Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9Jxca_b-5naat0XarMgrlFJgOjQ.roa
File: 9Jxca_b-5naat0XarMgrlFJgOjQ.roa (raw, json)
Hash identifier: qnxs3BKrWcVblpsHnyfGb3f9dB73KmADWHG6E8YL5I0=
Subject key identifier: F4:9C:5C:6B:F6:FE:E6:76:9A:B7:45:DA:AC:C8:2B:94:52:60:3A:34
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018EC438FB890F94C4A0CFE141F59A146068
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9Jxca_b-5naat0XarMgrlFJgOjQ.roa
Signing time: Tue 09 Apr 2024 18:57:32 +0000
ROA not before: Tue 09 Apr 2024 18:57:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47341
IP address blocks: 88.216.146.0/24 maxlen: 24
2001:4048:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:38:fb:89:0f:94:c4:a0:cf:e1:41:f5:9a:14:60:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 9 18:57:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f49c5c6bf6fee6769ab745daacc82b9452603a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:05:49:aa:0d:ae:5b:ca:27:6c:3b:10:d7:c9:
ed:5b:99:e1:ef:1e:05:c1:2d:ba:fb:2f:da:50:f1:
05:0f:af:0f:9a:c6:5c:b9:51:7c:e5:3d:be:68:94:
26:d3:c2:10:0e:3b:37:34:6e:4a:47:75:64:d5:9d:
bd:8f:a1:34:03:be:59:6e:9f:96:69:53:0f:49:6e:
14:09:3c:ab:17:3d:56:c4:62:af:61:0b:4f:99:46:
75:d4:a5:41:e5:ee:1e:82:29:68:06:21:30:81:44:
63:b1:5e:e9:53:86:fe:23:39:a2:58:cf:ef:1a:74:
31:28:6c:d2:40:a3:b1:20:51:30:88:9c:01:f5:7d:
7d:1b:25:1c:db:f5:4f:75:97:3b:95:a9:25:23:c9:
38:1e:2e:9d:83:0f:4f:d7:af:74:9e:21:1b:b5:89:
22:09:24:4e:f8:2c:70:2b:45:7a:8f:36:65:c2:2c:
5f:2b:0f:74:14:87:61:dc:9e:cb:57:b6:1e:1f:84:
36:9c:8e:21:05:58:e8:e9:b8:84:d7:7e:d0:6f:3c:
ce:83:6d:4f:23:a2:f8:8c:97:9d:0e:1a:c2:79:0e:
ca:be:6c:72:5b:d8:78:00:62:16:d1:a6:13:aa:a2:
2d:99:76:20:2f:57:12:13:b4:11:2c:75:c8:3e:10:
c0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9C:5C:6B:F6:FE:E6:76:9A:B7:45:DA:AC:C8:2B:94:52:60:3A:34
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9Jxca_b-5naat0XarMgrlFJgOjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.146.0/24
IPv6:
2001:4048:108::/48
Signature Algorithm: sha256WithRSAEncryption
3a:91:d7:35:ee:18:ca:3b:1a:8f:a0:61:bf:1b:97:46:ce:e8:
31:df:51:20:94:10:e8:ea:ad:f5:a7:a6:21:fc:ea:00:b9:fa:
49:48:97:6c:77:e1:dc:8f:c1:5b:5a:3e:ca:8f:a5:a9:75:5b:
ad:e5:81:12:7a:2f:34:da:11:29:d1:ae:31:99:ec:18:c7:61:
7b:8a:f4:5f:55:06:4a:f5:5a:bd:ac:ec:64:01:0f:fc:b1:c1:
b3:0e:c8:5e:17:e4:23:4e:74:cb:92:04:1d:5d:0b:70:e2:62:
0a:f6:df:60:9e:b6:a9:a4:68:49:23:cd:40:6f:74:aa:d8:aa:
01:c9:4e:ac:14:a6:2c:6f:a3:83:f7:71:d9:c0:4f:4b:97:24:
0c:8c:d0:7b:63:fd:94:db:f8:7f:96:82:4f:87:b5:6b:c0:a1:
76:9a:c8:4d:98:73:ac:f1:c7:d1:4c:5a:f9:ce:a9:e4:23:44:
40:de:0e:bf:61:18:3e:d5:fd:4b:52:84:68:40:f7:6c:fa:2c:
2e:6f:60:d1:4e:22:f6:60:11:39:96:14:20:7d:bd:1d:27:33:
2f:4e:fe:f9:ed:30:00:c9:fc:4a:c0:ee:2c:e7:66:63:84:56:
51:3b:18:41:cd:57:59:23:73:df:bd:86:16:c6:89:5c:81:e6:
a9:d3:ef:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7EOPuJD5TEoM/hQfWaFGBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNDA5MTg1NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDljNWM2YmY2ZmVlNjc2OWFiNzQ1ZGFhY2M4MmI5NDUyNjAzYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gVJqg2uW8onbDsQ18ntW5nh7x4F
wS26+y/aUPEFD68PmsZcuVF85T2+aJQm08IQDjs3NG5KR3Vk1Z29j6E0A75Zbp+W
aVMPSW4UCTyrFz1WxGKvYQtPmUZ11KVB5e4egiloBiEwgURjsV7pU4b+IzmiWM/v
GnQxKGzSQKOxIFEwiJwB9X19GyUc2/VPdZc7laklI8k4Hi6dgw9P1690niEbtYki
CSRO+CxwK0V6jzZlwixfKw90FIdh3J7LV7YeH4Q2nI4hBVjo6biE137QbzzOg21P
I6L4jJedDhrCeQ7KvmxyW9h4AGIW0aYTqqItmXYgL1cSE7QRLHXIPhDAYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPScXGv2/uZ2mrdF2qzIK5RSYDo0MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOUp4Y2FfYi01bmFhdDBYYXJNZ3JsRkpnT2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNiSMA8E
AgACMAkDBwAgAUBIAQgwDQYJKoZIhvcNAQELBQADggEBADqR1zXuGMo7Go+gYb8b
l0bO6DHfUSCUEOjqrfWnpiH86gC5+klIl2x34dyPwVtaPsqPpal1W63lgRJ6LzTa
ESnRrjGZ7BjHYXuK9F9VBkr1Wr2s7GQBD/yxwbMOyF4X5CNOdMuSBB1dC3DiYgr2
32CetqmkaEkjzUBvdKrYqgHJTqwUpixvo4P3cdnAT0uXJAyM0Htj/ZTb+H+Wgk+H
tWvAoXaayE2Yc6zxx9FMWvnOqeQjREDeDr9hGD7V/UtShGhA92z6LC5vYNFOIvZg
ETmWFCB9vR0nMy9O/vntMADJ/ErA7iznZmOEVlE7GEHNV1kjc9+9hhbGiVyB5qnT
7+k=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:07 2024 by rpki-client on console-ams.rpki-client.org