Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/1-_AI3-McoLXKp7NUlhOj-A-kGsM.roa
File: 1-_AI3-McoLXKp7NUlhOj-A-kGsM.roa (raw, json)
Hash identifier: SAM18AGfZT4gKvUZU7b6olOf+LFmwSGG2FT2MPNBZ/c=
Subject key identifier: FB:F0:08:DF:E3:1C:A0:B5:CA:A7:B3:54:96:13:A3:F8:0F:A4:1A:C3
Certificate issuer: /CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Certificate serial: 018CCA29CF3DBA0829BFD3B04BDA5600C579
Authority key identifier: E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/1-_AI3-McoLXKp7NUlhOj-A-kGsM.roa
Signing time: Tue 02 Jan 2024 12:33:06 +0000
ROA not before: Tue 02 Jan 2024 12:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2847
IP address blocks: 193.219.152.0/21 maxlen: 21
193.219.160.0/19 maxlen: 19
193.219.60.0/24 maxlen: 24
193.219.60.0/22 maxlen: 22
193.219.64.0/20 maxlen: 20
83.171.0.0/18 maxlen: 18
193.219.32.0/21 maxlen: 21
2001:778::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.mft
rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:cf:3d:ba:08:29:bf:d3:b0:4b:da:56:00:c5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Validity
Not Before: Jan 2 12:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbf008dfe31ca0b5caa7b3549613a3f80fa41ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:01:a1:58:c2:82:53:4c:76:2c:59:6d:6e:61:
39:a1:43:1b:b7:57:2e:64:b0:7e:99:13:61:23:86:
c1:39:da:ec:56:90:83:d8:d5:fc:c1:a8:ac:6e:4c:
73:dc:7d:12:40:f2:f7:3b:6c:63:f6:f6:80:2b:d9:
f5:ef:73:22:3b:e8:f0:00:51:85:39:37:eb:15:dc:
a5:bc:0c:78:66:2d:f9:3f:08:11:30:de:c1:32:e6:
e1:7e:14:80:81:88:27:63:85:f7:7b:92:ca:fc:8c:
49:30:20:0e:e7:2c:d9:7c:63:8b:3e:17:79:2d:7f:
c8:d3:de:6a:0a:6c:96:40:d6:69:08:5c:9e:bc:c5:
ed:a8:73:4e:0f:e2:f2:87:5b:04:88:89:00:df:d4:
26:28:2e:cf:98:bb:7a:84:f8:68:b7:c2:26:1f:54:
00:59:08:0e:34:1c:f0:78:46:36:12:26:e4:0f:c2:
6a:b8:8b:a1:53:22:e9:37:f0:53:ca:5b:53:58:36:
34:74:2f:31:f0:b7:ef:bf:25:19:d4:64:81:ed:b7:
56:0d:72:b7:59:c2:01:91:e1:3e:55:70:f0:27:16:
32:b1:a0:aa:66:a5:46:75:93:14:b9:41:65:3c:8f:
13:9b:1c:65:92:f4:cc:2d:1f:c0:f5:21:00:e5:30:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F0:08:DF:E3:1C:A0:B5:CA:A7:B3:54:96:13:A3:F8:0F:A4:1A:C3
X509v3 Authority Key Identifier:
keyid:E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/1-_AI3-McoLXKp7NUlhOj-A-kGsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.0.0/18
193.219.32.0/21
193.219.60.0-193.219.79.255
193.219.152.0-193.219.191.255
IPv6:
2001:778::/32
Signature Algorithm: sha256WithRSAEncryption
0c:1a:31:aa:25:73:bb:9f:cf:46:f8:3f:f9:21:3d:9b:9b:9e:
5b:0f:00:c1:73:b4:a0:92:74:bd:ed:51:85:05:07:cb:67:a2:
03:0f:2f:6a:25:15:01:56:b2:a1:81:77:ea:ee:62:f7:7b:7f:
28:be:92:7b:14:1b:98:89:07:a9:43:10:d8:c7:6c:36:07:a2:
c8:23:a2:5b:9e:ea:62:17:00:67:26:c2:ea:30:f1:12:97:b3:
7c:f4:6d:74:07:ec:03:2d:96:ee:78:7d:ed:d4:00:98:91:19:
ff:d1:15:ef:da:99:58:9d:fe:14:5b:50:20:07:42:8a:e3:4d:
18:6e:2a:da:94:4d:2a:89:5c:9c:fe:e0:b0:87:82:b2:03:ef:
b7:78:e8:51:de:7c:54:48:6a:61:f5:fd:16:f5:89:a2:9f:4e:
53:67:8c:a8:86:19:4c:9b:13:b1:54:8b:a7:6f:26:95:c7:47:
3c:6b:53:79:7c:ab:3d:07:77:d0:f2:be:9e:f0:8f:df:64:e3:
4a:90:e6:b7:6e:76:0d:99:fb:19:76:55:c3:89:f2:05:14:d3:
1c:b8:0a:d3:e9:7a:02:78:d6:1d:70:d8:e4:ab:0f:58:2b:60:
73:2f:2b:e1:06:c8:13:fb:ba:fe:82:5a:25:a5:1e:f5:07:0e:
e1:75:04:a1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzKKc89uggpv9OwS9pWAMV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2YyM2Q2ODkzNzQ5NDI4OGRmY2M3YTBlZmUxZmU3NGEy
MDM2ZTEwHhcNMjQwMTAyMTIzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmYwMDhkZmUzMWNhMGI1Y2FhN2IzNTQ5NjEzYTNmODBmYTQxYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigGhWMKCU0x2LFltbmE5oUMbt1cu
ZLB+mRNhI4bBOdrsVpCD2NX8waisbkxz3H0SQPL3O2xj9vaAK9n173MiO+jwAFGF
OTfrFdylvAx4Zi35PwgRMN7BMubhfhSAgYgnY4X3e5LK/IxJMCAO5yzZfGOLPhd5
LX/I095qCmyWQNZpCFyevMXtqHNOD+Lyh1sEiIkA39QmKC7PmLt6hPhot8ImH1QA
WQgONBzweEY2EibkD8JquIuhUyLpN/BTyltTWDY0dC8x8LfvvyUZ1GSB7bdWDXK3
WcIBkeE+VXDwJxYysaCqZqVGdZMUuUFlPI8TmxxlkvTMLR/A9SEA5TDMcQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPvwCN/jHKC1yqezVJYTo/gPpBrDMB8GA1UdIwQY
MBaAFOQ/I9aJN0lCiN/Meg7+H+dKIDbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMt
OWQxODVmNzM4MjExLzEvMS1fQUkzLU1jb0xYS3A3TlVsaE9qLUEta0dzTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvYWI1ZmRjLTlkNmItNDY3NS05YTEzLTlkMTg1ZjczODIx
MS8xLzVEOGoxb2szU1VLSTM4eDZEdjRmNTBvZ051RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBQBggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMEBlOrAAME
A8HbIDAMAwQCwds8AwQEwdtAMAwDBAPB25gDBAbB24AwDQQCAAIwBwMFACABB3gw
DQYJKoZIhvcNAQELBQADggEBAAwaMaolc7ufz0b4P/khPZubnlsPAMFztKCSdL3t
UYUFB8tnogMPL2olFQFWsqGBd+ruYvd7fyi+knsUG5iJB6lDENjHbDYHosgjolue
6mIXAGcmwuow8RKXs3z0bXQH7AMtlu54fe3UAJiRGf/RFe/amVid/hRbUCAHQorj
TRhuKtqUTSqJXJz+4LCHgrID77d46FHefFRIamH1/Rb1iaKfTlNnjKiGGUybE7FU
i6dvJpXHRzxrU3l8qz0Hd9Dyvp7wj99k40qQ5rdudg2Z+xl2VcOJ8gUU0xy4CtPp
egJ41h1w2OSrD1grYHMvK+EGyBP7uv6CWiWlHvUHDuF1BKE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:00:15 2024 by rpki-client on console-fra.rpki-client.org