Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/S3hRbFAfv5UX2tPzM3A9HbJCT8c.roa
File: S3hRbFAfv5UX2tPzM3A9HbJCT8c.roa (raw, json)
Hash identifier: 2cJt29EV8qnZ/LDQ3VDGOKrXTDPhtaFrFOaS9A/V66w=
Subject key identifier: 4B:78:51:6C:50:1F:BF:95:17:DA:D3:F3:33:70:3D:1D:B2:42:4F:C7
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 018DC1BE2B0287160A684AE6170A2B42CDD7
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/S3hRbFAfv5UX2tPzM3A9HbJCT8c.roa
Signing time: Mon 19 Feb 2024 14:21:21 +0000
ROA not before: Mon 19 Feb 2024 14:21:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21034
IP address blocks: 185.2.146.0/23 maxlen: 23
185.179.103.0/24 maxlen: 24
212.43.96.0/19 maxlen: 19
2a00:1be0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.mft
rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:be:2b:02:87:16:0a:68:4a:e6:17:0a:2b:42:cd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Feb 19 14:21:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b78516c501fbf9517dad3f333703d1db2424fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:71:20:70:da:16:cc:96:06:11:dc:c5:39:
19:01:f0:b0:16:79:f6:a9:60:c9:11:57:5e:ef:16:
bc:e2:ff:7a:a0:97:e8:98:3e:59:ea:8f:82:07:ca:
2e:d5:40:c6:fe:fa:a9:e6:6c:0f:cb:82:8d:85:7d:
70:02:a4:dc:43:2a:c3:3b:09:1b:ac:69:41:65:48:
f9:e4:9a:95:40:04:1f:4c:93:1b:27:28:3c:12:7b:
3a:0e:e3:da:6e:35:4d:cc:ad:57:a7:96:a9:bc:56:
52:b2:6a:cb:84:c6:28:dc:95:02:81:01:26:4a:2e:
c2:43:ed:12:22:65:69:91:9e:de:fc:35:53:71:74:
5c:0d:66:8c:e8:39:96:02:41:96:f0:da:f7:1a:3b:
a6:b0:3d:cf:ae:26:41:43:31:ac:ba:72:7b:60:48:
ed:34:4f:56:d3:96:27:7d:80:7a:6b:12:a5:b1:bf:
f1:f6:e5:9c:14:63:54:8c:48:1c:f9:5f:49:68:ab:
43:13:4d:be:f7:a4:b3:e8:71:6f:7f:96:0d:0a:59:
6b:fd:94:7c:41:f3:e8:ff:37:1a:23:9c:00:da:af:
d8:a4:5e:11:71:09:69:eb:b7:a3:ba:84:a4:d2:2c:
ee:31:cf:95:fd:d4:dc:44:5c:77:e2:1e:f9:e7:72:
bc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:78:51:6C:50:1F:BF:95:17:DA:D3:F3:33:70:3D:1D:B2:42:4F:C7
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/S3hRbFAfv5UX2tPzM3A9HbJCT8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.146.0/23
185.179.103.0/24
212.43.96.0/19
IPv6:
2a00:1be0::/32
Signature Algorithm: sha256WithRSAEncryption
00:f9:15:12:04:4e:96:68:b1:52:88:e1:dd:52:08:6d:f8:58:
e0:5a:46:3c:51:4b:f6:ca:1a:1d:81:c0:fe:38:8c:6e:7d:3f:
6c:db:aa:33:a6:91:c0:63:d1:c0:4b:6b:96:80:40:21:51:8c:
2e:d4:78:89:ce:d0:46:e3:12:fe:d1:34:b1:59:57:a0:b1:4d:
4f:18:83:aa:a2:7f:04:7a:83:dc:65:60:6b:d8:af:18:a3:53:
a2:cf:1b:c0:02:c3:c0:f8:1a:ce:e5:c6:67:6d:98:bb:d5:ee:
0c:de:d2:37:3c:24:e3:68:9b:98:f7:ce:6f:07:6e:77:93:35:
a4:e6:74:47:88:6f:96:86:ff:41:8b:30:8c:fd:16:40:ed:37:
d4:16:35:69:92:e0:1a:41:4b:04:b2:79:c8:e7:67:8e:31:d6:
61:55:52:53:df:5e:8f:84:e8:b7:b1:85:d5:d2:5f:3b:02:33:
5b:37:2c:3a:4c:c6:6d:40:7a:75:41:26:66:0f:1c:19:fe:f6:
ad:ae:c9:21:56:da:9d:93:ae:40:79:14:eb:b5:f9:2b:d7:9c:
d0:19:63:6b:bf:ab:05:9f:5f:5e:f7:f4:a5:29:2a:ec:24:98:
51:28:15:50:7a:bc:1b:c5:40:71:d0:ac:8c:66:06:e4:a8:26:
58:85:fd:f7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3BvisChxYKaErmFworQs3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjQwMjE5MTQyMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc4NTE2YzUwMWZiZjk1MTdkYWQzZjMzMzcwM2QxZGIyNDI0ZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl9xIHDaFsyWBhHcxTkZAfCwFnn2
qWDJEVde7xa84v96oJfomD5Z6o+CB8ou1UDG/vqp5mwPy4KNhX1wAqTcQyrDOwkb
rGlBZUj55JqVQAQfTJMbJyg8Ens6DuPabjVNzK1Xp5apvFZSsmrLhMYo3JUCgQEm
Si7CQ+0SImVpkZ7e/DVTcXRcDWaM6DmWAkGW8Nr3GjumsD3PriZBQzGsunJ7YEjt
NE9W05YnfYB6axKlsb/x9uWcFGNUjEgc+V9JaKtDE02+96Sz6HFvf5YNCllr/ZR8
QfPo/zcaI5wA2q/YpF4RcQlp67ejuoSk0izuMc+V/dTcRFx34h7553K80wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEt4UWxQH7+VF9rT8zNwPR2yQk/HMB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvUzNoUmJGQWZ2NVVYMnRQek0zQTlIYkpDVDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuQKSAwQA
ubNnAwQF1CtgMA0EAgACMAcDBQAqABvgMA0GCSqGSIb3DQEBCwUAA4IBAQAA+RUS
BE6WaLFSiOHdUght+FjgWkY8UUv2yhodgcD+OIxufT9s26ozppHAY9HAS2uWgEAh
UYwu1HiJztBG4xL+0TSxWVegsU1PGIOqon8EeoPcZWBr2K8Yo1OizxvAAsPA+BrO
5cZnbZi71e4M3tI3PCTjaJuY985vB253kzWk5nRHiG+Whv9BizCM/RZA7TfUFjVp
kuAaQUsEsnnI52eOMdZhVVJT316PhOi3sYXV0l87AjNbNyw6TMZtQHp1QSZmDxwZ
/vatrskhVtqdk65AeRTrtfkr15zQGWNrv6sFn19e9/SlKSrsJJhRKBVQerwbxUBx
0KyMZgbkqCZYhf33
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:59:22 2024 by rpki-client on console-fra.rpki-client.org