Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/picio05LQieYJOr_p2nKdI8qHSs.roa
File: picio05LQieYJOr_p2nKdI8qHSs.roa (raw, json)
Hash identifier: /ZYussasHipQVZ4aHqCMvJw86eSp+0OXBdXqKgEu1nU=
Subject key identifier: A6:27:22:A3:4E:4B:42:27:98:24:EA:FF:A7:69:CA:74:8F:2A:1D:2B
Certificate issuer: /CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Certificate serial: 018CC5DD00513CB2E023942C038E2FA49F7A
Authority key identifier: 42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/picio05LQieYJOr_p2nKdI8qHSs.roa
Signing time: Mon 01 Jan 2024 16:30:44 +0000
ROA not before: Mon 01 Jan 2024 16:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49129
IP address blocks: 185.110.164.0/22 maxlen: 22
178.236.48.0/20 maxlen: 20
31.192.0.0/20 maxlen: 20
31.192.16.0/20 maxlen: 20
77.242.48.0/20 maxlen: 20
31.192.32.0/20 maxlen: 20
80.77.48.0/20 maxlen: 20
31.192.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:00:51:3c:b2:e0:23:94:2c:03:8e:2f:a4:9f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Validity
Not Before: Jan 1 16:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a62722a34e4b42279824eaffa769ca748f2a1d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b2:11:9c:71:a7:63:49:09:5a:ca:8f:e6:2c:
ae:d1:f1:b2:3c:ec:91:42:ce:a8:f8:ed:d2:ee:13:
2c:df:49:66:d1:1c:61:ea:df:2b:de:a7:6f:93:c8:
8d:72:75:29:93:45:74:f2:71:36:c7:e5:fc:c4:90:
f4:51:28:8f:9a:67:87:2a:ba:8c:51:3a:fd:7e:d0:
07:fb:83:f9:61:94:e1:6c:f2:f2:d5:c7:c9:b9:b9:
78:c7:85:72:37:e4:4d:69:61:3e:a4:eb:ef:ae:00:
95:c3:d7:b5:53:a2:c7:1f:55:61:93:19:9c:21:31:
83:40:ff:04:e2:f3:10:97:5b:49:46:be:32:fa:2e:
1c:b9:90:8c:73:ed:d4:81:b2:3c:0d:c6:b6:78:2c:
1b:13:17:ce:5b:b6:c7:7d:a5:ad:61:00:87:cc:04:
18:40:b2:e7:91:6b:30:e3:d3:e9:19:0b:13:ea:91:
cc:a5:b9:ef:e3:d6:81:c5:85:3f:ed:37:34:d2:c6:
4c:c6:e4:07:8d:4f:d1:17:80:81:dc:ea:14:1e:9f:
c1:9a:bc:f2:31:3c:cf:72:bb:53:eb:f2:c9:2b:22:
76:3f:3b:03:96:4d:2c:1d:05:e8:65:e6:04:53:1d:
9d:58:6a:e5:60:09:8d:ee:07:05:98:f3:fa:88:01:
b1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:27:22:A3:4E:4B:42:27:98:24:EA:FF:A7:69:CA:74:8F:2A:1D:2B
X509v3 Authority Key Identifier:
keyid:42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/picio05LQieYJOr_p2nKdI8qHSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.0.0/18
77.242.48.0/20
80.77.48.0/20
178.236.48.0/20
185.110.164.0/22
Signature Algorithm: sha256WithRSAEncryption
35:6b:91:29:cc:db:4c:02:1e:ac:0b:b9:e8:e6:b0:de:64:91:
77:73:32:15:19:a3:40:40:1b:82:70:f5:db:df:50:45:3f:48:
14:50:7e:cf:dd:19:ab:2a:cf:fb:ba:5d:1e:70:2e:5e:c2:5f:
c9:c2:45:20:d6:84:fc:19:b0:33:be:78:2a:b7:02:07:8f:70:
d8:8e:f3:cd:18:c1:35:2e:ed:80:db:17:87:4c:35:31:95:16:
5b:5e:cd:eb:93:97:ae:08:c9:03:95:85:da:bb:e7:2d:26:c1:
24:66:48:a1:52:83:d4:1b:70:54:c3:b2:90:fe:71:3c:46:cf:
1d:1c:06:9b:d6:bf:71:a0:cc:71:d8:87:0b:20:fc:e7:bb:45:
1c:f6:74:06:ca:b3:1c:6d:1f:22:8e:1a:35:65:06:45:f8:4a:
68:f7:a5:d5:2c:ef:32:06:cc:da:3e:a2:a2:0d:f0:4e:c8:a2:
b8:8b:8d:c0:6a:11:af:7e:ec:41:56:8d:66:52:16:e2:a8:45:
11:25:17:a9:cf:f8:be:89:3c:00:4f:08:1e:81:0a:80:3a:06:
11:5a:8c:8b:32:b8:ed:3c:1e:93:26:2b:e3:ef:91:e1:ef:74:
11:e2:f6:5f:10:0b:11:a8:51:37:90:61:60:94:2c:48:46:46:
04:7b:f8:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3QBRPLLgI5QsA44vpJ96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGUyN2ZhODg3OTA1ZTBjOWMxZjUzZjY3ZjIzZjI5NmQw
NDVmMGUwHhcNMjQwMTAxMTYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI3MjJhMzRlNGI0MjI3OTgyNGVhZmZhNzY5Y2E3NDhmMmExZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbIRnHGnY0kJWsqP5iyu0fGyPOyR
Qs6o+O3S7hMs30lm0Rxh6t8r3qdvk8iNcnUpk0V08nE2x+X8xJD0USiPmmeHKrqM
UTr9ftAH+4P5YZThbPLy1cfJubl4x4VyN+RNaWE+pOvvrgCVw9e1U6LHH1Vhkxmc
ITGDQP8E4vMQl1tJRr4y+i4cuZCMc+3UgbI8Dca2eCwbExfOW7bHfaWtYQCHzAQY
QLLnkWsw49PpGQsT6pHMpbnv49aBxYU/7Tc00sZMxuQHjU/RF4CB3OoUHp/Bmrzy
MTzPcrtT6/LJKyJ2PzsDlk0sHQXoZeYEUx2dWGrlYAmN7gcFmPP6iAGx1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKYnIqNOS0InmCTq/6dpynSPKh0rMB8GA1UdIwQY
MBaAFELeJ/qIeQXgycH1P2fyPyltBF8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQt
ZDI5YjdkNDc4NjMxLzEvcGljaW8wNUxRaWVZSk9yX3AybktkSThxSFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQtZDI5YjdkNDc4NjMx
LzEvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGH8AAAwQE
TfIwAwQEUE0wAwQEsuwwAwQCuW6kMA0GCSqGSIb3DQEBCwUAA4IBAQA1a5EpzNtM
Ah6sC7no5rDeZJF3czIVGaNAQBuCcPXb31BFP0gUUH7P3RmrKs/7ul0ecC5ewl/J
wkUg1oT8GbAzvngqtwIHj3DYjvPNGME1Lu2A2xeHTDUxlRZbXs3rk5euCMkDlYXa
u+ctJsEkZkihUoPUG3BUw7KQ/nE8Rs8dHAab1r9xoMxx2IcLIPznu0Uc9nQGyrMc
bR8ijho1ZQZF+Epo96XVLO8yBszaPqKiDfBOyKK4i43AahGvfuxBVo1mUhbiqEUR
JRepz/i+iTwATwgegQqAOgYRWoyLMrjtPB6TJivj75Hh73QR4vZfEAsRqFE3kGFg
lCxIRkYEe/hm
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:12:04 2024 by rpki-client on console-fra.rpki-client.org