Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/ef2192-f2d9-4a56-93f6-17382539b000/1/8D4_cs3El7iMnocmOE0P9fDWbGM.roa
File: 8D4_cs3El7iMnocmOE0P9fDWbGM.roa (raw, json)
Hash identifier: EF6oh36rQUWBSR4sj1xINR215tCyltEhPZYCKNWyilI=
Subject key identifier: F0:3E:3F:72:CD:C4:97:B8:8C:9E:87:26:38:4D:0F:F5:F0:D6:6C:63
Certificate issuer: /CN=b30515f47da925d9f9013808aa9113c2bde96d9a
Certificate serial: 01941FFA01DC94583D8C6F67CCEDBEFF8D3F
Authority key identifier: B3:05:15:F4:7D:A9:25:D9:F9:01:38:08:AA:91:13:C2:BD:E9:6D:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swUV9H2pJdn5ATgIqpETwr3pbZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/ef2192-f2d9-4a56-93f6-17382539b000/1/8D4_cs3El7iMnocmOE0P9fDWbGM.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201661
IP address blocks: 185.53.152.0/22 maxlen: 22
2a04:cdc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/ef2192-f2d9-4a56-93f6-17382539b000/1/swUV9H2pJdn5ATgIqpETwr3pbZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/ef2192-f2d9-4a56-93f6-17382539b000/1/swUV9H2pJdn5ATgIqpETwr3pbZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/swUV9H2pJdn5ATgIqpETwr3pbZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jan 2025 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:01:dc:94:58:3d:8c:6f:67:cc:ed:be:ff:8d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30515f47da925d9f9013808aa9113c2bde96d9a
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f03e3f72cdc497b88c9e8726384d0ff5f0d66c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:21:e4:ff:37:eb:86:57:f0:b7:e6:29:db:d1:
6d:6d:07:ef:38:5f:85:b4:4f:e7:63:78:86:6d:19:
fb:01:55:15:8c:15:92:a1:13:c3:54:ed:63:59:73:
cf:15:d3:5b:b3:57:83:18:f7:13:05:e4:3f:7a:90:
8e:71:31:dd:b3:3b:30:ab:36:85:df:fa:df:65:72:
1d:e0:3f:ca:c4:78:3f:6b:eb:9e:04:03:4b:63:49:
98:12:c2:97:47:51:37:89:70:01:23:40:64:48:a7:
ee:14:09:3f:c4:ea:39:24:2f:63:55:19:f3:a9:58:
89:53:80:b8:91:6c:72:ea:d5:47:cf:ad:19:72:6e:
77:07:b4:e0:b6:57:f2:12:be:f7:9f:e8:b8:7d:3b:
5c:0c:c4:ca:a6:f6:4e:94:ec:2a:c5:71:de:9a:39:
fd:c7:82:d4:6f:b5:e6:be:7d:3e:a1:77:f6:db:73:
4e:3e:10:93:c2:d5:0c:76:7e:6c:11:e9:c5:51:bc:
b3:aa:82:2a:b6:3b:55:20:62:ef:cd:79:20:17:b8:
27:62:81:3e:fb:d7:07:1a:c4:37:fc:f1:09:23:4e:
2e:3f:44:70:d3:ce:78:60:9d:01:d9:c0:b9:9a:43:
e5:d0:10:1d:86:e7:a3:07:7e:35:e8:bf:53:21:88:
42:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3E:3F:72:CD:C4:97:B8:8C:9E:87:26:38:4D:0F:F5:F0:D6:6C:63
X509v3 Authority Key Identifier:
keyid:B3:05:15:F4:7D:A9:25:D9:F9:01:38:08:AA:91:13:C2:BD:E9:6D:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swUV9H2pJdn5ATgIqpETwr3pbZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ef2192-f2d9-4a56-93f6-17382539b000/1/8D4_cs3El7iMnocmOE0P9fDWbGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ef2192-f2d9-4a56-93f6-17382539b000/1/swUV9H2pJdn5ATgIqpETwr3pbZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.152.0/22
IPv6:
2a04:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
96:44:b8:f6:13:91:45:42:f9:59:32:5b:d4:6a:01:df:2c:9f:
a7:96:d2:8a:2c:6a:a1:b5:63:be:d2:f8:35:37:b5:bc:14:ea:
ce:2e:d7:3f:9b:81:83:76:86:4e:a8:92:07:3a:36:2d:32:3e:
b4:21:01:15:ac:80:ea:89:67:b0:95:e5:f1:dc:05:4b:43:df:
d2:d0:4e:0d:55:80:a2:30:21:ad:b3:85:01:81:db:b0:d9:d1:
51:7c:83:0a:a5:c3:39:68:3d:b0:b1:05:ad:a8:3c:e9:60:7c:
22:00:ab:a7:fb:9a:91:81:0e:4f:2f:43:e6:e5:bf:e2:7e:8f:
38:50:88:fa:40:44:aa:02:d2:e7:19:ac:03:b6:d9:07:f8:21:
a3:47:0a:4a:ba:d9:22:d4:b7:cf:50:84:04:dc:37:4f:fa:5a:
c1:7e:29:a2:25:8c:17:78:85:4b:52:55:a9:9a:92:49:89:86:
52:2d:35:eb:b6:15:1f:ec:9d:9d:78:15:08:d4:7c:8a:85:07:
ff:61:4f:23:2e:9f:c8:5a:05:f4:08:6d:eb:d5:8f:26:ae:2d:
86:42:fb:37:29:7d:a9:c1:06:0f:d2:63:28:2c:4e:30:af:fa:
bc:17:e9:6e:71:17:d8:91:6a:9f:53:04:31:1a:f2:af:e7:d8:
5f:98:11:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+gHclFg9jG9nzO2+/40/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDUxNWY0N2RhOTI1ZDlmOTAxMzgwOGFhOTExM2MyYmRl
OTZkOWEwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNlM2Y3MmNkYzQ5N2I4OGM5ZTg3MjYzODRkMGZmNWYwZDY2YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyHk/zfrhlfwt+Yp29FtbQfvOF+F
tE/nY3iGbRn7AVUVjBWSoRPDVO1jWXPPFdNbs1eDGPcTBeQ/epCOcTHdszswqzaF
3/rfZXId4D/KxHg/a+ueBANLY0mYEsKXR1E3iXABI0BkSKfuFAk/xOo5JC9jVRnz
qViJU4C4kWxy6tVHz60Zcm53B7TgtlfyEr73n+i4fTtcDMTKpvZOlOwqxXHemjn9
x4LUb7Xmvn0+oXf223NOPhCTwtUMdn5sEenFUbyzqoIqtjtVIGLvzXkgF7gnYoE+
+9cHGsQ3/PEJI04uP0Rw0854YJ0B2cC5mkPl0BAdhuejB3416L9TIYhCZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPA+P3LNxJe4jJ6HJjhND/Xw1mxjMB8GA1UdIwQY
MBaAFLMFFfR9qSXZ+QE4CKqRE8K96W2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dVVjlIMnBKZG41QVRnSXFwRVR3cjNwYlpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lZjIxOTItZjJkOS00YTU2LTkzZjYt
MTczODI1MzliMDAwLzEvOEQ0X2NzM0VsN2lNbm9jbU9FMFA5ZkRXYkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lZjIxOTItZjJkOS00YTU2LTkzZjYtMTczODI1MzliMDAw
LzEvc3dVVjlIMnBKZG41QVRnSXFwRVR3cjNwYlpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTWYMA0E
AgACMAcDBQMqBM3AMA0GCSqGSIb3DQEBCwUAA4IBAQCWRLj2E5FFQvlZMlvUagHf
LJ+nltKKLGqhtWO+0vg1N7W8FOrOLtc/m4GDdoZOqJIHOjYtMj60IQEVrIDqiWew
leXx3AVLQ9/S0E4NVYCiMCGts4UBgduw2dFRfIMKpcM5aD2wsQWtqDzpYHwiAKun
+5qRgQ5PL0Pm5b/ifo84UIj6QESqAtLnGawDttkH+CGjRwpKutki1LfPUIQE3DdP
+lrBfimiJYwXeIVLUlWpmpJJiYZSLTXrthUf7J2deBUI1HyKhQf/YU8jLp/IWgX0
CG3r1Y8mri2GQvs3KX2pwQYP0mMoLE4wr/q8F+lucRfYkWqfUwQxGvKv59hfmBGB
-----END CERTIFICATE-----
Generated at Fri Jan 3 23:03:02 2025 by rpki-client on console-ams.rpki-client.org