Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/E89GMh-A15tveT6_UopgshZS8Mg.roa
File: E89GMh-A15tveT6_UopgshZS8Mg.roa (raw, json)
Hash identifier: inD8phcXrz/bSY2ACFD4BlduaZGGD2Rd3VSViHSNKSY=
Subject key identifier: 13:CF:46:32:1F:80:D7:9B:6F:79:3E:BF:52:8A:60:B2:16:52:F0:C8
Certificate issuer: /CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Certificate serial: 018CC3B6C55EA6A620DE93A95E1747FB7D86
Authority key identifier: F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/E89GMh-A15tveT6_UopgshZS8Mg.roa
Signing time: Mon 01 Jan 2024 06:29:44 +0000
ROA not before: Mon 01 Jan 2024 06:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49206
IP address blocks: 185.24.175.0/24 maxlen: 24
2a00:6fa0::/32 maxlen: 32
2a00:6fa0:3100::/40 maxlen: 40
2a00:6fa0:4200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.mft
rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c5:5e:a6:a6:20:de:93:a9:5e:17:47:fb:7d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Validity
Not Before: Jan 1 06:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13cf46321f80d79b6f793ebf528a60b21652f0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a9:f3:a1:62:9f:51:9d:8b:dc:e3:d4:45:ab:
1f:b7:cf:26:9b:85:78:5c:a1:70:e4:42:4d:61:4b:
83:a5:38:74:22:16:93:17:e8:23:0b:bf:f4:eb:a7:
27:94:dc:43:27:57:88:4e:e1:df:91:3f:30:4c:bd:
73:8c:ae:f4:d1:c3:24:87:2a:dc:41:cd:a2:45:64:
42:07:5e:4c:f6:89:82:48:14:af:b2:18:89:bb:cd:
30:39:68:4b:d1:e9:0b:ee:af:1f:90:d2:32:f9:3e:
40:fd:e4:e6:4e:e6:31:ea:2f:41:5b:96:b7:3c:fe:
74:e8:c2:dc:e4:d7:34:af:68:d6:ec:7d:0d:e9:9d:
bd:8d:cf:f3:0a:51:55:df:ba:e6:a5:1d:3a:55:78:
0a:0b:a6:53:9f:95:6c:41:cf:f3:75:89:01:7e:8c:
00:a1:73:05:ee:c3:2f:ec:f3:35:3a:04:8e:bc:fc:
31:7f:76:37:e8:c9:dd:e7:5e:75:47:08:6d:bb:d1:
b0:ff:0b:3d:55:a7:c7:f4:ce:47:9a:df:84:61:f9:
29:9d:f0:39:c5:84:24:81:69:d7:ee:f6:0a:a1:07:
85:9d:b1:05:8c:7b:0a:02:75:7b:80:8c:53:c3:44:
4a:47:dc:63:ab:77:f4:2a:22:45:90:71:1d:6a:38:
ce:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CF:46:32:1F:80:D7:9B:6F:79:3E:BF:52:8A:60:B2:16:52:F0:C8
X509v3 Authority Key Identifier:
keyid:F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/E89GMh-A15tveT6_UopgshZS8Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.175.0/24
IPv6:
2a00:6fa0::/32
Signature Algorithm: sha256WithRSAEncryption
77:b4:a2:11:3e:f7:90:dc:e5:fd:ea:64:65:03:a8:a2:c0:e7:
a2:ee:de:78:5a:0c:76:17:7f:ed:af:92:26:7e:1c:e2:eb:62:
e8:9c:d8:8d:17:aa:9a:8a:97:43:5d:a3:66:e8:b3:c4:a0:9e:
3d:2b:7f:f2:f0:75:9c:cc:50:f4:39:97:83:a2:07:07:ca:b5:
f6:7e:ca:52:bc:7e:3f:bd:a7:5c:da:f0:0e:bd:76:c4:c0:a3:
2b:05:59:9c:3a:ea:e5:43:9b:05:e8:2f:ad:0c:ea:7a:21:67:
4b:d4:cc:a0:c5:4f:f3:80:08:e1:f8:9a:fd:19:58:88:2a:0f:
4b:a2:58:2a:be:01:25:b9:63:93:78:e3:50:a3:f5:4e:13:c8:
c8:f8:5f:f4:ff:d0:cf:82:ec:80:4e:79:85:86:4a:c6:a0:32:
c6:6d:aa:7e:27:4e:e4:2c:17:a0:7e:d5:54:ed:42:6d:2c:8a:
50:c8:ec:90:4b:b0:98:52:97:71:26:da:c6:0a:42:ca:95:10:
1f:54:0f:18:4c:f2:a9:89:c0:3b:64:ab:3a:7f:8a:f1:df:1b:
b8:89:81:11:db:28:25:8a:b8:25:fc:72:44:a6:34:ff:70:70:
3f:15:22:fd:03:53:96:17:b2:e4:16:15:f0:ee:7f:58:bd:d4:
5d:89:dd:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtsVepqYg3pOpXhdH+32GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MmIwODRmOWI5Yzk4Y2ZkOTA0MTBiODMwNWNjNmNiNDZk
Y2NlZDgwHhcNMjQwMTAxMDYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2NmNDYzMjFmODBkNzliNmY3OTNlYmY1MjhhNjBiMjE2NTJmMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlanzoWKfUZ2L3OPURasft88mm4V4
XKFw5EJNYUuDpTh0IhaTF+gjC7/066cnlNxDJ1eITuHfkT8wTL1zjK700cMkhyrc
Qc2iRWRCB15M9omCSBSvshiJu80wOWhL0ekL7q8fkNIy+T5A/eTmTuYx6i9BW5a3
PP506MLc5Nc0r2jW7H0N6Z29jc/zClFV37rmpR06VXgKC6ZTn5VsQc/zdYkBfowA
oXMF7sMv7PM1OgSOvPwxf3Y36Mnd5151Rwhtu9Gw/ws9VafH9M5Hmt+EYfkpnfA5
xYQkgWnX7vYKoQeFnbEFjHsKAnV7gIxTw0RKR9xjq3f0KiJFkHEdajjO7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBPPRjIfgNebb3k+v1KKYLIWUvDIMB8GA1UdIwQY
MBaAFPQrCE+bnJjP2QQQuDBcxstG3M7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAt
NmE5Y2Q5NDIwMmZmLzEvRTg5R01oLUExNXR2ZVQ2X1VvcGdzaFpTOE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAtNmE5Y2Q5NDIwMmZm
LzEvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRivMA0E
AgACMAcDBQAqAG+gMA0GCSqGSIb3DQEBCwUAA4IBAQB3tKIRPveQ3OX96mRlA6ii
wOei7t54Wgx2F3/tr5Imfhzi62LonNiNF6qaipdDXaNm6LPEoJ49K3/y8HWczFD0
OZeDogcHyrX2fspSvH4/vadc2vAOvXbEwKMrBVmcOurlQ5sF6C+tDOp6IWdL1Myg
xU/zgAjh+Jr9GViIKg9LolgqvgEluWOTeONQo/VOE8jI+F/0/9DPguyATnmFhkrG
oDLGbap+J07kLBegftVU7UJtLIpQyOyQS7CYUpdxJtrGCkLKlRAfVA8YTPKpicA7
ZKs6f4rx3xu4iYER2yglirgl/HJEpjT/cHA/FSL9A1OWF7LkFhXw7n9YvdRdid2z
-----END CERTIFICATE-----