Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/opFAYBLrZ4xoRDp9QAgkyN_aG1o.roa
File: opFAYBLrZ4xoRDp9QAgkyN_aG1o.roa (raw, json)
Hash identifier: YyHTrW2NscrLv35k+EtPpSpdO2JY2XPjKPidYM2VG5E=
Subject key identifier: A2:91:40:60:12:EB:67:8C:68:44:3A:7D:40:08:24:C8:DF:DA:1B:5A
Certificate issuer: /CN=1b368e70269de660cbc14df9c763b018788a1ffc
Certificate serial: 018EA39C7AFB41ADD8951BAAED5659679FFB
Authority key identifier: 1B:36:8E:70:26:9D:E6:60:CB:C1:4D:F9:C7:63:B0:18:78:8A:1F:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzaOcCad5mDLwU35x2OwGHiKH_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/opFAYBLrZ4xoRDp9QAgkyN_aG1o.roa
Signing time: Wed 03 Apr 2024 10:58:45 +0000
ROA not before: Wed 03 Apr 2024 10:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.218.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/GzaOcCad5mDLwU35x2OwGHiKH_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/GzaOcCad5mDLwU35x2OwGHiKH_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/GzaOcCad5mDLwU35x2OwGHiKH_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 04:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:9c:7a:fb:41:ad:d8:95:1b:aa:ed:56:59:67:9f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b368e70269de660cbc14df9c763b018788a1ffc
Validity
Not Before: Apr 3 10:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a291406012eb678c68443a7d400824c8dfda1b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:67:a0:27:22:1c:d2:e3:05:ef:20:8b:84:04:
70:9b:ab:66:23:48:7c:0e:a6:3d:72:8a:0e:e1:e3:
c9:e5:c9:ee:8c:79:0e:c5:6b:2e:be:02:44:9e:56:
58:45:64:2e:42:af:ef:b5:8d:06:f8:57:db:19:4b:
4c:c8:24:93:b8:14:00:23:68:d6:64:bf:ae:86:68:
35:dc:53:72:bd:21:59:e9:87:d0:30:07:ba:82:4c:
4a:9c:b9:a5:24:dd:09:3c:fa:ef:75:1c:bd:bf:72:
a7:b0:d5:46:77:23:f0:f6:f5:04:85:c3:99:8c:6c:
b7:d3:69:e3:ef:74:3b:c7:34:c2:5b:6c:3e:79:14:
a2:6e:7e:56:96:be:6a:7c:bc:af:ab:ce:ce:d5:cc:
0f:05:62:63:b4:c4:1b:19:2c:e3:34:fc:79:65:01:
56:f6:1a:45:66:b2:51:4e:8b:4b:8f:8e:d8:c4:fe:
ce:59:ff:6e:d1:bf:c2:b4:04:26:e1:f1:f5:7c:3c:
b1:a6:74:12:3d:5c:14:6f:71:30:e6:81:5b:41:9a:
e9:60:4b:63:f8:3a:7a:f6:63:2a:a3:19:7d:ba:0b:
44:0d:c7:66:e0:42:c9:95:b1:41:5e:e9:17:51:3b:
e0:bc:4d:e3:a4:21:e8:7a:20:fa:6e:3c:0c:9a:7c:
6a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:91:40:60:12:EB:67:8C:68:44:3A:7D:40:08:24:C8:DF:DA:1B:5A
X509v3 Authority Key Identifier:
keyid:1B:36:8E:70:26:9D:E6:60:CB:C1:4D:F9:C7:63:B0:18:78:8A:1F:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzaOcCad5mDLwU35x2OwGHiKH_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/opFAYBLrZ4xoRDp9QAgkyN_aG1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/f65960-b03c-498c-b6d5-60951e97588c/1/GzaOcCad5mDLwU35x2OwGHiKH_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.48.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:db:e9:6c:f6:df:47:04:6e:30:5e:19:98:d2:06:f1:94:b2:
8d:35:02:f4:b8:19:b9:db:9d:ba:95:63:75:75:7e:6f:20:b4:
7a:97:68:7a:12:8e:67:5a:48:d2:e7:4b:ec:32:79:75:9e:67:
dd:d2:22:20:98:eb:f4:16:0c:6a:cc:98:7f:1f:b1:92:c8:10:
25:9f:7e:3e:5e:4c:1b:ef:89:63:00:e9:a1:4a:79:cb:ca:cd:
7a:f3:58:2b:b5:65:e6:02:c7:37:f6:8f:2e:73:b2:46:2e:51:
75:b6:f0:25:ac:c2:c7:29:57:58:27:93:25:23:f1:08:73:e7:
77:9f:08:30:38:e5:f7:89:c5:da:c0:08:9f:6a:2d:9d:d2:26:
28:bc:c9:7f:95:c7:cc:1e:ff:07:89:bd:a8:3c:d0:a0:9b:ee:
f8:88:b2:15:7e:91:b4:df:1c:73:84:71:db:1d:df:65:3f:ff:
87:12:6f:f9:3f:1f:5b:1c:a4:c7:49:31:86:a7:54:e6:a6:b2:
44:3d:20:5a:3f:08:8c:fb:00:03:c5:84:17:72:97:27:3b:32:
3e:42:bc:79:44:98:f4:ec:6d:22:64:68:d0:30:85:6b:56:06:
5d:1c:c9:90:9a:0e:06:d3:9c:7d:d7:97:83:ab:d4:57:01:de:
01:fe:fa:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6jnHr7Qa3YlRuq7VZZZ5/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzY4ZTcwMjY5ZGU2NjBjYmMxNGRmOWM3NjNiMDE4Nzg4
YTFmZmMwHhcNMjQwNDAzMTA1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjkxNDA2MDEyZWI2NzhjNjg0NDNhN2Q0MDA4MjRjOGRmZGExYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWegJyIc0uMF7yCLhARwm6tmI0h8
DqY9cooO4ePJ5cnujHkOxWsuvgJEnlZYRWQuQq/vtY0G+FfbGUtMyCSTuBQAI2jW
ZL+uhmg13FNyvSFZ6YfQMAe6gkxKnLmlJN0JPPrvdRy9v3KnsNVGdyPw9vUEhcOZ
jGy302nj73Q7xzTCW2w+eRSibn5Wlr5qfLyvq87O1cwPBWJjtMQbGSzjNPx5ZQFW
9hpFZrJRTotLj47YxP7OWf9u0b/CtAQm4fH1fDyxpnQSPVwUb3Ew5oFbQZrpYEtj
+Dp69mMqoxl9ugtEDcdm4ELJlbFBXukXUTvgvE3jpCHoeiD6bjwMmnxqfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKRQGAS62eMaEQ6fUAIJMjf2htaMB8GA1UdIwQY
MBaAFBs2jnAmneZgy8FN+cdjsBh4ih/8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3phT2NDYWQ1bURMd1UzNXgyT3dHSGlLSF93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9mNjU5NjAtYjAzYy00OThjLWI2ZDUt
NjA5NTFlOTc1ODhjLzEvb3BGQVlCTHJaNHhvUkRwOVFBZ2t5Tl9hRzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9mNjU5NjAtYjAzYy00OThjLWI2ZDUtNjA5NTFlOTc1ODhj
LzEvR3phT2NDYWQ1bURMd1UzNXgyT3dHSGlLSF93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudowMA0G
CSqGSIb3DQEBCwUAA4IBAQDU2+ls9t9HBG4wXhmY0gbxlLKNNQL0uBm52526lWN1
dX5vILR6l2h6Eo5nWkjS50vsMnl1nmfd0iIgmOv0FgxqzJh/H7GSyBAln34+Xkwb
74ljAOmhSnnLys1681grtWXmAsc39o8uc7JGLlF1tvAlrMLHKVdYJ5MlI/EIc+d3
nwgwOOX3icXawAifai2d0iYovMl/lcfMHv8Hib2oPNCgm+74iLIVfpG03xxzhHHb
Hd9lP/+HEm/5Px9bHKTHSTGGp1TmprJEPSBaPwiM+wADxYQXcpcnOzI+Qrx5RJj0
7G0iZGjQMIVrVgZdHMmQmg4G05x915eDq9RXAd4B/vr8
-----END CERTIFICATE-----
Generated at Thu May 16 08:49:36 2024 by rpki-client on console-ams.rpki-client.org