Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/RsT8vekm3g1J2L4kTcqyFoPSNNE.roa
File: RsT8vekm3g1J2L4kTcqyFoPSNNE.roa (raw, json)
Hash identifier: Q8169v9MPBodPxuXj5b5spTi/8levlrcV0XdF/7YDR0=
Subject key identifier: 46:C4:FC:BD:E9:26:DE:0D:49:D8:BE:24:4D:CA:B2:16:83:D2:34:D1
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E0A734F17060C6EDFD49E686124BA
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/RsT8vekm3g1J2L4kTcqyFoPSNNE.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 193.93.192.0/22 maxlen: 24
91.243.88.0/22 maxlen: 22
91.243.92.0/22 maxlen: 22
31.184.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 12:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0a:73:4f:17:06:0c:6e:df:d4:9e:68:61:24:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c4fcbde926de0d49d8be244dcab21683d234d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2a:e5:54:53:74:45:97:1f:6f:01:57:ae:e3:
e8:8d:d8:e9:9b:1e:de:01:f1:d4:dc:75:55:84:04:
92:b3:ad:13:62:24:84:4f:79:c2:f2:8a:5a:97:50:
6e:fb:7c:63:2a:23:9c:bd:b9:7a:99:59:21:d7:87:
a5:e3:80:b4:2d:52:2f:15:d8:12:ef:bd:53:89:cd:
eb:98:b2:d0:be:86:01:c5:03:90:e4:21:e4:75:95:
8a:a6:62:5e:a5:4f:41:be:8a:78:5f:5d:39:99:cb:
bc:88:f0:ed:ab:24:d8:b2:87:c9:2b:5b:a8:56:30:
5d:cc:17:d7:bc:60:5d:30:3d:02:ea:c2:61:90:a3:
d4:b5:2a:6d:13:8b:8f:08:9e:01:2e:48:95:5b:7f:
39:c7:30:ae:a2:60:14:8f:b9:78:5a:5a:a4:50:86:
14:24:49:fb:bc:1c:38:67:86:db:5d:3b:d3:dd:23:
05:9b:2a:f5:10:54:ab:3b:63:99:09:92:e4:0e:63:
16:63:85:2d:f9:12:d9:1d:af:b8:b4:08:c4:dc:ac:
ae:bc:f3:c0:4b:1b:b1:2e:0a:c8:ac:57:3e:83:d4:
d8:ef:8d:e2:21:3d:64:b2:14:19:4c:1c:0a:b2:79:
79:21:cb:7f:fa:7d:e6:06:03:2d:70:28:eb:c7:6b:
0b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C4:FC:BD:E9:26:DE:0D:49:D8:BE:24:4D:CA:B2:16:83:D2:34:D1
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/RsT8vekm3g1J2L4kTcqyFoPSNNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.184.242.0/24
91.243.88.0/21
193.93.192.0/22
Signature Algorithm: sha256WithRSAEncryption
66:4e:5f:02:ea:dd:5d:37:3b:83:a4:50:2a:62:f1:77:be:0b:
9d:90:f6:d2:17:16:c9:40:65:79:11:b4:76:5b:2b:67:c8:60:
a0:1e:1e:e2:1e:f2:b4:93:a5:1a:61:12:56:66:ab:3f:88:30:
f9:c8:1c:b9:21:11:41:08:1a:e7:93:61:66:44:ca:e6:62:15:
a0:c3:7b:b9:64:5a:86:b3:df:45:00:7f:62:65:7d:93:3e:f3:
32:d3:f6:45:eb:01:e5:4c:10:b3:f0:bf:b2:65:ce:93:90:0b:
98:e3:78:bd:4d:23:05:58:63:e9:9f:ab:7e:26:75:3e:69:9b:
71:e0:2e:7f:be:e7:68:0e:7d:38:03:7d:69:ed:88:7e:c1:d0:
c4:91:52:96:a0:ad:58:5e:1e:9b:7f:9e:ba:f4:56:2c:1b:1d:
26:60:9d:3e:a8:f0:cd:ef:79:23:27:0a:be:ac:d0:00:b9:93:
9a:0a:f0:b0:cb:42:17:54:41:03:48:1c:19:0a:72:20:87:ec:
37:b0:c4:3a:5d:7b:e6:7d:a4:84:4a:55:46:87:b2:be:83:09:
b8:63:90:a1:a9:06:f9:f5:d2:18:b9:ec:50:c2:a9:7b:4d:74:
59:a2:a9:f4:53:8f:28:e3:15:5e:34:48:30:06:5a:b4:c4:ca:
87:36:99:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbgpzTxcGDG7f1J5oYSS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM0ZmNiZGU5MjZkZTBkNDlkOGJlMjQ0ZGNhYjIxNjgzZDIzNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnirlVFN0RZcfbwFXruPojdjpmx7e
AfHU3HVVhASSs60TYiSET3nC8opal1Bu+3xjKiOcvbl6mVkh14el44C0LVIvFdgS
771Tic3rmLLQvoYBxQOQ5CHkdZWKpmJepU9Bvop4X105mcu8iPDtqyTYsofJK1uo
VjBdzBfXvGBdMD0C6sJhkKPUtSptE4uPCJ4BLkiVW385xzCuomAUj7l4WlqkUIYU
JEn7vBw4Z4bbXTvT3SMFmyr1EFSrO2OZCZLkDmMWY4Ut+RLZHa+4tAjE3KyuvPPA
SxuxLgrIrFc+g9TY743iIT1kshQZTBwKsnl5Ict/+n3mBgMtcCjrx2sLWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEbE/L3pJt4NSdi+JE3KshaD0jTRMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvUnNUOHZla20zZzFKMkw0a1RjcXlGb1BTTk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH7jyAwQD
W/NYAwQCwV3AMA0GCSqGSIb3DQEBCwUAA4IBAQBmTl8C6t1dNzuDpFAqYvF3vgud
kPbSFxbJQGV5EbR2WytnyGCgHh7iHvK0k6UaYRJWZqs/iDD5yBy5IRFBCBrnk2Fm
RMrmYhWgw3u5ZFqGs99FAH9iZX2TPvMy0/ZF6wHlTBCz8L+yZc6TkAuY43i9TSMF
WGPpn6t+JnU+aZtx4C5/vudoDn04A31p7Yh+wdDEkVKWoK1YXh6bf5669FYsGx0m
YJ0+qPDN73kjJwq+rNAAuZOaCvCwy0IXVEEDSBwZCnIgh+w3sMQ6XXvmfaSESlVG
h7K+gwm4Y5ChqQb59dIYuexQwql7TXRZoqn0U48o4xVeNEgwBlq0xMqHNpkc
-----END CERTIFICATE-----
Generated at Tue May 7 18:22:26 2024 by rpki-client on console-fra.rpki-client.org