Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/1H1RmWw0K7bJ0QZ4pPDbjtlPKvQ.roa
File: 1H1RmWw0K7bJ0QZ4pPDbjtlPKvQ.roa (raw, json)
Hash identifier: pD+0ryZdNozPZLBEXM5fu6QzeEvqpr2A+sy1XhpstJc=
Subject key identifier: D4:7D:51:99:6C:34:2B:B6:C9:D1:06:78:A4:F0:DB:8E:D9:4F:2A:F4
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018CC5006344FE55B5BD3B7650ED4EC189C8
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/1H1RmWw0K7bJ0QZ4pPDbjtlPKvQ.roa
Signing time: Mon 01 Jan 2024 12:29:46 +0000
ROA not before: Mon 01 Jan 2024 12:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft
rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:63:44:fe:55:b5:bd:3b:76:50:ed:4e:c1:89:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 12:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d47d51996c342bb6c9d10678a4f0db8ed94f2af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e4:19:cc:b5:b9:c3:70:1d:87:69:74:d7:58:
8f:51:e5:92:41:8d:89:15:0f:4d:af:1b:49:70:06:
cc:35:f8:d8:7a:67:a4:1e:b9:a4:dd:65:3a:e7:cb:
9c:bf:18:cf:ad:5b:45:7c:f8:bb:1f:84:2a:d2:3b:
ee:0d:a7:05:e0:49:52:cd:ca:ae:6d:f0:fb:04:a5:
12:b6:55:b2:1c:90:65:26:f3:a2:ed:a0:58:f0:af:
ca:5e:4a:23:f2:31:81:04:8a:5b:20:21:1c:ee:2c:
8b:26:43:6b:26:d4:71:97:fe:db:9b:8d:d2:5e:f2:
00:72:ba:46:58:e1:8f:04:ce:23:c4:72:64:73:9d:
e3:22:d7:be:9f:98:03:52:79:f3:86:87:d0:57:80:
f8:96:ba:19:b8:71:ac:1a:b9:21:69:15:80:b0:13:
ab:8d:04:52:e0:d3:3e:ae:56:4a:d1:d7:74:fa:04:
f5:ef:c4:9b:d6:20:91:bf:23:4e:00:a7:05:ca:8a:
7b:3a:42:44:2a:d6:5d:2a:98:6a:32:0e:14:a9:f6:
33:55:5d:f9:c6:0f:ce:4a:b6:37:37:fb:81:94:66:
d8:1c:28:a2:46:3c:79:26:a3:fb:41:72:a8:92:d8:
11:f4:d1:6c:15:86:a5:17:48:11:81:86:d1:16:2c:
2f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7D:51:99:6C:34:2B:B6:C9:D1:06:78:A4:F0:DB:8E:D9:4F:2A:F4
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/1H1RmWw0K7bJ0QZ4pPDbjtlPKvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
01:f0:03:08:c5:c3:22:2e:db:0c:fa:a6:ae:a0:b2:eb:fd:91:
7e:2d:92:fc:83:6e:e7:a7:7b:9c:22:bf:12:56:9a:86:6a:15:
c2:3a:3b:1a:f2:6c:83:7d:b2:e2:b5:f9:b9:90:ee:a4:ce:60:
79:08:54:1e:af:16:a6:fd:a9:10:c1:04:e6:a4:7e:cd:02:ab:
10:60:2d:d7:36:3a:dc:12:3d:0d:af:0a:26:ac:57:bc:a4:fe:
75:9c:71:69:d8:7d:25:64:c2:fc:7b:2c:95:9b:67:b5:07:5f:
a9:be:0c:23:c2:f7:7c:6e:1c:ee:03:13:b8:4b:d6:84:88:a4:
3a:30:01:3f:05:77:77:f4:26:eb:73:83:31:cb:b9:1f:c8:e8:
1a:24:b7:06:dc:d2:cf:e7:c6:f7:5c:e9:d7:28:e9:04:1e:22:
6d:63:05:8f:0e:ff:c0:5d:2e:74:54:ae:40:c5:71:88:67:98:
a6:57:26:86:63:cf:53:9e:ca:e1:db:1e:f4:d9:c9:e3:57:fb:
95:35:48:8b:35:da:41:45:df:3b:16:9d:50:53:ef:06:e4:b8:
09:be:5c:ab:97:8b:78:bb:e9:5a:d4:ee:56:c8:47:0c:23:0d:
57:9a:50:90:18:fa:04:c9:85:7e:42:5c:dd:7c:48:91:ea:05:
c4:0d:ab:9e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFAGNE/lW1vTt2UO1OwYnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdkNTE5OTZjMzQyYmI2YzlkMTA2NzhhNGYwZGI4ZWQ5NGYyYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweQZzLW5w3Adh2l011iPUeWSQY2J
FQ9NrxtJcAbMNfjYemekHrmk3WU658ucvxjPrVtFfPi7H4Qq0jvuDacF4ElSzcqu
bfD7BKUStlWyHJBlJvOi7aBY8K/KXkoj8jGBBIpbICEc7iyLJkNrJtRxl/7bm43S
XvIAcrpGWOGPBM4jxHJkc53jIte+n5gDUnnzhofQV4D4lroZuHGsGrkhaRWAsBOr
jQRS4NM+rlZK0dd0+gT178Sb1iCRvyNOAKcFyop7OkJEKtZdKphqMg4UqfYzVV35
xg/OSrY3N/uBlGbYHCiiRjx5JqP7QXKoktgR9NFsFYalF0gRgYbRFiwvfQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNR9UZlsNCu2ydEGeKTw247ZTyr0MB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvMUgxUm1XdzBLN2JKMFFaNHBQRGJqdGxQS3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAAHwAwjFwyIu2wz6pq6gsuv9kX4tkvyDbuene5wivxJWmoZqFcI6OxrybIN9
suK1+bmQ7qTOYHkIVB6vFqb9qRDBBOakfs0CqxBgLdc2OtwSPQ2vCiasV7yk/nWc
cWnYfSVkwvx7LJWbZ7UHX6m+DCPC93xuHO4DE7hL1oSIpDowAT8Fd3f0JutzgzHL
uR/I6Boktwbc0s/nxvdc6dco6QQeIm1jBY8O/8BdLnRUrkDFcYhnmKZXJoZjz1Oe
yuHbHvTZyeNX+5U1SIs12kFF3zsWnVBT7wbkuAm+XKuXi3i76VrU7lbIRwwjDVea
UJAY+gTJhX5CXN18SJHqBcQNq54=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:08 2024 by rpki-client on console-ams.rpki-client.org