Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/1-t3HGzZl-9flS8CYvxooOMCL32o.roa
File: 1-t3HGzZl-9flS8CYvxooOMCL32o.roa (raw, json)
Hash identifier: 18BNrTGSoVFOcuC6IH5mlM6XrV0adiQ3d+y/ItuoWIk=
Subject key identifier: FA:DD:C7:1B:36:65:FB:D7:E5:4B:C0:98:BF:1A:28:38:C0:8B:DF:6A
Certificate issuer: /CN=5056c750840fe5c0103a7f51022c7ceea8fe969b
Certificate serial: 018F31B79EC21FA6B57780195C564F81DC01
Authority key identifier: 50:56:C7:50:84:0F:E5:C0:10:3A:7F:51:02:2C:7C:EE:A8:FE:96:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFbHUIQP5cAQOn9RAix87qj-lps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/1-t3HGzZl-9flS8CYvxooOMCL32o.roa
Signing time: Wed 01 May 2024 01:14:28 +0000
ROA not before: Wed 01 May 2024 01:14:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2116
IP address blocks: 37.18.64.0/21 maxlen: 24
46.227.192.0/21 maxlen: 24
185.137.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/UFbHUIQP5cAQOn9RAix87qj-lps.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/UFbHUIQP5cAQOn9RAix87qj-lps.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFbHUIQP5cAQOn9RAix87qj-lps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:b7:9e:c2:1f:a6:b5:77:80:19:5c:56:4f:81:dc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056c750840fe5c0103a7f51022c7ceea8fe969b
Validity
Not Before: May 1 01:14:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faddc71b3665fbd7e54bc098bf1a2838c08bdf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:e8:9d:51:dd:1e:2b:10:d8:29:3b:6c:df:
41:43:a3:af:fb:48:a0:fe:4c:42:2c:28:a4:7d:92:
86:1d:70:03:8b:48:ce:06:52:b8:35:f7:a3:c7:8e:
76:ba:44:3d:86:19:f6:17:ee:be:ad:7b:89:c5:6d:
ff:17:c1:8b:fb:a0:e1:79:b4:69:56:ab:80:61:2f:
56:bc:14:e0:aa:f0:d8:45:36:b6:76:73:a0:16:75:
83:52:4c:ba:0f:f6:7a:90:16:c1:0d:27:09:d9:0b:
0a:8c:57:91:02:e7:96:d2:38:b0:f2:50:3b:9f:2f:
00:5a:6a:b3:df:54:4f:14:e7:b8:73:b6:ba:9f:b1:
21:7e:ca:e1:f3:4f:52:be:df:66:74:61:1b:d4:d8:
c2:e1:d9:6c:ae:e2:1f:c6:d8:53:50:ef:f2:69:e6:
4a:14:d2:ee:03:b9:1b:d7:de:2f:71:b1:43:80:d2:
cd:57:f3:a3:2f:da:72:21:85:02:ab:46:7c:18:90:
38:7f:66:22:5a:2b:6b:d7:3e:0b:0b:95:ad:03:60:
81:a2:29:a7:fb:72:67:db:b7:af:24:9e:a7:4d:35:
b1:3e:59:bf:39:e7:45:cd:e1:3e:45:49:1b:44:ad:
a2:e9:49:a0:4f:04:93:85:1c:6f:61:14:08:95:c4:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DD:C7:1B:36:65:FB:D7:E5:4B:C0:98:BF:1A:28:38:C0:8B:DF:6A
X509v3 Authority Key Identifier:
keyid:50:56:C7:50:84:0F:E5:C0:10:3A:7F:51:02:2C:7C:EE:A8:FE:96:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFbHUIQP5cAQOn9RAix87qj-lps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/1-t3HGzZl-9flS8CYvxooOMCL32o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/252968-b8ba-4e19-84d7-3228286da601/1/UFbHUIQP5cAQOn9RAix87qj-lps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.64.0/21
46.227.192.0/21
185.137.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:f6:7a:07:32:cc:46:57:1e:42:ed:fd:9c:fc:3b:2f:b7:f2:
29:21:8c:bd:19:00:b5:b6:37:92:fa:ec:44:6f:43:b0:f6:10:
a7:bb:e0:7a:23:78:7e:5e:88:31:be:56:ba:06:4d:f1:3d:28:
98:b1:5e:8d:5f:49:4a:a2:48:b7:c4:8d:12:4d:35:71:8d:d4:
7c:a7:cc:ac:4a:35:32:cf:62:fd:12:d8:f9:14:1c:70:19:4a:
c8:8c:09:c9:6c:ff:f3:c9:d1:33:97:ba:cd:f1:29:74:30:2d:
87:e3:21:c4:1c:fe:fa:a1:ce:85:0e:59:13:8c:d4:38:be:ab:
7c:33:52:7c:a0:ad:05:24:d3:83:6b:d3:ba:d9:1d:7e:e1:c4:
a7:c4:0e:4b:15:67:8d:c0:9c:0d:6e:f8:62:01:6c:1a:6f:e5:
c0:19:56:06:12:41:7a:76:1a:80:ba:6d:0b:45:d6:a6:80:24:
5e:e6:07:1d:81:ee:09:86:54:48:60:a7:35:2b:58:00:8a:d4:
63:bf:62:9e:35:d7:bc:6a:98:36:0f:b9:91:58:d8:f8:2b:a3:
d6:95:be:c2:ae:59:a1:98:9a:62:54:76:95:e2:18:38:69:f6:
62:23:8c:9d:e4:f2:bb:0a:4d:f0:b0:89:8b:6d:42:2b:25:12:
7d:3f:d3:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY8xt57CH6a1d4AZXFZPgdwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTZjNzUwODQwZmU1YzAxMDNhN2Y1MTAyMmM3Y2VlYThm
ZTk2OWIwHhcNMjQwNTAxMDExNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRkYzcxYjM2NjVmYmQ3ZTU0YmMwOThiZjFhMjgzOGMwOGJkZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAnonVHdHisQ2Ck7bN9BQ6Ov+0ig
/kxCLCikfZKGHXADi0jOBlK4Nfejx452ukQ9hhn2F+6+rXuJxW3/F8GL+6DhebRp
VquAYS9WvBTgqvDYRTa2dnOgFnWDUky6D/Z6kBbBDScJ2QsKjFeRAueW0jiw8lA7
ny8AWmqz31RPFOe4c7a6n7Ehfsrh809Svt9mdGEb1NjC4dlsruIfxthTUO/yaeZK
FNLuA7kb194vcbFDgNLNV/OjL9pyIYUCq0Z8GJA4f2YiWitr1z4LC5WtA2CBoimn
+3Jn27evJJ6nTTWxPlm/OedFzeE+RUkbRK2i6UmgTwSThRxvYRQIlcShSQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPrdxxs2ZfvX5UvAmL8aKDjAi99qMB8GA1UdIwQY
MBaAFFBWx1CED+XAEDp/UQIsfO6o/pabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZiSFVJUVA1Y0FRT245UkFpeDg3cWotbHBzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8yNTI5NjgtYjhiYS00ZTE5LTg0ZDct
MzIyODI4NmRhNjAxLzEvMS10M0hHelpsLTlmbFM4Q1l2eG9vT01DTDMyby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvMjUyOTY4LWI4YmEtNGUxOS04NGQ3LTMyMjgyODZkYTYw
MS8xL1VGYkhVSVFQNWNBUU9uOVJBaXg4N3FqLWxwcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAyUSQAME
Ay7jwAMEArmJBDANBgkqhkiG9w0BAQsFAAOCAQEApPZ6BzLMRlceQu39nPw7L7fy
KSGMvRkAtbY3kvrsRG9DsPYQp7vgeiN4fl6IMb5WugZN8T0omLFejV9JSqJIt8SN
Ek01cY3UfKfMrEo1Ms9i/RLY+RQccBlKyIwJyWz/88nRM5e6zfEpdDAth+MhxBz+
+qHOhQ5ZE4zUOL6rfDNSfKCtBSTTg2vTutkdfuHEp8QOSxVnjcCcDW74YgFsGm/l
wBlWBhJBenYagLptC0XWpoAkXuYHHYHuCYZUSGCnNStYAIrUY79injXXvGqYNg+5
kVjY+Cuj1pW+wq5ZoZiaYlR2leIYOGn2YiOMneTyuwpN8LCJi21CKyUSfT/T8A==
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:58:36 2024 by rpki-client on console-fra.rpki-client.org