Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/jaDfi9fblOGNu47vnUSri-SiRB0.roa
File: jaDfi9fblOGNu47vnUSri-SiRB0.roa (raw, json)
Hash identifier: pqZYNrESMftMpFd+mCGSKqEfQr+ZUyWY/nGRk2vJG0o=
Subject key identifier: 8D:A0:DF:8B:D7:DB:94:E1:8D:BB:8E:EF:9D:44:AB:8B:E4:A2:44:1D
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018D647290D95F6C89DAEF98983026A92FD3
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/jaDfi9fblOGNu47vnUSri-SiRB0.roa
Signing time: Thu 01 Feb 2024 11:34:06 +0000
ROA not before: Thu 01 Feb 2024 11:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33438
IP address blocks: 193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 19:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:72:90:d9:5f:6c:89:da:ef:98:98:30:26:a9:2f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Feb 1 11:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da0df8bd7db94e18dbb8eef9d44ab8be4a2441d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:a6:69:4f:c2:96:8f:1c:7f:8a:e8:c0:a3:
0c:db:2a:ac:30:5e:3f:f6:41:bc:b6:86:16:78:0f:
2d:8a:0d:7c:fe:50:08:ff:27:f5:79:77:0c:a2:7c:
5c:9b:f8:d6:9b:6e:d0:2c:00:30:ce:c7:35:59:8a:
fa:79:bf:81:6a:d7:b1:76:ca:7d:03:d9:ce:73:35:
98:b0:ee:53:2a:0f:91:aa:44:61:aa:df:e8:66:61:
57:c3:0d:a8:ea:c3:88:8f:4b:59:ef:9f:68:61:9d:
02:08:68:8f:e2:1a:2b:75:c6:0e:a5:5f:88:c4:2b:
c2:f9:fe:1e:5d:f2:04:6f:d9:f5:eb:fa:08:d0:45:
46:ae:4e:4e:33:f4:c1:8d:15:6c:48:29:42:bd:96:
2c:23:92:b0:0a:92:5d:bd:dc:20:7d:94:cc:9c:23:
ee:f2:11:98:e7:48:19:8d:5e:33:7d:d0:6b:0b:25:
9d:b0:e0:d2:55:c7:01:0b:9a:2a:2c:e8:98:2a:fd:
9d:9b:da:d1:b8:73:16:95:a5:da:52:1b:1f:e3:40:
07:49:25:03:0d:91:f2:f9:95:44:a7:f1:d0:b7:20:
14:fa:d2:94:31:a8:d6:7d:11:b9:e4:c2:8e:6d:44:
40:3a:24:eb:f8:f2:4a:ce:20:9d:cf:db:12:0a:69:
dd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A0:DF:8B:D7:DB:94:E1:8D:BB:8E:EF:9D:44:AB:8B:E4:A2:44:1D
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/jaDfi9fblOGNu47vnUSri-SiRB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:aa:01:88:5f:bd:8b:08:62:47:5c:64:aa:db:a4:3f:0f:e7:
fc:b8:7b:11:3a:0f:82:19:7e:74:cc:c3:63:f4:85:37:0f:12:
79:e3:88:19:f6:2d:53:c4:e2:1b:5e:24:64:1c:3c:6e:25:b4:
1b:71:a8:87:89:a9:76:fd:20:85:94:1e:a6:ca:0d:d9:a5:23:
7f:74:e9:df:85:04:e5:cd:47:7a:66:50:97:7d:93:33:ee:b7:
21:40:44:e2:5a:59:f3:7d:c0:01:31:6f:7e:29:dc:64:e8:27:
7a:ea:9c:72:da:07:06:ab:14:8d:e1:f3:b4:c7:27:f0:98:23:
ef:2c:3a:84:f0:f5:37:68:7c:6c:84:fb:16:c5:19:0c:07:fc:
61:c1:01:8a:ef:58:5e:cd:1b:29:e5:f8:9e:6d:b3:c7:28:52:
14:e9:30:02:5b:16:5f:72:26:f2:ce:f4:a7:71:13:c0:4e:df:
69:cf:51:a4:e8:c6:0d:ab:83:cd:79:61:7b:7a:20:31:35:05:
c9:98:89:70:1e:e3:dd:de:13:2e:03:ca:24:5d:c2:6f:d9:11:
69:ce:2a:73:24:d7:00:75:35:c5:9e:85:30:c9:89:39:f0:c7:
c0:18:92:73:0c:b8:3d:6e:d9:bb:6d:7c:a3:fc:53:c3:a1:17:
a3:d0:b3:2a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY1kcpDZX2yJ2u+YmDAmqS/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMjAxMTEzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGEwZGY4YmQ3ZGI5NGUxOGRiYjhlZWY5ZDQ0YWI4YmU0YTI0NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT6maU/Clo8cf4rowKMM2yqsMF4/
9kG8toYWeA8tig18/lAI/yf1eXcMonxcm/jWm27QLAAwzsc1WYr6eb+Batexdsp9
A9nOczWYsO5TKg+RqkRhqt/oZmFXww2o6sOIj0tZ759oYZ0CCGiP4hordcYOpV+I
xCvC+f4eXfIEb9n16/oI0EVGrk5OM/TBjRVsSClCvZYsI5KwCpJdvdwgfZTMnCPu
8hGY50gZjV4zfdBrCyWdsODSVccBC5oqLOiYKv2dm9rRuHMWlaXaUhsf40AHSSUD
DZHy+ZVEp/HQtyAU+tKUMajWfRG55MKObURAOiTr+PJKziCdz9sSCmndrQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFI2g34vX25ThjbuO751Eq4vkokQdMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvamFEZmk5ZmJsT0dOdTQ3dm5VU3JpLVNpUkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQAwYrcAwQB
w8hUMBoEAgACMBQwEgMHASoBB4iqqgMHACoBB4iqrDANBgkqhkiG9w0BAQsFAAOC
AQEAjqoBiF+9iwhiR1xkqtukPw/n/Lh7EToPghl+dMzDY/SFNw8SeeOIGfYtU8Ti
G14kZBw8biW0G3Goh4mpdv0ghZQepsoN2aUjf3Tp34UE5c1HemZQl32TM+63IUBE
4lpZ833AATFvfincZOgneuqcctoHBqsUjeHztMcn8Jgj7yw6hPD1N2h8bIT7FsUZ
DAf8YcEBiu9YXs0bKeX4nm2zxyhSFOkwAlsWX3Im8s70p3ETwE7fac9RpOjGDauD
zXlhe3ogMTUFyZiJcB7j3d4TLgPKJF3Cb9kRac4qcyTXAHU1xZ6FMMmJOfDHwBiS
cwy4PW7Zu218o/xTw6EXo9CzKg==
-----END CERTIFICATE-----
Generated at Sun May 12 22:45:18 2024 by rpki-client on console-ams.rpki-client.org