Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/fh0jb3cqRja5vFu5p2t-V80WkO0.roa
File: fh0jb3cqRja5vFu5p2t-V80WkO0.roa (raw, json)
Hash identifier: mxdpqgQ4s7xL8H+YfanlGX4kO5tAIbVFtgtTmgQ3f2k=
Subject key identifier: 7E:1D:23:6F:77:2A:46:36:B9:BC:5B:B9:A7:6B:7E:57:CD:16:90:ED
Certificate issuer: /CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Certificate serial: 01920A36AF9DD19931D3BE1FF1FD25E40BA2
Authority key identifier: AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/fh0jb3cqRja5vFu5p2t-V80WkO0.roa
Signing time: Thu 19 Sep 2024 12:16:48 +0000
ROA not before: Thu 19 Sep 2024 12:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206720
IP address blocks: 185.187.244.0/24 maxlen: 24
185.187.245.0/24 maxlen: 24
185.187.246.0/24 maxlen: 24
185.187.247.0/24 maxlen: 24
193.56.32.0/24 maxlen: 24
193.56.35.0/24 maxlen: 24
193.56.36.0/24 maxlen: 24
193.56.39.0/24 maxlen: 24
193.56.40.0/24 maxlen: 24
193.56.44.0/24 maxlen: 24
193.56.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:36:af:9d:d1:99:31:d3:be:1f:f1:fd:25:e4:0b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Validity
Not Before: Sep 19 12:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e1d236f772a4636b9bc5bb9a76b7e57cd1690ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:a9:10:c1:5e:dd:94:b3:e2:12:50:3f:fb:60:
f5:da:2a:ec:db:5b:36:85:83:ec:cb:94:4e:a2:a9:
66:17:c9:4e:79:ef:13:43:cf:a5:de:32:59:e8:08:
a4:55:49:3e:c5:e4:ad:7b:79:bc:38:68:98:77:a6:
e9:95:f6:7f:47:a3:fc:d7:56:6c:d6:f0:70:81:e2:
26:05:98:5b:55:58:10:75:79:ea:11:3a:7b:e6:75:
dd:81:a5:8d:fc:ec:52:8a:e9:d9:0f:90:9d:b9:32:
66:6e:11:66:bc:2f:9e:b7:68:cc:74:fa:de:44:87:
a9:b3:21:7c:5c:32:14:2e:bf:5c:84:d2:d6:f6:4b:
65:1b:fd:25:d6:fd:8d:7b:1d:04:08:cf:12:4d:85:
fc:94:d1:7a:0a:71:4d:a0:8b:6c:10:33:27:53:b5:
17:a8:1f:3e:2f:90:ef:0c:e3:33:8d:dd:96:31:09:
bf:27:b7:58:43:b4:3d:82:62:bf:16:22:06:6c:e5:
f0:9d:cb:da:06:cc:45:92:52:2f:80:77:c8:19:f8:
a8:ac:8e:f2:ce:93:06:dd:8d:0e:ea:25:93:6c:e0:
bd:50:03:0d:d5:b7:fa:25:40:fb:89:e3:64:3c:48:
72:e7:ed:1d:87:43:f3:56:aa:43:55:33:02:66:ce:
c0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1D:23:6F:77:2A:46:36:B9:BC:5B:B9:A7:6B:7E:57:CD:16:90:ED
X509v3 Authority Key Identifier:
keyid:AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/fh0jb3cqRja5vFu5p2t-V80WkO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.244.0/22
193.56.32.0/24
193.56.35.0-193.56.36.255
193.56.39.0-193.56.40.255
193.56.44.0/23
Signature Algorithm: sha256WithRSAEncryption
74:cc:53:58:89:78:c8:48:1a:04:af:cf:74:62:6c:c0:d0:be:
3c:aa:bb:0e:19:0c:80:2b:e8:b5:ea:3e:b4:15:82:08:9d:68:
2a:74:23:37:b0:b1:b4:97:63:3e:ea:44:1b:27:12:fa:f0:3d:
0a:42:05:79:b7:34:f3:18:32:22:f5:f7:ee:ec:5d:77:b5:d8:
f5:a0:2f:b3:38:ff:a1:50:43:17:6b:e9:fc:b8:74:7b:17:38:
37:f1:bc:a9:0d:ef:6d:20:e0:c7:c3:98:fa:41:4c:6c:15:b9:
f3:06:95:43:77:67:11:69:bc:82:e4:26:16:89:64:75:57:9e:
bf:4d:a6:e5:20:6b:cf:c7:e1:39:6c:51:30:b9:1a:e7:06:6b:
4b:74:69:67:94:d3:cb:8b:ae:ba:e7:27:a1:6d:71:5f:01:6d:
e5:2e:51:d0:4b:e1:40:77:42:59:99:e1:e6:43:07:98:ad:3b:
a4:e2:af:b3:de:30:4f:20:36:b5:54:5f:f9:32:12:0d:8e:0f:
e1:5a:e0:ed:b1:5e:2b:f2:a6:7e:b1:c8:1f:53:66:1b:6d:48:
03:59:ee:a4:e8:33:8b:67:c4:2f:e2:8e:e7:09:a9:46:68:b9:
2d:51:1a:64:67:4b:70:b6:bc:e8:c4:11:df:db:d5:a0:e3:0f:
a9:a6:06:d8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZIKNq+d0Zkx074f8f0l5AuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzQ4ZjdhNTkxMjA1ODhkNDE3MGVhMjgxNWU2YWU1MWJl
NmJjZmYwHhcNMjQwOTE5MTIxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFkMjM2Zjc3MmE0NjM2YjliYzViYjlhNzZiN2U1N2NkMTY5MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9akQwV7dlLPiElA/+2D12irs21s2
hYPsy5ROoqlmF8lOee8TQ8+l3jJZ6AikVUk+xeSte3m8OGiYd6bplfZ/R6P811Zs
1vBwgeImBZhbVVgQdXnqETp75nXdgaWN/OxSiunZD5CduTJmbhFmvC+et2jMdPre
RIepsyF8XDIULr9chNLW9ktlG/0l1v2Nex0ECM8STYX8lNF6CnFNoItsEDMnU7UX
qB8+L5DvDOMzjd2WMQm/J7dYQ7Q9gmK/FiIGbOXwncvaBsxFklIvgHfIGfiorI7y
zpMG3Y0O6iWTbOC9UAMN1bf6JUD7ieNkPEhy5+0dh0PzVqpDVTMCZs7A3QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFH4dI293KkY2ubxbuadrflfNFpDtMB8GA1UdIwQY
MBaAFKzEj3pZEgWI1BcOooFeauUb5rz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTIt
YjUyYjNhMjM2ZmE3LzEvZmgwamIzY3FSamE1dkZ1NXAydC1WODBXa08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTItYjUyYjNhMjM2ZmE3
LzEvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCubv0AwQA
wTggMAwDBADBOCMDBADBOCQwDAMEAME4JwMEAME4KAMEAcE4LDANBgkqhkiG9w0B
AQsFAAOCAQEAdMxTWIl4yEgaBK/PdGJswNC+PKq7DhkMgCvoteo+tBWCCJ1oKnQj
N7CxtJdjPupEGycS+vA9CkIFebc08xgyIvX37uxdd7XY9aAvszj/oVBDF2vp/Lh0
exc4N/G8qQ3vbSDgx8OY+kFMbBW58waVQ3dnEWm8guQmFolkdVeev02m5SBrz8fh
OWxRMLka5wZrS3RpZ5TTy4uuuucnoW1xXwFt5S5R0EvhQHdCWZnh5kMHmK07pOKv
s94wTyA2tVRf+TISDY4P4Vrg7bFeK/KmfrHIH1NmG21IA1nupOgzi2fEL+KO5wmp
Rmi5LVEaZGdLcLa86MQR39vVoOMPqaYG2A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:45 2024 by rpki-client on console-fra.rpki-client.org