Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/18VodbP9Lhu9d0hfiD7HShK88II.roa
File: 18VodbP9Lhu9d0hfiD7HShK88II.roa (raw, json)
Hash identifier: Gaglq0Z267OwhIPM/wYMvotPJJ391A4FZXbsrV9oOTA=
Subject key identifier: D7:C5:68:75:B3:FD:2E:1B:BD:77:48:5F:88:3E:C7:4A:12:BC:F0:82
Certificate issuer: /CN=41da10d665c10e1cb6ec6c2150e3e6024045b9da
Certificate serial: 018CC50005D88DF2C7F418CC944A4E319E86
Authority key identifier: 41:DA:10:D6:65:C1:0E:1C:B6:EC:6C:21:50:E3:E6:02:40:45:B9:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdoQ1mXBDhy27GwhUOPmAkBFudo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/18VodbP9Lhu9d0hfiD7HShK88II.roa
Signing time: Mon 01 Jan 2024 12:29:21 +0000
ROA not before: Mon 01 Jan 2024 12:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34917
IP address blocks: 83.143.144.0/21 maxlen: 21
62.182.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/QdoQ1mXBDhy27GwhUOPmAkBFudo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/QdoQ1mXBDhy27GwhUOPmAkBFudo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QdoQ1mXBDhy27GwhUOPmAkBFudo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:05:d8:8d:f2:c7:f4:18:cc:94:4a:4e:31:9e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41da10d665c10e1cb6ec6c2150e3e6024045b9da
Validity
Not Before: Jan 1 12:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7c56875b3fd2e1bbd77485f883ec74a12bcf082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:81:c0:92:33:fb:25:aa:b6:2c:d1:00:e5:11:
cc:77:1d:4c:c2:c4:eb:aa:42:ad:82:06:a6:0f:92:
32:63:0a:27:a7:56:9c:90:07:2c:56:e5:ae:a5:12:
a4:c0:a7:e6:53:a6:0e:1e:ff:6a:83:c0:ae:ba:96:
91:fd:05:86:be:ed:a1:bd:af:37:6a:f2:77:e0:3d:
56:db:9f:7e:2b:44:a4:d8:be:d1:f5:aa:dd:7e:5d:
85:b9:43:07:e1:ff:de:e6:43:e1:51:d8:01:2e:69:
af:c2:71:db:e0:4b:95:08:b2:14:23:d4:e4:93:71:
98:28:0c:18:36:10:9f:6a:c8:36:99:86:2b:b5:b3:
86:e8:d7:3d:12:63:78:fc:2c:09:50:5c:01:8f:af:
4b:cc:d8:8e:ad:81:39:b7:e3:67:fb:30:c8:7f:9d:
70:31:05:b3:a0:36:d7:dc:42:bc:ea:32:7e:bc:16:
25:bd:ac:42:0a:b3:68:6f:d4:5c:5d:d9:3f:ca:3f:
a2:c4:88:6b:4c:31:29:fe:72:3c:ae:38:65:49:94:
5c:31:c6:dc:66:ed:2d:89:6c:fe:69:11:40:64:86:
52:0c:cf:fe:cd:63:01:62:e0:d8:fb:08:cd:30:09:
34:57:21:6c:8d:4c:75:56:22:49:bc:f0:b2:f2:88:
2d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C5:68:75:B3:FD:2E:1B:BD:77:48:5F:88:3E:C7:4A:12:BC:F0:82
X509v3 Authority Key Identifier:
keyid:41:DA:10:D6:65:C1:0E:1C:B6:EC:6C:21:50:E3:E6:02:40:45:B9:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdoQ1mXBDhy27GwhUOPmAkBFudo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/18VodbP9Lhu9d0hfiD7HShK88II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/QdoQ1mXBDhy27GwhUOPmAkBFudo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.112.0/21
83.143.144.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:e5:8a:77:24:bc:e7:b1:19:00:ac:14:a6:a0:d2:2a:d1:00:
a0:b7:57:34:e4:9c:4e:46:08:da:fa:d3:a6:78:c0:55:a2:8a:
69:34:1e:85:2c:cf:ab:54:88:75:70:51:f5:0a:68:af:b5:f3:
39:03:1c:03:51:8a:2b:f6:73:98:87:07:fc:62:c5:ae:8b:61:
e4:e2:42:63:c4:9a:4b:cc:1e:e1:02:90:6a:89:23:00:00:64:
88:9e:2e:d1:6d:95:f3:5c:5d:af:e1:3a:70:f8:43:8c:cf:7a:
e6:04:b2:b7:11:25:73:24:54:18:10:e1:8b:97:ed:97:ae:01:
ee:fc:44:c7:7b:1c:95:7e:55:00:01:75:de:00:ba:26:00:51:
c8:97:e4:65:84:f5:09:9d:38:20:fb:f6:a4:db:d2:92:36:6f:
61:69:c3:c0:20:02:74:24:5d:49:fa:5b:36:23:5d:1c:1f:13:
0d:f7:e5:f1:33:23:06:a4:97:16:3a:79:96:27:de:6b:0b:45:
5e:31:71:c3:55:5e:57:8c:46:ed:9a:3b:f7:72:a5:ab:2e:5a:
b6:6d:a1:b0:e6:ba:0d:70:8b:f4:59:73:93:b6:dd:46:d8:e8:
f3:4a:ef:8a:57:20:85:48:56:0a:9b:37:15:5b:80:29:8a:a3:
a6:53:0f:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAAXYjfLH9BjMlEpOMZ6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGExMGQ2NjVjMTBlMWNiNmVjNmMyMTUwZTNlNjAyNDA0
NWI5ZGEwHhcNMjQwMTAxMTIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2M1Njg3NWIzZmQyZTFiYmQ3NzQ4NWY4ODNlYzc0YTEyYmNmMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIHAkjP7Jaq2LNEA5RHMdx1MwsTr
qkKtggamD5IyYwonp1ackAcsVuWupRKkwKfmU6YOHv9qg8CuupaR/QWGvu2hva83
avJ34D1W259+K0Sk2L7R9ardfl2FuUMH4f/e5kPhUdgBLmmvwnHb4EuVCLIUI9Tk
k3GYKAwYNhCfasg2mYYrtbOG6Nc9EmN4/CwJUFwBj69LzNiOrYE5t+Nn+zDIf51w
MQWzoDbX3EK86jJ+vBYlvaxCCrNob9RcXdk/yj+ixIhrTDEp/nI8rjhlSZRcMcbc
Zu0tiWz+aRFAZIZSDM/+zWMBYuDY+wjNMAk0VyFsjUx1ViJJvPCy8ogtywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNfFaHWz/S4bvXdIX4g+x0oSvPCCMB8GA1UdIwQY
MBaAFEHaENZlwQ4ctuxsIVDj5gJARbnaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRvUTFtWEJEaHkyN0d3aFVPUG1Ba0JGdWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iYWRlMzQtMGFjMS00MjFmLTg5MzQt
YmIxZmM0NTQ3MDMzLzEvMThWb2RiUDlMaHU5ZDBoZmlEN0hTaEs4OElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iYWRlMzQtMGFjMS00MjFmLTg5MzQtYmIxZmM0NTQ3MDMz
LzEvUWRvUTFtWEJEaHkyN0d3aFVPUG1Ba0JGdWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDPrZwAwQD
U4+QMA0GCSqGSIb3DQEBCwUAA4IBAQAs5Yp3JLznsRkArBSmoNIq0QCgt1c05JxO
Rgja+tOmeMBVooppNB6FLM+rVIh1cFH1CmivtfM5AxwDUYor9nOYhwf8YsWui2Hk
4kJjxJpLzB7hApBqiSMAAGSIni7RbZXzXF2v4Tpw+EOMz3rmBLK3ESVzJFQYEOGL
l+2XrgHu/ETHexyVflUAAXXeALomAFHIl+RlhPUJnTgg+/ak29KSNm9hacPAIAJ0
JF1J+ls2I10cHxMN9+XxMyMGpJcWOnmWJ95rC0VeMXHDVV5XjEbtmjv3cqWrLlq2
baGw5roNcIv0WXOTtt1G2OjzSu+KVyCFSFYKmzcVW4ApiqOmUw99
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:28:52 2024 by rpki-client on console-ams.rpki-client.org