Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/PD4HFX0-TeKQamsCWJk04SAGL-A.roa
File: PD4HFX0-TeKQamsCWJk04SAGL-A.roa (raw, json)
Hash identifier: St3m0QqGMRimi8UUxgclTR0t02r0sUdR6tzLczgw3YM=
Subject key identifier: 3C:3E:07:15:7D:3E:4D:E2:90:6A:6B:02:58:99:34:E1:20:06:2F:E0
Certificate issuer: /CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d
Certificate serial: 018CC8DF8BB654A831BC2D0C007A500C9416
Authority key identifier: 38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/PD4HFX0-TeKQamsCWJk04SAGL-A.roa
Signing time: Tue 02 Jan 2024 06:32:22 +0000
ROA not before: Tue 02 Jan 2024 06:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208484
IP address blocks: 185.116.248.0/22 maxlen: 22
5.145.184.0/21 maxlen: 21
2a04:64c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8b:b6:54:a8:31:bc:2d:0c:00:7a:50:0c:94:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382528ab1cd1b6dc73c0b09b67d3e7e3584f363d
Validity
Not Before: Jan 2 06:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c3e07157d3e4de2906a6b02589934e120062fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:df:b5:4d:f7:4f:ff:42:f9:d7:94:0e:6b:c2:
d1:1e:79:ad:f6:6b:bf:80:1a:71:8d:2f:5d:fb:02:
67:5c:32:09:47:35:b8:f1:a7:02:b0:4e:9a:ee:42:
22:26:22:45:4d:bb:4b:b9:b9:cd:12:02:51:27:21:
4f:5f:61:8f:98:56:1d:a9:d1:2d:be:67:a4:60:65:
03:02:41:9d:4e:7f:44:f2:e0:b0:fb:29:f2:b0:13:
b9:0b:8d:80:54:8b:54:cb:54:86:1a:e8:c1:72:57:
6b:cc:9f:c9:a8:b6:38:ec:d2:69:14:0c:8e:8f:79:
9b:a1:68:49:65:74:08:c8:53:23:ec:1f:f3:96:aa:
e1:72:7a:0b:1f:22:e8:e9:59:15:2a:b0:4f:a2:79:
2b:8b:18:e0:ec:e1:00:68:aa:35:6e:56:1f:c6:99:
f2:1a:96:26:02:5c:59:a5:5b:8e:a8:28:42:0c:c4:
f9:48:75:31:a8:91:14:92:b0:5f:8d:84:4d:15:d5:
eb:f1:74:4e:9c:22:1e:2b:6d:46:f1:41:72:b0:21:
0a:f7:98:09:ba:12:9f:31:0f:4d:e0:c5:7b:33:4f:
a9:e6:1f:e1:05:49:9d:3a:01:03:1c:87:cf:62:eb:
35:7c:8b:9e:55:53:68:0c:22:c1:b1:f9:eb:ca:30:
53:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3E:07:15:7D:3E:4D:E2:90:6A:6B:02:58:99:34:E1:20:06:2F:E0
X509v3 Authority Key Identifier:
keyid:38:25:28:AB:1C:D1:B6:DC:73:C0:B0:9B:67:D3:E7:E3:58:4F:36:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCUoqxzRttxzwLCbZ9Pn41hPNj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/PD4HFX0-TeKQamsCWJk04SAGL-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/00816a-eedf-4190-bc33-3a02a242f444/1/OCUoqxzRttxzwLCbZ9Pn41hPNj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.184.0/21
185.116.248.0/22
IPv6:
2a04:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:f7:a7:4a:21:35:cd:90:36:d7:1d:86:62:a8:8f:e5:9f:75:
71:84:0d:6f:14:67:9d:b8:cc:be:dd:86:ae:04:6a:45:64:01:
e3:41:64:a2:3a:13:1b:57:61:c9:e7:31:38:7b:da:8f:c3:d2:
67:a5:cf:45:71:ca:fc:d6:f6:95:42:48:74:da:bb:e2:d7:2f:
dd:27:f5:ea:bd:ca:3d:c4:73:69:29:c2:a8:64:4f:4c:4e:e6:
20:b2:20:1f:7c:e8:66:b9:ae:28:a9:41:a0:2a:46:22:e0:53:
ee:3b:b8:41:90:75:9c:74:71:85:0f:e6:8d:95:5c:22:9f:57:
cf:9a:bb:e7:d2:29:c3:ad:f7:c9:c9:ad:4d:f9:ed:eb:b6:e1:
d6:89:91:47:77:34:66:c2:26:98:2c:b3:df:8f:dc:50:6e:89:
42:1f:22:1d:9c:5f:4c:68:68:cd:c0:70:3c:82:ca:57:7b:fb:
79:04:d1:c5:d7:e3:99:08:08:bf:da:d5:94:b2:63:2b:1b:f3:
90:84:97:30:11:ee:be:5b:92:4c:c9:67:cb:b6:32:b5:e9:17:
d9:22:28:9a:ce:ad:77:d8:31:00:06:35:fc:a4:83:ff:b7:5f:
fe:b0:54:38:bd:5f:b4:01:a3:e0:29:ec:1b:d4:4e:ea:3e:a7:
de:17:ae:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI34u2VKgxvC0MAHpQDJQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjUyOGFiMWNkMWI2ZGM3M2MwYjA5YjY3ZDNlN2UzNTg0
ZjM2M2QwHhcNMjQwMTAyMDYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNlMDcxNTdkM2U0ZGUyOTA2YTZiMDI1ODk5MzRlMTIwMDYyZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9+1TfdP/0L515QOa8LRHnmt9mu/
gBpxjS9d+wJnXDIJRzW48acCsE6a7kIiJiJFTbtLubnNEgJRJyFPX2GPmFYdqdEt
vmekYGUDAkGdTn9E8uCw+ynysBO5C42AVItUy1SGGujBcldrzJ/JqLY47NJpFAyO
j3mboWhJZXQIyFMj7B/zlqrhcnoLHyLo6VkVKrBPonkrixjg7OEAaKo1blYfxpny
GpYmAlxZpVuOqChCDMT5SHUxqJEUkrBfjYRNFdXr8XROnCIeK21G8UFysCEK95gJ
uhKfMQ9N4MV7M0+p5h/hBUmdOgEDHIfPYus1fIueVVNoDCLBsfnryjBT0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDw+BxV9Pk3ikGprAliZNOEgBi/gMB8GA1UdIwQY
MBaAFDglKKsc0bbcc8Cwm2fT5+NYTzY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMt
M2EwMmEyNDJmNDQ0LzEvUEQ0SEZYMC1UZUtRYW1zQ1dKazA0U0FHTC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMDgxNmEtZWVkZi00MTkwLWJjMzMtM2EwMmEyNDJmNDQ0
LzEvT0NVb3F4elJ0dHh6d0xDYlo5UG40MWhQTmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBZG4AwQC
uXT4MA0EAgACMAcDBQMqBGTAMA0GCSqGSIb3DQEBCwUAA4IBAQCL96dKITXNkDbX
HYZiqI/ln3VxhA1vFGeduMy+3YauBGpFZAHjQWSiOhMbV2HJ5zE4e9qPw9Jnpc9F
ccr81vaVQkh02rvi1y/dJ/Xqvco9xHNpKcKoZE9MTuYgsiAffOhmua4oqUGgKkYi
4FPuO7hBkHWcdHGFD+aNlVwin1fPmrvn0inDrffJya1N+e3rtuHWiZFHdzRmwiaY
LLPfj9xQbolCHyIdnF9MaGjNwHA8gspXe/t5BNHF1+OZCAi/2tWUsmMrG/OQhJcw
Ee6+W5JMyWfLtjK16RfZIiiazq132DEABjX8pIP/t1/+sFQ4vV+0AaPgKewb1E7q
PqfeF64U
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:41:45 2024 by rpki-client on console-ams.rpki-client.org