Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/rC9leTKmY6SMjrbD1-uPMK7Qp34.roa
File: rC9leTKmY6SMjrbD1-uPMK7Qp34.roa (raw, json)
Hash identifier: 92WCWsggvtwXjiwcYhGXA5XbbeO00x2ypLbnu7M8lHc=
Subject key identifier: AC:2F:65:79:32:A6:63:A4:8C:8E:B6:C3:D7:EB:8F:30:AE:D0:A7:7E
Certificate issuer: /CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Certificate serial: 018CC56E0A0942E3BD813E86DD183BEED583
Authority key identifier: 45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/rC9leTKmY6SMjrbD1-uPMK7Qp34.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24679
IP address blocks: 217.175.224.0/19 maxlen: 24
195.47.229.0/24 maxlen: 24
193.201.52.0/22 maxlen: 24
81.3.0.0/18 maxlen: 24
83.246.0.0/17 maxlen: 24
193.238.228.0/22 maxlen: 24
217.195.32.0/20 maxlen: 24
2a02:790::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0a:09:42:e3:bd:81:3e:86:dd:18:3b:ee:d5:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac2f657932a663a48c8eb6c3d7eb8f30aed0a77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1c:e9:31:18:b3:b4:43:9b:95:d5:d5:66:17:
bf:15:e3:ef:94:eb:af:be:47:4d:f4:23:1d:7d:03:
13:ff:ad:3b:b3:b3:b3:6f:39:e1:ac:72:9d:45:d2:
38:df:cc:81:93:39:6f:79:de:e4:4c:fa:84:21:1a:
9f:71:ad:a5:af:0e:76:14:98:25:63:4f:71:52:66:
27:56:df:54:1e:a2:79:4b:de:5b:ac:50:35:dc:16:
93:b3:37:f3:7d:81:40:f0:2e:9c:48:bd:24:d5:98:
4a:37:fd:e2:f7:c4:be:8d:cf:dc:58:10:f1:e1:e4:
95:30:d8:cc:ff:24:4c:5a:a7:4a:8e:41:4e:3b:02:
8c:41:67:60:3c:8d:f5:2a:5a:64:43:a0:7a:c0:cb:
f3:73:18:6e:41:b1:d3:a1:a7:e2:98:b1:fb:d0:3e:
40:fd:74:7b:15:6c:5f:40:c6:90:1e:0e:1f:8c:ea:
ad:45:5d:4c:2c:28:f6:4a:7e:ed:12:b2:d3:70:41:
87:49:7e:13:80:9d:87:6e:23:e8:29:64:37:39:98:
3f:7d:6c:9c:86:47:45:d7:b4:c2:4a:3a:03:a1:fe:
d7:fe:f9:83:e0:e1:28:fb:c6:87:75:a5:68:cd:21:
b2:e3:1f:24:1c:6a:cd:24:5a:1c:2b:bb:f4:94:83:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:2F:65:79:32:A6:63:A4:8C:8E:B6:C3:D7:EB:8F:30:AE:D0:A7:7E
X509v3 Authority Key Identifier:
keyid:45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/rC9leTKmY6SMjrbD1-uPMK7Qp34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.3.0.0/18
83.246.0.0/17
193.201.52.0/22
193.238.228.0/22
195.47.229.0/24
217.175.224.0/19
217.195.32.0/20
IPv6:
2a02:790::/32
Signature Algorithm: sha256WithRSAEncryption
03:86:9d:9e:87:ad:e9:c3:f3:3e:d2:69:2c:8b:b5:2b:a3:49:
b0:cb:7e:66:41:fb:53:a1:a7:86:a1:8a:eb:a4:02:6d:f4:a6:
3d:c3:d0:ee:c7:0f:a8:f5:63:7b:5e:e8:2c:40:21:4c:35:c5:
e7:b6:83:0c:ee:79:9b:7e:b3:e4:3f:10:c2:99:15:6f:e4:8a:
84:48:01:98:9a:96:cc:45:22:6d:4e:75:a1:a1:aa:ea:b0:53:
2a:04:df:8d:b6:08:43:75:2c:26:2d:ae:aa:75:ad:8b:56:9a:
00:08:ca:bd:07:3b:d7:9e:2e:fc:c3:a2:cd:ba:66:e8:00:61:
91:0a:95:d4:f2:cd:97:78:ca:d0:63:4b:46:2e:16:73:0f:89:
5d:bd:34:c4:12:6f:61:56:3f:f8:22:37:13:3c:4b:54:e4:5f:
e5:a7:1e:4e:9a:96:47:e5:ea:55:c5:75:85:5b:b9:e2:a1:61:
53:ae:68:de:68:75:27:40:21:59:1c:c0:b1:3f:a3:95:75:73:
d3:ba:30:23:e3:26:17:2b:4b:df:de:cb:cd:be:ef:00:7d:65:
45:f9:62:23:6e:dd:34:49:58:e6:4d:e0:32:d6:16:73:a6:a6:
46:8c:9a:d1:a6:e6:b8:56:8b:5f:81:24:fa:c0:71:7c:cf:9c:
28:4f:2c:fd
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFbgoJQuO9gT6G3Rg77tWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1Yjk4NTRiMDQ0NTk0ZTZjZjA4NDZmYjQxZGU3YjA5MDhm
YjVmNzIwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzJmNjU3OTMyYTY2M2E0OGM4ZWI2YzNkN2ViOGYzMGFlZDBhNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xzpMRiztEObldXVZhe/FePvlOuv
vkdN9CMdfQMT/607s7OzbznhrHKdRdI438yBkzlved7kTPqEIRqfca2lrw52FJgl
Y09xUmYnVt9UHqJ5S95brFA13BaTszfzfYFA8C6cSL0k1ZhKN/3i98S+jc/cWBDx
4eSVMNjM/yRMWqdKjkFOOwKMQWdgPI31KlpkQ6B6wMvzcxhuQbHToafimLH70D5A
/XR7FWxfQMaQHg4fjOqtRV1MLCj2Sn7tErLTcEGHSX4TgJ2HbiPoKWQ3OZg/fWyc
hkdF17TCSjoDof7X/vmD4OEo+8aHdaVozSGy4x8kHGrNJFocK7v0lIOvKwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKwvZXkypmOkjI62w9frjzCu0Kd+MB8GA1UdIwQY
MBaAFEW5hUsERZTmzwhG+0HeewkI+19yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMt
NGIyMmZjNTE4NGEyLzEvckM5bGVUS21ZNlNNanJiRDEtdVBNSzdRcDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMtNGIyMmZjNTE4NGEy
LzEvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQGUQMAAwQH
U/YAAwQCwck0AwQCwe7kAwQAwy/lAwQF2a/gAwQE2cMgMA0EAgACMAcDBQAqAgeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQADhp2eh63pw/M+0mksi7Uro0mwy35mQftToaeG
oYrrpAJt9KY9w9Duxw+o9WN7XugsQCFMNcXntoMM7nmbfrPkPxDCmRVv5IqESAGY
mpbMRSJtTnWhoarqsFMqBN+NtghDdSwmLa6qda2LVpoACMq9BzvXni78w6LNumbo
AGGRCpXU8s2XeMrQY0tGLhZzD4ldvTTEEm9hVj/4IjcTPEtU5F/lpx5OmpZH5epV
xXWFW7nioWFTrmjeaHUnQCFZHMCxP6OVdXPTujAj4yYXK0vf3svNvu8AfWVF+WIj
bt00SVjmTeAy1hZzpqZGjJrRpua4VotfgST6wHF8z5woTyz9
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:05:10 2024 by rpki-client on console-ams.rpki-client.org