Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/M4DdSHiOP6OMxH3GW2FACDVyPf8.roa
File: M4DdSHiOP6OMxH3GW2FACDVyPf8.roa (raw, json)
Hash identifier: IlPJn0dzlmwJqnqyCRY0JCRnNfi/eBmvdJ5LsquOJF0=
Subject key identifier: 33:80:DD:48:78:8E:3F:A3:8C:C4:7D:C6:5B:61:40:08:35:72:3D:FF
Certificate issuer: /CN=c491456eda59fb0fd2d173f95412be35f6cfbfaf
Certificate serial: 018CC6B8D471C686E82E89B5B25D88902516
Authority key identifier: C4:91:45:6E:DA:59:FB:0F:D2:D1:73:F9:54:12:BE:35:F6:CF:BF:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJFFbtpZ-w_S0XP5VBK-NfbPv68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/M4DdSHiOP6OMxH3GW2FACDVyPf8.roa
Signing time: Mon 01 Jan 2024 20:30:50 +0000
ROA not before: Mon 01 Jan 2024 20:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201324
IP address blocks: 185.78.140.0/22 maxlen: 22
2a03:5960::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/xJFFbtpZ-w_S0XP5VBK-NfbPv68.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/xJFFbtpZ-w_S0XP5VBK-NfbPv68.mft
rsync://rpki.ripe.net/repository/DEFAULT/xJFFbtpZ-w_S0XP5VBK-NfbPv68.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d4:71:c6:86:e8:2e:89:b5:b2:5d:88:90:25:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c491456eda59fb0fd2d173f95412be35f6cfbfaf
Validity
Not Before: Jan 1 20:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3380dd48788e3fa38cc47dc65b61400835723dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f7:14:ae:55:29:c5:ee:83:0b:da:60:c7:7f:
1d:6a:8d:29:4c:3f:46:fa:ee:f0:d5:22:f2:4c:04:
67:81:ff:df:05:f0:ef:93:47:f2:6c:89:f4:9c:c1:
fa:6d:62:e4:30:83:b3:2b:18:e2:fd:cd:96:1d:33:
90:94:5e:cc:6c:e4:0a:42:44:38:46:e9:96:05:9f:
cd:10:26:3a:34:72:fc:65:37:be:1e:66:36:49:a5:
b6:a3:e8:8b:c5:3c:df:e8:a6:dc:6d:0f:ab:af:dc:
ef:4a:b8:4d:c2:92:bb:f7:2b:34:31:a2:03:de:cc:
c0:f0:15:99:00:21:5d:b2:1b:67:02:33:ee:6d:71:
ec:a2:99:11:53:99:26:42:92:fe:21:46:07:48:f2:
61:6f:97:98:bb:ce:71:4a:60:3e:86:df:d0:07:a8:
49:ad:72:93:81:ce:7a:4f:9c:cd:a8:1b:6e:d5:b4:
99:a7:29:52:85:3a:ac:19:bf:b0:3b:48:82:7d:f4:
41:d5:e9:e2:7b:67:1c:05:02:95:4c:ac:14:c1:b3:
58:48:1a:16:28:a2:84:d2:87:70:a6:03:19:3d:4d:
b0:1a:a6:36:19:07:ec:02:04:be:f5:47:4b:52:8c:
2a:53:3b:7e:34:2e:1c:60:7c:12:60:6d:4c:92:d9:
1b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:80:DD:48:78:8E:3F:A3:8C:C4:7D:C6:5B:61:40:08:35:72:3D:FF
X509v3 Authority Key Identifier:
keyid:C4:91:45:6E:DA:59:FB:0F:D2:D1:73:F9:54:12:BE:35:F6:CF:BF:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJFFbtpZ-w_S0XP5VBK-NfbPv68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/M4DdSHiOP6OMxH3GW2FACDVyPf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4f408d-bda5-4a94-b83a-a730ccfdadc5/1/xJFFbtpZ-w_S0XP5VBK-NfbPv68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.140.0/22
IPv6:
2a03:5960::/32
Signature Algorithm: sha256WithRSAEncryption
3d:18:8b:0f:66:4a:67:a0:9a:93:cb:18:51:70:5b:03:10:3d:
fa:97:a1:48:7a:54:15:9a:b7:d9:09:6a:b3:d1:15:d8:b2:29:
c4:17:a7:ac:14:e5:4e:d2:95:44:27:96:82:dd:24:30:62:06:
99:de:81:d2:95:e3:8e:9b:95:4c:e5:0e:a6:e2:a2:2e:b6:35:
66:57:fe:d0:00:ac:6d:4f:1c:6a:56:b1:18:26:b0:d3:bb:66:
45:e5:89:fe:c1:f0:46:75:ee:4e:96:60:a6:37:13:5a:d0:1a:
a9:ba:7b:d2:3f:1d:91:f5:28:0d:cf:17:c5:46:31:65:ac:59:
f2:50:5a:94:d2:51:92:75:e5:7c:8e:4b:1a:da:e2:79:33:1a:
03:f9:15:c0:54:73:1f:68:40:54:66:ea:76:5f:ce:06:e3:07:
65:13:b2:22:6e:b1:4b:ae:70:5a:cf:18:2a:24:ac:e8:5c:7c:
f7:4b:dc:34:5f:06:0c:57:f2:04:a2:28:0f:3c:e4:91:7f:15:
40:72:fe:2c:98:aa:41:d6:7f:65:53:d7:0e:7a:e1:ae:ae:e5:
6c:b7:40:cc:d0:78:bc:d8:80:20:df:91:e1:af:01:50:a7:ac:
de:71:01:10:80:2a:91:41:01:bb:9d:66:f5:90:67:aa:39:df:
20:01:0e:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuNRxxoboLom1sl2IkCUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OTE0NTZlZGE1OWZiMGZkMmQxNzNmOTU0MTJiZTM1ZjZj
ZmJmYWYwHhcNMjQwMTAxMjAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzgwZGQ0ODc4OGUzZmEzOGNjNDdkYzY1YjYxNDAwODM1NzIzZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfcUrlUpxe6DC9pgx38dao0pTD9G
+u7w1SLyTARngf/fBfDvk0fybIn0nMH6bWLkMIOzKxji/c2WHTOQlF7MbOQKQkQ4
RumWBZ/NECY6NHL8ZTe+HmY2SaW2o+iLxTzf6KbcbQ+rr9zvSrhNwpK79ys0MaID
3szA8BWZACFdshtnAjPubXHsopkRU5kmQpL+IUYHSPJhb5eYu85xSmA+ht/QB6hJ
rXKTgc56T5zNqBtu1bSZpylShTqsGb+wO0iCffRB1enie2ccBQKVTKwUwbNYSBoW
KKKE0odwpgMZPU2wGqY2GQfsAgS+9UdLUowqUzt+NC4cYHwSYG1MktkbbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDOA3Uh4jj+jjMR9xlthQAg1cj3/MB8GA1UdIwQY
MBaAFMSRRW7aWfsP0tFz+VQSvjX2z7+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEpGRmJ0cFotd19TMFhQNVZCSy1OZmJQdjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZjQwOGQtYmRhNS00YTk0LWI4M2Et
YTczMGNjZmRhZGM1LzEvTTREZFNIaU9QNk9NeEgzR1cyRkFDRFZ5UGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZjQwOGQtYmRhNS00YTk0LWI4M2EtYTczMGNjZmRhZGM1
LzEveEpGRmJ0cFotd19TMFhQNVZCSy1OZmJQdjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU6MMA0E
AgACMAcDBQAqA1lgMA0GCSqGSIb3DQEBCwUAA4IBAQA9GIsPZkpnoJqTyxhRcFsD
ED36l6FIelQVmrfZCWqz0RXYsinEF6esFOVO0pVEJ5aC3SQwYgaZ3oHSleOOm5VM
5Q6m4qIutjVmV/7QAKxtTxxqVrEYJrDTu2ZF5Yn+wfBGde5OlmCmNxNa0BqpunvS
Px2R9SgNzxfFRjFlrFnyUFqU0lGSdeV8jksa2uJ5MxoD+RXAVHMfaEBUZup2X84G
4wdlE7IibrFLrnBazxgqJKzoXHz3S9w0XwYMV/IEoigPPOSRfxVAcv4smKpB1n9l
U9cOeuGuruVst0DM0Hi82IAg35HhrwFQp6zecQEQgCqRQQG7nWb1kGeqOd8gAQ63
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:17 2024 by rpki-client on console-ams.rpki-client.org