Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rfHzSH2KMd7xZ3wvVhbMvbp7NIw.roa
File: rfHzSH2KMd7xZ3wvVhbMvbp7NIw.roa (raw, json)
Hash identifier: hkuR+n6Undig8/mPlzePNMEgWImW0nMV/reqWYsJoSE=
Subject key identifier: AD:F1:F3:48:7D:8A:31:DE:F1:67:7C:2F:56:16:CC:BD:BA:7B:34:8C
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018CC6B8C5B51E17D189E04A3F1C5B44D727
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rfHzSH2KMd7xZ3wvVhbMvbp7NIw.roa
Signing time: Mon 01 Jan 2024 20:30:47 +0000
ROA not before: Mon 01 Jan 2024 20:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 147.78.68.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 10:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c5:b5:1e:17:d1:89:e0:4a:3f:1c:5b:44:d7:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 20:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adf1f3487d8a31def1677c2f5616ccbdba7b348c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:02:ad:f5:45:c4:80:cd:d4:a0:6c:94:21:9e:
66:da:c5:df:6d:80:eb:fa:4f:d2:f7:13:49:9c:cb:
d6:38:91:7a:b3:83:2e:23:1f:90:61:f9:77:d5:5b:
c6:3f:7a:1e:46:89:6a:02:87:c1:f8:3b:9e:a6:d7:
8e:d8:96:bc:9c:6a:60:f3:41:1c:16:d3:78:5c:bd:
03:43:c4:3a:74:d7:bc:6d:32:aa:0a:eb:62:2c:27:
08:ef:88:3e:e9:61:13:d1:c8:9c:b4:c8:34:b0:8c:
b4:d9:56:5f:00:8a:66:a7:0a:a0:f4:f4:ef:d9:c8:
b0:97:f4:3b:82:04:9f:39:02:51:37:fe:b1:2b:7d:
23:8f:70:10:9e:f9:25:a1:3f:63:44:1e:94:13:c7:
24:a3:9a:d0:cc:79:67:ff:c6:01:db:08:66:45:99:
33:05:ce:5f:72:2a:44:99:0c:8a:62:c5:7b:4f:d4:
dc:66:7b:e3:e3:ab:52:86:09:87:38:b1:f4:63:81:
34:b4:76:9d:6c:ec:f6:b8:9f:9e:67:79:af:ec:e7:
bd:88:5e:9e:79:f8:84:1b:04:c2:02:fc:c1:20:25:
c3:cf:d5:e0:2f:0f:9c:14:12:2c:56:09:ef:b7:4b:
9c:4a:cc:cb:7e:56:8a:6c:97:0e:71:d1:2d:de:83:
f9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F1:F3:48:7D:8A:31:DE:F1:67:7C:2F:56:16:CC:BD:BA:7B:34:8C
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rfHzSH2KMd7xZ3wvVhbMvbp7NIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:e6:bb:88:03:5d:ac:9a:42:f6:63:bc:55:5b:86:93:67:54:
e3:07:07:98:04:d3:ed:48:e7:95:37:02:88:8e:c9:e9:06:be:
e6:b5:59:ff:3e:18:5e:21:f1:f2:ae:2c:f1:0d:59:f7:e7:88:
e4:d9:70:38:2c:d3:4d:1f:46:45:ff:c8:d6:e8:9a:af:d7:9e:
93:dd:b3:e9:73:3e:df:35:26:a6:aa:a1:23:21:44:c6:23:fc:
b6:e9:52:23:4b:ef:ad:43:e1:7b:97:da:ff:59:3f:9e:91:2b:
0b:4d:c4:e7:6b:3b:05:b7:4f:17:6b:c6:d1:ad:57:73:da:fc:
e8:2f:cd:5e:71:6d:b6:2e:77:0a:9c:d6:c6:d8:c8:24:98:35:
03:38:f8:8f:f4:3e:f1:8e:be:e4:4c:3c:37:5b:88:20:01:0d:
97:35:27:3c:7b:7f:05:3c:f0:12:b8:b1:92:23:c4:71:d1:77:
13:d1:00:62:6a:3f:95:bf:2b:d4:e8:ac:57:e4:2b:a1:7d:6f:
cd:37:79:5b:9f:5e:26:16:d9:2a:49:1e:bf:50:c2:6a:3a:c1:
b7:1c:43:25:53:90:eb:1f:2c:49:0b:c7:bc:87:ca:bb:da:f8:
6a:2b:c6:b0:71:81:74:3f:c5:8e:4b:af:d4:6b:b3:cb:9f:1a:
a2:2c:f1:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGuMW1HhfRieBKPxxbRNcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMTAxMjAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGYxZjM0ODdkOGEzMWRlZjE2NzdjMmY1NjE2Y2NiZGJhN2IzNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQKt9UXEgM3UoGyUIZ5m2sXfbYDr
+k/S9xNJnMvWOJF6s4MuIx+QYfl31VvGP3oeRolqAofB+DuepteO2Ja8nGpg80Ec
FtN4XL0DQ8Q6dNe8bTKqCutiLCcI74g+6WET0cictMg0sIy02VZfAIpmpwqg9PTv
2ciwl/Q7ggSfOQJRN/6xK30jj3AQnvkloT9jRB6UE8cko5rQzHln/8YB2whmRZkz
Bc5fcipEmQyKYsV7T9TcZnvj46tShgmHOLH0Y4E0tHadbOz2uJ+eZ3mv7Oe9iF6e
efiEGwTCAvzBICXDz9XgLw+cFBIsVgnvt0ucSszLflaKbJcOcdEt3oP5nQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK3x80h9ijHe8Wd8L1YWzL26ezSMMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvcmZIelNIMktNZDd4WjN3dlZoYk12YnA3Tkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBYV8AwQC
k05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQDP5ruIA12smkL2Y7xV
W4aTZ1TjBweYBNPtSOeVNwKIjsnpBr7mtVn/PhheIfHyrizxDVn354jk2XA4LNNN
H0ZF/8jW6Jqv156T3bPpcz7fNSamqqEjIUTGI/y26VIjS++tQ+F7l9r/WT+ekSsL
TcTnazsFt08Xa8bRrVdz2vzoL81ecW22LncKnNbG2MgkmDUDOPiP9D7xjr7kTDw3
W4ggAQ2XNSc8e38FPPASuLGSI8Rx0XcT0QBiaj+VvyvU6KxX5CuhfW/NN3lbn14m
FtkqSR6/UMJqOsG3HEMlU5DrHyxJC8e8h8q72vhqK8awcYF0P8WOS6/Ua7PLnxqi
LPHI
-----END CERTIFICATE-----
Generated at Fri May 3 15:29:58 2024 by rpki-client on console-fra.rpki-client.org