Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/SEcZb4R0u8MfgoJ7iNfrpjcmIVY.roa
File: SEcZb4R0u8MfgoJ7iNfrpjcmIVY.roa (raw, json)
Hash identifier: vNREnY4TFwEPTIPeFNGWrRS+cATOkp149qqiYdJAKGA=
Subject key identifier: 48:47:19:6F:84:74:BB:C3:1F:82:82:7B:88:D7:EB:A6:37:26:21:56
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019092E2CAA8EA95F27E8BE68DCDB4EF37D8
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/SEcZb4R0u8MfgoJ7iNfrpjcmIVY.roa
Signing time: Mon 08 Jul 2024 15:07:34 +0000
ROA not before: Mon 08 Jul 2024 15:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
193.32.186.0/23 maxlen: 23
212.107.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:e2:ca:a8:ea:95:f2:7e:8b:e6:8d:cd:b4:ef:37:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jul 8 15:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4847196f8474bbc31f82827b88d7eba637262156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:39:22:ec:8d:d7:96:af:40:17:ff:74:a8:bf:
14:f8:bf:74:f4:e0:88:2e:35:b4:c2:1e:a0:cd:c7:
eb:41:dd:db:bb:81:c5:da:8f:68:bf:05:fb:60:da:
35:ba:b5:c4:22:f3:03:79:9d:39:f9:1b:04:42:60:
c8:d0:d6:bd:6e:5c:92:e4:db:ce:b4:6f:d7:5b:5c:
2d:da:c5:f9:ba:f4:b4:a8:4f:17:fa:ca:f7:d3:3c:
91:50:82:d0:33:13:0d:7e:bd:ff:dd:6f:ec:4b:e4:
1c:09:05:a7:b4:60:24:88:51:30:c1:90:80:54:ac:
99:35:ba:f1:14:22:a7:50:57:ba:bb:4c:fd:96:cd:
18:67:cd:5e:c6:e7:5b:8a:ac:7e:49:67:69:28:72:
19:df:12:6e:76:e0:e2:00:6d:3d:8c:3a:36:4d:6b:
68:97:bb:10:23:df:e5:fc:cd:4d:6b:5a:45:6a:33:
c8:9a:f2:6f:8b:e1:a0:51:53:79:63:36:8a:27:57:
6c:7e:4a:16:98:63:f1:ef:81:61:31:dc:21:fe:6b:
98:5a:96:20:ab:5c:b2:65:4b:cc:27:36:7a:db:53:
1f:ba:50:58:60:16:2e:29:09:1e:28:51:0a:b2:5b:
dd:d4:19:21:96:90:8f:85:c4:3c:76:49:de:f7:54:
cf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:47:19:6F:84:74:BB:C3:1F:82:82:7B:88:D7:EB:A6:37:26:21:56
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/SEcZb4R0u8MfgoJ7iNfrpjcmIVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.160.0/22
92.249.60.0/22
188.119.68.0/22
193.32.186.0/23
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
71:b1:3a:54:c4:1b:5f:4c:1b:07:25:19:9a:dd:0b:60:80:d3:
54:8c:bd:5d:e3:3a:8d:48:22:c2:4c:89:1a:dd:04:b2:0e:be:
6b:62:13:d5:56:01:63:5c:b9:b0:a8:3b:73:39:27:4b:bb:04:
5f:6c:fc:4d:1d:5a:ca:cb:ba:b1:e1:08:d5:a3:be:6d:da:5c:
80:79:d5:f4:43:dc:88:e5:1e:ca:e0:3d:5e:3e:6e:e2:ba:d6:
9d:50:3b:48:e4:52:ef:18:63:d7:80:26:62:71:8e:9f:fc:5b:
fb:1d:a3:a0:e1:d9:83:4b:8b:78:9c:6c:93:6d:e0:28:14:0d:
06:30:95:e5:8a:ed:dd:f6:a5:d5:78:4f:6b:de:58:5c:6a:19:
02:5b:bb:24:c0:7f:7a:03:9e:83:60:ac:f3:05:66:a2:76:e4:
83:c2:1b:d9:68:ea:50:29:11:32:42:d6:3e:a7:98:40:ef:42:
2e:60:6d:a9:10:4b:02:b3:8c:eb:91:9e:98:98:9c:b7:4a:02:
97:b6:a8:d1:c4:f5:67:2d:fc:6a:b1:f2:e1:62:a2:5c:6e:1c:
fa:96:b4:de:70:d0:33:4b:92:f1:ab:ee:21:11:fb:c4:be:d0:
00:4f:8d:54:92:b6:68:75:ba:e5:1c:e8:45:e6:84:45:ed:1a:
f0:12:f8:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCS4sqo6pXyfovmjc207zfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNzA4MTUwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQ3MTk2Zjg0NzRiYmMzMWY4MjgyN2I4OGQ3ZWJhNjM3MjYyMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzki7I3Xlq9AF/90qL8U+L909OCI
LjW0wh6gzcfrQd3bu4HF2o9ovwX7YNo1urXEIvMDeZ05+RsEQmDI0Na9blyS5NvO
tG/XW1wt2sX5uvS0qE8X+sr30zyRUILQMxMNfr3/3W/sS+QcCQWntGAkiFEwwZCA
VKyZNbrxFCKnUFe6u0z9ls0YZ81exudbiqx+SWdpKHIZ3xJuduDiAG09jDo2TWto
l7sQI9/l/M1Na1pFajPImvJvi+GgUVN5YzaKJ1dsfkoWmGPx74FhMdwh/muYWpYg
q1yyZUvMJzZ621MfulBYYBYuKQkeKFEKslvd1BkhlpCPhcQ8dkne91TP8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEhHGW+EdLvDH4KCe4jX66Y3JiFWMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvU0VjWmI0UjB1OE1mZ29KN2lOZnJwamNtSVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVQigAwQC
XPk8AwQCvHdEAwQBwSC6AwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQBxsTpUxBtf
TBsHJRma3QtggNNUjL1d4zqNSCLCTIka3QSyDr5rYhPVVgFjXLmwqDtzOSdLuwRf
bPxNHVrKy7qx4QjVo75t2lyAedX0Q9yI5R7K4D1ePm7iutadUDtI5FLvGGPXgCZi
cY6f/Fv7HaOg4dmDS4t4nGyTbeAoFA0GMJXliu3d9qXVeE9r3lhcahkCW7skwH96
A56DYKzzBWaiduSDwhvZaOpQKREyQtY+p5hA70IuYG2pEEsCs4zrkZ6YmJy3SgKX
tqjRxPVnLfxqsfLhYqJcbhz6lrTecNAzS5Lxq+4hEfvEvtAAT41UkrZodbrlHOhF
5oRF7RrwEviP
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:54 2024 by rpki-client on console-fra.rpki-client.org