Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/47hNqXhPVriO_K2p6aDfeAvD6co.roa
File: 47hNqXhPVriO_K2p6aDfeAvD6co.roa (raw, json)
Hash identifier: WRN0ZS19C4Af9fj7BTgxUeG2t1FRko6XhQ0V1SXrm/U=
Subject key identifier: E3:B8:4D:A9:78:4F:56:B8:8E:FC:AD:A9:E9:A0:DF:78:0B:C3:E9:CA
Certificate issuer: /CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Certificate serial: 018CC7950D8BB0BF55A8720E1A9EC6F08A48
Authority key identifier: 34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/47hNqXhPVriO_K2p6aDfeAvD6co.roa
Signing time: Tue 02 Jan 2024 00:31:23 +0000
ROA not before: Tue 02 Jan 2024 00:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8449
IP address blocks: 185.54.252.0/22 maxlen: 24
212.42.96.0/19 maxlen: 24
77.95.56.0/21 maxlen: 24
31.192.249.0/24 maxlen: 24
31.192.248.0/21 maxlen: 24
94.143.192.0/21 maxlen: 24
5.57.8.0/21 maxlen: 24
2a00:7160::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/NAd7QemIc-fwb7HfP105xyGxND8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/NAd7QemIc-fwb7HfP105xyGxND8.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:0d:8b:b0:bf:55:a8:72:0e:1a:9e:c6:f0:8a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Validity
Not Before: Jan 2 00:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3b84da9784f56b88efcada9e9a0df780bc3e9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:f4:3e:ac:0a:c1:79:ff:91:5a:37:e4:75:
07:81:a7:ca:2b:06:36:e0:69:82:18:40:27:67:d7:
7c:11:47:99:08:86:1e:15:ba:fe:4a:09:aa:34:95:
03:24:2f:d6:f7:ab:bb:9f:ed:fd:68:35:19:7e:dd:
c9:43:32:b6:84:5e:f5:0a:36:b2:93:76:d4:ae:1b:
f5:30:4d:93:c1:07:d3:71:f0:0b:24:84:02:6a:58:
8d:6d:eb:39:16:de:29:b7:d3:38:3a:17:91:11:f7:
8e:7c:ea:7d:2d:8f:60:3a:e1:3a:fe:85:bf:92:0d:
9c:02:78:22:e9:d4:21:52:a8:ec:3c:1b:62:18:ef:
26:2b:42:3f:24:d5:66:fc:d4:39:78:c9:b2:56:4a:
8c:69:b2:ab:70:4f:5c:e0:ff:63:1d:23:b7:3f:e9:
60:fa:7b:d8:e4:cb:68:b4:a3:07:ee:4c:61:76:62:
26:10:f7:bc:67:1d:bb:f6:44:79:f7:63:0b:cd:76:
82:73:1f:cf:fc:5f:1e:82:13:3a:f5:07:50:eb:78:
83:ee:e2:0e:55:5d:6d:4b:00:b8:d8:a1:91:21:46:
ab:62:46:dd:51:61:3c:30:e5:a2:b8:97:c5:bd:8a:
df:1c:ef:1f:9e:a4:45:d3:1c:ff:4c:1d:0c:b3:ec:
8c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B8:4D:A9:78:4F:56:B8:8E:FC:AD:A9:E9:A0:DF:78:0B:C3:E9:CA
X509v3 Authority Key Identifier:
keyid:34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/47hNqXhPVriO_K2p6aDfeAvD6co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/NAd7QemIc-fwb7HfP105xyGxND8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.8.0/21
31.192.248.0/21
77.95.56.0/21
94.143.192.0/21
185.54.252.0/22
212.42.96.0/19
IPv6:
2a00:7160::/32
Signature Algorithm: sha256WithRSAEncryption
2a:bf:d5:7d:46:10:1b:be:09:1c:c6:ab:db:a2:24:09:67:fb:
84:be:ac:45:5e:a9:00:f7:a9:d8:3b:f5:60:59:fa:76:8c:09:
be:b9:29:95:a1:d3:31:a9:91:20:d6:de:c2:54:6f:ec:3b:c0:
bd:d0:48:4a:ce:d2:de:2e:85:67:18:0b:e3:e4:d8:f8:ff:ac:
5b:0a:43:19:7a:a0:bb:ba:bb:24:bb:52:25:38:8a:63:3f:3a:
bf:f7:f8:7c:3c:7c:f8:58:21:7f:40:48:15:df:7e:28:8f:83:
20:d6:ce:1d:2f:11:96:c6:17:d5:bc:74:63:a4:09:13:9b:8a:
6f:1a:69:96:48:33:78:31:15:12:11:78:ee:21:ad:c9:00:de:
44:1a:e3:c3:4a:73:e8:05:b7:cb:3b:9f:c0:c3:0c:d6:d6:08:
ec:98:5b:e0:74:2c:da:95:75:75:4a:aa:f2:eb:39:eb:f9:ec:
20:4d:10:e4:f7:f4:68:85:a6:0c:c8:3e:ab:24:08:98:d2:ec:
45:98:61:65:97:c8:f3:a7:cb:81:00:ee:d4:ff:87:f9:36:41:
cb:1c:43:6a:4b:90:7d:a6:62:7d:56:12:0a:47:ed:8e:3f:56:
76:d3:18:7e:1d:6f:55:2b:1a:6e:40:b9:d6:4e:bb:af:19:0b:
02:14:86:f6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHlQ2LsL9VqHIOGp7G8IpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDc3YjQxZTk4ODczZTdmMDZmYjFkZjNmNWQzOWM3MjFi
MTM0M2YwHhcNMjQwMTAyMDAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2I4NGRhOTc4NGY1NmI4OGVmY2FkYTllOWEwZGY3ODBiYzNlOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjf0PqwKwXn/kVo35HUHgafKKwY2
4GmCGEAnZ9d8EUeZCIYeFbr+SgmqNJUDJC/W96u7n+39aDUZft3JQzK2hF71Cjay
k3bUrhv1ME2TwQfTcfALJIQCaliNbes5Ft4pt9M4OheREfeOfOp9LY9gOuE6/oW/
kg2cAngi6dQhUqjsPBtiGO8mK0I/JNVm/NQ5eMmyVkqMabKrcE9c4P9jHSO3P+lg
+nvY5MtotKMH7kxhdmImEPe8Zx279kR592MLzXaCcx/P/F8eghM69QdQ63iD7uIO
VV1tSwC42KGRIUarYkbdUWE8MOWiuJfFvYrfHO8fnqRF0xz/TB0Ms+yMRwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOO4Tal4T1a4jvytqemg33gLw+nKMB8GA1UdIwQY
MBaAFDQHe0HpiHPn8G+x3z9dOcchsTQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFkN1FlbUljLWZ3YjdIZlAxMDV4eUd4TkQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC80NDg4MDAtODI5ZS00YjdhLTkyYzQt
Y2I3Y2JjYTdjMWUwLzEvNDdoTnFYaFBWcmlPX0sycDZhRGZlQXZENmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC80NDg4MDAtODI5ZS00YjdhLTkyYzQtY2I3Y2JjYTdjMWUw
LzEvTkFkN1FlbUljLWZ3YjdIZlAxMDV4eUd4TkQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBTkIAwQD
H8D4AwQDTV84AwQDXo/AAwQCuTb8AwQF1CpgMA0EAgACMAcDBQAqAHFgMA0GCSqG
SIb3DQEBCwUAA4IBAQAqv9V9RhAbvgkcxqvboiQJZ/uEvqxFXqkA96nYO/VgWfp2
jAm+uSmVodMxqZEg1t7CVG/sO8C90EhKztLeLoVnGAvj5Nj4/6xbCkMZeqC7ursk
u1IlOIpjPzq/9/h8PHz4WCF/QEgV334oj4Mg1s4dLxGWxhfVvHRjpAkTm4pvGmmW
SDN4MRUSEXjuIa3JAN5EGuPDSnPoBbfLO5/AwwzW1gjsmFvgdCzalXV1Sqry6znr
+ewgTRDk9/RohaYMyD6rJAiY0uxFmGFll8jzp8uBAO7U/4f5NkHLHENqS5B9pmJ9
VhIKR+2OP1Z20xh+HW9VKxpuQLnWTruvGQsCFIb2
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:22 2024 by rpki-client on console-ams.rpki-client.org