Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/0mDiaDYyRJiWdLaXPxyfpeJIDcA.roa
File: 0mDiaDYyRJiWdLaXPxyfpeJIDcA.roa (raw, json)
Hash identifier: BeEKTolBU+sYISRyoaySXzDow5kGSJPVLeLdiYrlTjE=
Subject key identifier: D2:60:E2:68:36:32:44:98:96:74:B6:97:3F:1C:9F:A5:E2:48:0D:C0
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 01902ABBE171D093C25DB74C2A23E0A2F7BB
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/0mDiaDYyRJiWdLaXPxyfpeJIDcA.roa
Signing time: Tue 18 Jun 2024 09:44:34 +0000
ROA not before: Tue 18 Jun 2024 09:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34343
IP address blocks: 85.12.56.0/24 maxlen: 24
91.148.192.0/24 maxlen: 24
91.148.224.0/22 maxlen: 24
91.148.228.0/22 maxlen: 24
91.148.232.0/22 maxlen: 24
91.148.236.0/22 maxlen: 24
91.148.240.0/22 maxlen: 24
91.148.244.0/22 maxlen: 24
176.124.71.0/24 maxlen: 24
185.91.29.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:bb:e1:71:d0:93:c2:5d:b7:4c:2a:23:e0:a2:f7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jun 18 09:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d260e268363244989674b6973f1c9fa5e2480dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:47:5a:ec:2d:48:5d:99:4a:fa:62:b3:dc:62:
23:b2:3f:d7:7f:a7:e0:e6:f7:6e:4e:5b:11:a9:91:
61:c5:0d:e7:e4:bd:43:66:24:08:40:44:09:04:c4:
cc:db:98:e0:70:13:fb:31:5f:69:02:69:92:70:76:
23:f8:b6:cb:63:31:01:44:b6:b7:ec:e4:7e:38:0a:
ff:fb:8d:b2:12:34:3d:13:3f:43:38:a3:5e:6c:a5:
69:ad:fa:c9:75:02:c2:88:83:20:51:c9:bf:9a:7a:
c1:45:7b:d0:e9:44:31:bd:05:83:76:1f:0c:0d:00:
42:f8:90:ce:e9:9c:97:fc:f9:ec:81:8f:2b:9f:33:
4b:a2:5e:38:bd:f3:92:c1:7c:cb:85:c5:90:37:de:
7b:96:b6:c7:b8:52:f4:13:cc:4d:03:1a:f2:0d:ef:
6b:74:bf:dc:17:b5:0a:49:93:30:08:98:de:19:bc:
d5:25:b5:cd:ef:fb:32:f7:0e:45:cd:7f:5a:c3:0d:
42:43:f0:db:bb:ea:8d:08:ea:6e:e7:17:72:39:5a:
7c:84:e7:70:c8:f9:ef:da:d6:db:21:b9:77:65:bc:
53:85:7e:12:87:3d:dd:fd:4f:6a:3a:e9:f6:49:82:
b0:87:0e:55:fd:52:0e:6d:9c:1c:30:49:2f:b8:a6:
c2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:60:E2:68:36:32:44:98:96:74:B6:97:3F:1C:9F:A5:E2:48:0D:C0
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/0mDiaDYyRJiWdLaXPxyfpeJIDcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.56.0/24
91.148.192.0/24
91.148.224.0-91.148.247.255
176.124.71.0/24
185.91.29.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:71:84:b1:8a:66:f5:ac:18:41:06:59:a3:f3:fd:86:1c:1a:
ad:48:89:ec:06:fc:b5:b0:9d:0d:f1:c6:2c:bb:18:96:76:90:
fa:c9:ab:e5:59:78:0c:56:a2:8e:e3:6c:41:7f:7a:cd:a7:52:
37:38:68:ed:2d:5c:60:05:8a:48:87:a2:6d:70:47:19:b5:b6:
7c:8f:55:29:de:30:3c:29:3d:af:33:6b:4a:16:f5:4a:58:9c:
f1:56:5c:bc:19:f3:bc:9f:ca:39:cd:4d:25:93:6a:37:60:f4:
98:e3:ad:17:b8:c3:9a:bc:71:68:e4:52:bf:34:7b:73:6f:5e:
1e:fe:70:3f:5a:a4:73:99:ab:c5:59:4d:ec:28:37:8e:53:70:
34:20:f9:d6:06:dd:ab:a5:8b:bc:de:d2:a2:95:02:ac:1d:8d:
70:d8:96:45:03:c8:a4:ff:6c:47:96:36:f6:b0:af:82:53:4d:
13:d4:42:b4:e5:1f:a9:dd:b1:62:aa:76:95:0c:b3:61:3c:fb:
aa:29:0d:69:1a:c7:9c:6e:d8:67:ee:df:9d:81:fa:ef:91:16:
ce:8a:0a:37:0e:dc:d7:ee:79:46:0b:1c:12:fd:16:87:91:78:
7c:82:cc:38:1b:9f:fe:22:ea:96:60:00:5c:5e:38:7b:de:fe:
a6:dd:f0:96
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZAqu+Fx0JPCXbdMKiPgove7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwNjE4MDk0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjYwZTI2ODM2MzI0NDk4OTY3NGI2OTczZjFjOWZhNWUyNDgwZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkda7C1IXZlK+mKz3GIjsj/Xf6fg
5vduTlsRqZFhxQ3n5L1DZiQIQEQJBMTM25jgcBP7MV9pAmmScHYj+LbLYzEBRLa3
7OR+OAr/+42yEjQ9Ez9DOKNebKVprfrJdQLCiIMgUcm/mnrBRXvQ6UQxvQWDdh8M
DQBC+JDO6ZyX/PnsgY8rnzNLol44vfOSwXzLhcWQN957lrbHuFL0E8xNAxryDe9r
dL/cF7UKSZMwCJjeGbzVJbXN7/sy9w5FzX9aww1CQ/Dbu+qNCOpu5xdyOVp8hOdw
yPnv2tbbIbl3ZbxThX4Shz3d/U9qOun2SYKwhw5V/VIObZwcMEkvuKbCjQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNJg4mg2MkSYlnS2lz8cn6XiSA3AMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvMG1EaWFEWXlSSmlXZExhWFB4eWZwZUpJRGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA4BAIAATAyAwQAVQw4AwQA
W5TAMAwDBAVblOADBANblPADBACwfEcDBAC5Wx0DBADBitwDBAHDyFQwGgQCAAIw
FDASAwcBKgEHiKqqAwcAKgEHiKqsMA0GCSqGSIb3DQEBCwUAA4IBAQBXcYSximb1
rBhBBlmj8/2GHBqtSInsBvy1sJ0N8cYsuxiWdpD6yavlWXgMVqKO42xBf3rNp1I3
OGjtLVxgBYpIh6JtcEcZtbZ8j1Up3jA8KT2vM2tKFvVKWJzxVly8GfO8n8o5zU0l
k2o3YPSY460XuMOavHFo5FK/NHtzb14e/nA/WqRzmavFWU3sKDeOU3A0IPnWBt2r
pYu83tKilQKsHY1w2JZFA8ik/2xHljb2sK+CU00T1EK05R+p3bFiqnaVDLNhPPuq
KQ1pGsecbthn7t+dgfrvkRbOigo3DtzX7nlGCxwS/RaHkXh8gsw4G5/+IuqWYABc
Xjh73v6m3fCW
-----END CERTIFICATE-----
Generated at Sun Sep 29 04:44:21 2024 by rpki-client on console-fra.rpki-client.org