Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8e3f7b-c78f-4663-bf1d-f5dbdf722f5d/1/PaTDdBw0p1PsCThng42hqoHoL9Y.roa
File: PaTDdBw0p1PsCThng42hqoHoL9Y.roa (raw, json)
Hash identifier: xePkVeyvewRejQtvWsEvoBhoJFrEHQQb/TlP/Bm4RfA=
Subject key identifier: 3D:A4:C3:74:1C:34:A7:53:EC:09:38:67:83:8D:A1:AA:81:E8:2F:D6
Certificate issuer: /CN=afea396f4de355da8dc079a1e885e0c3375ece32
Certificate serial: 018CC801F69294508BF6F2DEC7D343274257
Authority key identifier: AF:EA:39:6F:4D:E3:55:DA:8D:C0:79:A1:E8:85:E0:C3:37:5E:CE:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-o5b03jVdqNwHmh6IXgwzdezjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8e3f7b-c78f-4663-bf1d-f5dbdf722f5d/1/PaTDdBw0p1PsCThng42hqoHoL9Y.roa
Signing time: Tue 02 Jan 2024 02:30:21 +0000
ROA not before: Tue 02 Jan 2024 02:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199728
IP address blocks: 185.48.112.0/24 maxlen: 24
185.48.114.0/23 maxlen: 23
185.48.113.0/24 maxlen: 24
2a04:adc0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8e3f7b-c78f-4663-bf1d-f5dbdf722f5d/1/r-o5b03jVdqNwHmh6IXgwzdezjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8e3f7b-c78f-4663-bf1d-f5dbdf722f5d/1/r-o5b03jVdqNwHmh6IXgwzdezjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r-o5b03jVdqNwHmh6IXgwzdezjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f6:92:94:50:8b:f6:f2:de:c7:d3:43:27:42:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afea396f4de355da8dc079a1e885e0c3375ece32
Validity
Not Before: Jan 2 02:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3da4c3741c34a753ec093867838da1aa81e82fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:4c:ed:d5:aa:47:84:dd:65:49:5b:2f:98:
7f:3d:62:10:9d:c8:27:da:1a:f8:0f:f0:65:0d:b5:
d2:dd:c5:c4:6a:2a:33:77:aa:5a:c4:9e:8e:8b:2f:
a3:fe:59:f5:ae:13:5c:67:62:f1:0c:7b:24:c7:d1:
7f:39:6f:d2:6f:a5:64:a8:6e:a0:b8:69:e2:8f:30:
88:94:0f:5f:4e:55:a2:cd:c3:57:3e:90:2a:56:47:
f6:f5:a8:d7:8f:7f:3b:27:06:f8:8a:28:a0:48:07:
c0:fc:8c:44:23:e4:81:80:75:a8:19:2b:39:60:7e:
06:a2:78:54:cb:a5:68:fa:10:3c:f9:2d:e7:8e:19:
d9:0b:e3:fe:40:90:81:dd:20:8b:f4:05:04:49:55:
9c:79:3a:57:59:6d:1c:0c:f2:84:d9:8e:77:83:8d:
a8:d9:5e:a2:bb:59:6d:e0:05:8c:b2:e8:33:e5:44:
db:71:13:62:b8:a4:41:b2:73:e7:f5:92:fb:3c:dc:
70:5c:c7:f3:1d:19:aa:99:7a:70:2a:d3:d1:0d:dd:
70:8c:88:8f:ee:f7:98:41:25:1d:f2:83:4d:36:db:
ee:58:d4:8f:5f:aa:13:74:c2:aa:49:87:03:f1:7e:
00:2d:8a:19:ec:82:94:d6:5f:ca:98:5d:4b:2d:ef:
c5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A4:C3:74:1C:34:A7:53:EC:09:38:67:83:8D:A1:AA:81:E8:2F:D6
X509v3 Authority Key Identifier:
keyid:AF:EA:39:6F:4D:E3:55:DA:8D:C0:79:A1:E8:85:E0:C3:37:5E:CE:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-o5b03jVdqNwHmh6IXgwzdezjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8e3f7b-c78f-4663-bf1d-f5dbdf722f5d/1/PaTDdBw0p1PsCThng42hqoHoL9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8e3f7b-c78f-4663-bf1d-f5dbdf722f5d/1/r-o5b03jVdqNwHmh6IXgwzdezjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.112.0/22
IPv6:
2a04:adc0::/29
Signature Algorithm: sha256WithRSAEncryption
76:e1:23:4e:ad:3d:21:e3:e1:e2:c9:eb:53:05:c6:6e:58:b1:
6e:1b:2f:21:fa:7e:cd:d4:4c:c2:79:ed:ba:83:ce:6f:db:9b:
d7:ff:f9:f5:13:1d:f1:21:ae:96:62:ad:43:31:8a:17:6c:e9:
9f:53:16:4b:86:b4:d6:0d:fe:19:31:1c:31:e7:ac:47:3a:3b:
40:1b:a8:1d:8d:8b:72:53:fe:26:1e:de:ce:89:f2:98:66:34:
fa:ea:a9:a3:b3:15:81:e0:88:0b:30:9c:4d:a1:6c:8a:76:6b:
9d:12:95:d9:88:64:15:dd:0f:4b:6a:a6:6a:60:58:9c:eb:bd:
54:8b:09:2f:85:e5:56:8a:a4:a3:24:04:0e:1e:cc:46:93:bc:
be:57:8c:a6:f9:41:64:86:ac:f9:00:f1:ef:93:04:53:5c:91:
ae:b5:97:02:34:83:07:f8:a2:4c:67:8e:e9:ac:73:50:ab:9c:
52:89:ee:8c:a6:2b:de:5a:3f:8c:bf:f7:23:0a:0b:0e:c5:fb:
98:d1:d7:f0:87:11:03:e8:44:cb:c1:26:02:83:91:77:e0:f8:
77:51:02:ee:f1:9e:08:15:57:07:8c:fc:8f:ea:60:75:a6:94:
d0:00:59:4d:f2:52:e8:f7:7c:3d:8c:77:8f:f4:12:cf:f7:75:
88:6f:9c:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAfaSlFCL9vLex9NDJ0JXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWEzOTZmNGRlMzU1ZGE4ZGMwNzlhMWU4ODVlMGMzMzc1
ZWNlMzIwHhcNMjQwMTAyMDIzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE0YzM3NDFjMzRhNzUzZWMwOTM4Njc4MzhkYTFhYTgxZTgyZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr9M7dWqR4TdZUlbL5h/PWIQncgn
2hr4D/BlDbXS3cXEaiozd6paxJ6Oiy+j/ln1rhNcZ2LxDHskx9F/OW/Sb6VkqG6g
uGnijzCIlA9fTlWizcNXPpAqVkf29ajXj387Jwb4iiigSAfA/IxEI+SBgHWoGSs5
YH4GonhUy6Vo+hA8+S3njhnZC+P+QJCB3SCL9AUESVWceTpXWW0cDPKE2Y53g42o
2V6iu1lt4AWMsugz5UTbcRNiuKRBsnPn9ZL7PNxwXMfzHRmqmXpwKtPRDd1wjIiP
7veYQSUd8oNNNtvuWNSPX6oTdMKqSYcD8X4ALYoZ7IKU1l/KmF1LLe/FhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD2kw3QcNKdT7Ak4Z4ONoaqB6C/WMB8GA1UdIwQY
MBaAFK/qOW9N41XajcB5oeiF4MM3Xs4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1vNWIwM2pWZHFOd0htaDZJWGd3emRlempJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZTNmN2ItYzc4Zi00NjYzLWJmMWQt
ZjVkYmRmNzIyZjVkLzEvUGFURGRCdzBwMVBzQ1Robmc0Mmhxb0hvTDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZTNmN2ItYzc4Zi00NjYzLWJmMWQtZjVkYmRmNzIyZjVk
LzEvci1vNWIwM2pWZHFOd0htaDZJWGd3emRlempJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTBwMA0E
AgACMAcDBQMqBK3AMA0GCSqGSIb3DQEBCwUAA4IBAQB24SNOrT0h4+HiyetTBcZu
WLFuGy8h+n7N1EzCee26g85v25vX//n1Ex3xIa6WYq1DMYoXbOmfUxZLhrTWDf4Z
MRwx56xHOjtAG6gdjYtyU/4mHt7OifKYZjT66qmjsxWB4IgLMJxNoWyKdmudEpXZ
iGQV3Q9LaqZqYFic671UiwkvheVWiqSjJAQOHsxGk7y+V4ym+UFkhqz5APHvkwRT
XJGutZcCNIMH+KJMZ47prHNQq5xSie6MpiveWj+Mv/cjCgsOxfuY0dfwhxED6ETL
wSYCg5F34Ph3UQLu8Z4IFVcHjPyP6mB1ppTQAFlN8lLo93w9jHeP9BLP93WIb5wH
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:20:01 2024 by rpki-client on console-fra.rpki-client.org