Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/AB8EtzxNfT5oeqpvtnO460UqWVc.roa
File: AB8EtzxNfT5oeqpvtnO460UqWVc.roa (raw, json)
Hash identifier: 5BVvxSnRq0fWXm+ydzxlFwjQhBuNd0YsNJJRFVctpLU=
Subject key identifier: 00:1F:04:B7:3C:4D:7D:3E:68:7A:AA:6F:B6:73:B8:EB:45:2A:59:57
Certificate issuer: /CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Certificate serial: 018CC8016DBFC8D2964B96B1C8E2CE9CF5CD
Authority key identifier: 41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/AB8EtzxNfT5oeqpvtnO460UqWVc.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41296
IP address blocks: 193.32.57.0/24 maxlen: 24
194.24.168.0/23 maxlen: 24
5.159.252.0/24 maxlen: 24
5.159.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6d:bf:c8:d2:96:4b:96:b1:c8:e2:ce:9c:f5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=001f04b73c4d7d3e687aaa6fb673b8eb452a5957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1a:43:e5:42:27:5c:d4:be:55:f9:26:57:ac:
fd:ef:0d:43:f0:0a:3f:34:e6:c8:ba:40:b3:80:1f:
9b:a5:60:1a:a6:50:fb:c5:94:37:80:13:6b:30:12:
c2:a0:20:a3:cf:fc:67:3a:eb:db:45:ff:d4:e7:ee:
bb:38:f6:09:8e:a2:ea:0a:02:5d:48:bb:b9:0c:ec:
31:73:31:6f:89:5c:97:c8:c0:20:0e:42:3b:f3:e4:
ce:87:7f:87:ec:51:d8:a4:99:e6:0b:e1:f2:2c:ee:
b8:f8:08:1f:f1:6e:aa:84:b5:16:7a:9e:ee:53:30:
0b:6c:c1:e7:3b:17:f3:f9:58:4a:da:3f:cc:64:24:
b8:42:3a:42:25:da:54:d3:94:17:6a:8b:3f:15:ca:
01:90:59:bd:e8:90:56:8c:83:86:c6:9b:44:3b:4b:
b2:28:17:8b:38:90:aa:c6:ca:0b:71:03:22:4c:b5:
6a:46:c1:86:6a:3f:89:84:c0:f7:9f:64:fd:07:61:
1c:bc:ec:f8:7d:0d:c1:21:31:e4:3c:8f:d3:ef:f6:
21:c1:a2:bf:9d:3b:82:35:58:59:5e:29:bb:1d:38:
c4:72:15:03:dc:15:78:ce:97:a7:19:02:19:65:59:
34:3b:f3:e3:6c:68:79:08:67:65:27:a7:20:0e:7f:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:1F:04:B7:3C:4D:7D:3E:68:7A:AA:6F:B6:73:B8:EB:45:2A:59:57
X509v3 Authority Key Identifier:
keyid:41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/AB8EtzxNfT5oeqpvtnO460UqWVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.248.0/21
193.32.57.0/24
194.24.168.0/23
Signature Algorithm: sha256WithRSAEncryption
20:da:c1:66:50:b4:59:71:18:90:5d:02:8d:dc:e5:01:1f:68:
3a:1b:f9:5e:98:7a:4e:9f:8a:a9:8f:9a:7c:33:14:26:b1:07:
f8:a3:8f:c3:95:2a:c2:55:85:12:46:85:37:05:29:4d:27:8c:
42:e1:99:10:27:90:e2:b6:78:77:06:86:4a:7a:1f:7a:59:32:
67:6b:e6:70:73:8b:cc:cd:4d:c2:29:59:5d:da:81:72:35:da:
e9:bc:17:23:61:fb:23:14:86:e8:94:9c:c7:15:d2:ef:77:3f:
de:69:1c:8f:6b:f8:12:f9:00:0a:c5:f5:e1:ce:dc:7a:96:3a:
4e:90:1a:31:6a:56:f1:a3:25:c2:a3:21:f1:06:1c:74:ea:54:
2d:b9:6e:8c:3e:e2:1b:22:cb:25:f2:06:5e:8e:9c:63:7a:0f:
1f:30:dd:33:bb:45:68:12:22:73:35:38:3a:f0:28:92:79:57:
54:e9:1c:d2:33:2c:79:d6:e0:2a:6e:0b:7a:77:3d:e4:04:79:
62:41:55:6f:ac:ef:fc:fc:00:62:9c:11:8d:9a:47:45:19:db:
b3:bf:a7:ca:20:48:e4:8c:c2:68:b5:81:a7:b5:36:ca:01:a8:
d0:47:95:d8:a4:8d:82:9f:24:7f:07:dc:57:48:b6:51:19:8e:
57:ca:b9:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAW2/yNKWS5axyOLOnPXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZmI2YjE3MDgzMzUwMDZiMGE2YWFjNjUwYmZhZmYzZmM4
ZDI5MmMwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDFmMDRiNzNjNGQ3ZDNlNjg3YWFhNmZiNjczYjhlYjQ1MmE1OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBpD5UInXNS+VfkmV6z97w1D8Ao/
NObIukCzgB+bpWAaplD7xZQ3gBNrMBLCoCCjz/xnOuvbRf/U5+67OPYJjqLqCgJd
SLu5DOwxczFviVyXyMAgDkI78+TOh3+H7FHYpJnmC+HyLO64+Agf8W6qhLUWep7u
UzALbMHnOxfz+VhK2j/MZCS4QjpCJdpU05QXaos/FcoBkFm96JBWjIOGxptEO0uy
KBeLOJCqxsoLcQMiTLVqRsGGaj+JhMD3n2T9B2EcvOz4fQ3BITHkPI/T7/YhwaK/
nTuCNVhZXim7HTjEchUD3BV4zpenGQIZZVk0O/PjbGh5CGdlJ6cgDn/rqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAAfBLc8TX0+aHqqb7ZzuOtFKllXMB8GA1UdIwQY
MBaAFEH7axcIM1AGsKaqxlC/r/P8jSksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMt
MDRjODJlZDZlZDRjLzEvQUI4RXR6eE5mVDVvZXFwdnRuTzQ2MFVxV1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMtMDRjODJlZDZlZDRj
LzEvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBZ/4AwQA
wSA5AwQBwhioMA0GCSqGSIb3DQEBCwUAA4IBAQAg2sFmULRZcRiQXQKN3OUBH2g6
G/lemHpOn4qpj5p8MxQmsQf4o4/DlSrCVYUSRoU3BSlNJ4xC4ZkQJ5Ditnh3BoZK
eh96WTJna+Zwc4vMzU3CKVld2oFyNdrpvBcjYfsjFIbolJzHFdLvdz/eaRyPa/gS
+QAKxfXhztx6ljpOkBoxalbxoyXCoyHxBhx06lQtuW6MPuIbIssl8gZejpxjeg8f
MN0zu0VoEiJzNTg68CiSeVdU6RzSMyx51uAqbgt6dz3kBHliQVVvrO/8/ABinBGN
mkdFGduzv6fKIEjkjMJotYGntTbKAajQR5XYpI2CnyR/B9xXSLZRGY5Xyrnj
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:39 2024 by rpki-client on console-fra.rpki-client.org