c:e8:34:3f:cd:5e:92:6c:e9:41:d8:c1:1e:e7:7f:f3:3c:
66:ae:90:77:aa:de:49:f3:af:ce:cb:2b:9c:0e:ea:67:2d:0f:
7d:c0:6f:49:62:37:50:a5:f3:d7:2f:49:e5:c1:c8:7c:bf:62:
1f:ec:a4:37:e9:7b:f0:2e:fd:4e:6c:45:90:48:7a:43:d7:0d:
fa:71:ba:2e:f7:5c:92:fb:6b:3e:bd:7c:c9:a1:53:f2:46:2a:
89:24:d2:73:0e:ec:73:e8:f7:86:3b:4c:be:da:82:1d:b6:88:
1f:76:a3:57:b9:08:8a:df:15:25:e5:a0:4e:ac:8b:e4:f8:76:
3e:00:fb:24:10:8e:1f:8d:04:0c:10:65:c0:8a:b6:f6:cb:06:
15:98:81:ca:9b:e8:99:97:ac:97:c6:3f:31:5f:ad:a0:53:61:
ee:95:83:63:d9:1c:0e:7a:c1:5c:a4:05:2d:b6:4d:af:d2:bf:
fc:ee:4b:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9yryhb/VrXqVNhdhoy3lasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwNTEzMTYwMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGMxMjY2ZTZhYTEyZGExYzFjN2Q4ZWI1NWFlMjk4NTUzMGU5YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kB2b3IIaW224QtaCOkiEz5n/1KF
ujfFhq/GRKqgtqMd8Fd1e524xACpT8lAX8lOtrPuFA1//7B3Ea5mEiicjeqdrxn7
65uuWFE6yGBVoyNW6yFoJ7GRsLq2G4h1pzPiVgOFg82e5viZaaxGIboF/vm4pkk/
mru41Hkswkp6663Keo1rosON8Cbk5QgPKjA2BYe+TC/I3vZzd8DdqCwt2GxWdTGI
HO0J3FBpnW6dskS4kWKaehZpwYezcDzI0/e+0qnjCB3DS/IyAeGhOMH+fiakobC9
7k4UKw8NzDmNUzB4kjNchFkT6eLBzBwAbjpkf3CAtN9x0P57z3G4SP3TIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLDBJm5qoS2hwcfY61WuKYVTDpr1MB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvc01FbWJtcWhMYUhCeDlqclZhNHBoVk1PbXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiSsAwQA
wpOWAwQAwpOqAwQAwrTQMA0GCSqGSIb3DQEBCwUAA4IBAQATscXK9v4RZ+wp4p/B
Oy3vITDS3NW9567HICjjGmXkKzPYXyMQ+D58T2lUuZi5x2c9UK/KWRGjj624eBuR
TjYl4oXkB3oqDpYVDOg0P81ekmzpQdjBHud/8zxmrpB3qt5J86/OyyucDupnLQ99
wG9JYjdQpfPXL0nlwch8v2If7KQ36XvwLv1ObEWQSHpD1w36cbou91yS+2s+vXzJ
oVPyRiqJJNJzDuxz6PeGO0y+2oIdtogfdqNXuQiK3xUl5aBOrIvk+HY+APskEI4f
jQQMEGXAirb2ywYVmIHKm+iZl6yXxj8xX62gU2HulYNj2RwOesFcpAUttk2v0r/8
7kv/
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:46:00 2024 by rpki-client on console-fra.rpki-client.org