Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/0d2hk2b2dy89DhPlB3tGfYJNJwg.roa
File: 0d2hk2b2dy89DhPlB3tGfYJNJwg.roa (raw, json)
Hash identifier: at0Cgc2w1r5cZgXcl2ZhJlvunXKFoAjzv76yBSBUH2I=
Subject key identifier: D1:DD:A1:93:66:F6:77:2F:3D:0E:13:E5:07:7B:46:7D:82:4D:27:08
Certificate issuer: /CN=4a83ee7dcc32837b0ba5b891d8f145435ab3b60a
Certificate serial: 018CC64B800E74D7D2E861DF3CDC59BFB0B3
Authority key identifier: 4A:83:EE:7D:CC:32:83:7B:0B:A5:B8:91:D8:F1:45:43:5A:B3:B6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SoPufcwyg3sLpbiR2PFFQ1qztgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/0d2hk2b2dy89DhPlB3tGfYJNJwg.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199860
IP address blocks: 193.43.41.0/24 maxlen: 24
5.188.106.0/23 maxlen: 23
185.44.14.0/23 maxlen: 23
185.44.12.0/22 maxlen: 22
185.44.12.0/23 maxlen: 23
5.188.104.0/22 maxlen: 22
5.188.104.0/23 maxlen: 23
2a01:6520::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/SoPufcwyg3sLpbiR2PFFQ1qztgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/SoPufcwyg3sLpbiR2PFFQ1qztgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/SoPufcwyg3sLpbiR2PFFQ1qztgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:80:0e:74:d7:d2:e8:61:df:3c:dc:59:bf:b0:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a83ee7dcc32837b0ba5b891d8f145435ab3b60a
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1dda19366f6772f3d0e13e5077b467d824d2708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cd:f2:2f:d8:12:58:7f:75:ff:cf:b3:48:04:
59:87:e3:31:9e:f1:c4:e6:77:79:a0:2a:17:c5:6e:
0b:47:b7:cb:0e:89:0d:e5:d9:bd:50:f1:83:ac:6c:
7f:06:4e:4d:fe:ff:45:2e:40:e4:a4:46:b9:d8:5c:
a6:88:6d:38:d7:aa:8e:02:4c:c5:f2:b8:74:8d:0e:
52:af:0c:d9:48:b7:23:fc:7a:ff:b9:e9:d2:45:51:
51:15:16:ee:b0:b2:fd:11:2e:4d:c5:25:37:20:d5:
88:60:64:90:9b:2f:4f:74:76:0a:fa:1a:2a:e6:db:
c4:c6:61:8d:2c:95:74:fa:a0:28:56:49:3d:63:bd:
d7:a9:9f:02:ba:b8:a2:a1:89:90:b8:79:a8:c3:a3:
31:62:55:46:14:cd:83:6c:40:bf:03:0e:4f:34:00:
35:ac:e5:79:e3:d8:9f:cc:32:d9:33:dc:6d:db:a8:
13:14:c9:26:79:e5:93:90:88:72:50:9e:dc:b2:fd:
b6:7e:bd:ff:00:28:2e:0e:e1:c0:5c:7b:ad:15:52:
c3:bf:01:0c:f9:46:ee:f0:89:6a:48:a2:7d:f0:a6:
98:1b:aa:eb:1e:22:c0:ca:0c:44:4f:13:e6:67:82:
ee:67:96:1a:2d:e1:fb:7a:ef:f4:cc:1f:bc:6f:72:
44:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DD:A1:93:66:F6:77:2F:3D:0E:13:E5:07:7B:46:7D:82:4D:27:08
X509v3 Authority Key Identifier:
keyid:4A:83:EE:7D:CC:32:83:7B:0B:A5:B8:91:D8:F1:45:43:5A:B3:B6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SoPufcwyg3sLpbiR2PFFQ1qztgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/0d2hk2b2dy89DhPlB3tGfYJNJwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/SoPufcwyg3sLpbiR2PFFQ1qztgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.104.0/22
185.44.12.0/22
193.43.41.0/24
IPv6:
2a01:6520::/32
Signature Algorithm: sha256WithRSAEncryption
3f:fd:79:b9:b6:a4:f3:81:8e:23:53:75:4f:03:48:7d:22:88:
69:74:69:68:45:e9:3e:ac:87:1f:20:33:81:0c:75:45:31:3c:
3b:6a:80:fe:47:09:29:f6:30:16:4e:d3:50:de:f2:de:fc:71:
01:30:0c:92:a5:9a:ce:3f:a8:7c:7e:3c:07:95:4e:00:57:e0:
b1:25:17:c4:0e:92:00:84:fc:df:b6:40:44:93:3a:08:09:35:
1d:e5:15:ae:4b:91:19:8d:60:a7:8c:55:6d:fe:1c:b7:a0:54:
9b:e0:c1:8d:46:56:0f:a4:b9:bf:6b:91:96:a7:b9:14:a7:5a:
2c:70:69:32:82:c7:e4:7f:2d:64:51:31:2d:d5:b1:29:fd:01:
5e:ab:18:f6:d3:1c:2d:ac:d4:59:a9:c4:da:c7:7d:e4:05:cf:
65:2f:85:ba:53:f4:a3:a6:57:46:a0:97:f7:5e:77:c0:60:87:
27:fc:6b:47:60:3f:30:f8:d2:1f:b6:cc:90:ac:58:be:63:78:
55:66:42:ac:8d:b3:07:27:f1:e0:75:7f:4f:f3:4e:12:af:05:
9b:8c:2a:6f:8e:6f:42:dc:0e:11:89:42:90:97:e8:47:8b:d4:
34:69:40:80:e4:b0:72:a6:05:7b:4d:f2:79:49:cb:a2:1a:d4:
e7:df:fc:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS4AOdNfS6GHfPNxZv7CzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhODNlZTdkY2MzMjgzN2IwYmE1Yjg5MWQ4ZjE0NTQzNWFi
M2I2MGEwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRkYTE5MzY2ZjY3NzJmM2QwZTEzZTUwNzdiNDY3ZDgyNGQyNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms3yL9gSWH91/8+zSARZh+MxnvHE
5nd5oCoXxW4LR7fLDokN5dm9UPGDrGx/Bk5N/v9FLkDkpEa52FymiG0416qOAkzF
8rh0jQ5SrwzZSLcj/Hr/uenSRVFRFRbusLL9ES5NxSU3INWIYGSQmy9PdHYK+hoq
5tvExmGNLJV0+qAoVkk9Y73XqZ8CuriioYmQuHmow6MxYlVGFM2DbEC/Aw5PNAA1
rOV549ifzDLZM9xt26gTFMkmeeWTkIhyUJ7csv22fr3/ACguDuHAXHutFVLDvwEM
+Ubu8IlqSKJ98KaYG6rrHiLAygxETxPmZ4LuZ5YaLeH7eu/0zB+8b3JEkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNHdoZNm9ncvPQ4T5Qd7Rn2CTScIMB8GA1UdIwQY
MBaAFEqD7n3MMoN7C6W4kdjxRUNas7YKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29QdWZjd3lnM3NMcGJpUjJQRkZRMXF6dGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS81MTNlOGEtYWQ1Yi00MmJlLTliNmUt
YjQyNjk0NjNiY2U4LzEvMGQyaGsyYjJkeTg5RGhQbEIzdEdmWUpOSndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS81MTNlOGEtYWQ1Yi00MmJlLTliNmUtYjQyNjk0NjNiY2U4
LzEvU29QdWZjd3lnM3NMcGJpUjJQRkZRMXF6dGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbxoAwQC
uSwMAwQAwSspMA0EAgACMAcDBQAqAWUgMA0GCSqGSIb3DQEBCwUAA4IBAQA//Xm5
tqTzgY4jU3VPA0h9IohpdGloRek+rIcfIDOBDHVFMTw7aoD+Rwkp9jAWTtNQ3vLe
/HEBMAySpZrOP6h8fjwHlU4AV+CxJRfEDpIAhPzftkBEkzoICTUd5RWuS5EZjWCn
jFVt/hy3oFSb4MGNRlYPpLm/a5GWp7kUp1oscGkygsfkfy1kUTEt1bEp/QFeqxj2
0xwtrNRZqcTax33kBc9lL4W6U/SjpldGoJf3XnfAYIcn/GtHYD8w+NIftsyQrFi+
Y3hVZkKsjbMHJ/HgdX9P804SrwWbjCpvjm9C3A4RiUKQl+hHi9Q0aUCA5LBypgV7
TfJ5ScuiGtTn3/wK
-----END CERTIFICATE-----
Generated at Sat Sep 28 15:58:50 2024 by rpki-client on console-fra.rpki-client.org