Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/tO5DfkvPyCWTB8u0GhiyAZJit3k.roa
File: tO5DfkvPyCWTB8u0GhiyAZJit3k.roa (raw, json)
Hash identifier: MPPWpG0RUmdMbW92FQxuX3eIPBkDN2g2X/LGEx/jq4M=
Subject key identifier: B4:EE:43:7E:4B:CF:C8:25:93:07:CB:B4:1A:18:B2:01:92:62:B7:79
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 0192F442A665DB19ECF3F539B622898CED2C
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/tO5DfkvPyCWTB8u0GhiyAZJit3k.roa
Signing time: Sun 03 Nov 2024 23:01:01 +0000
ROA not before: Sun 03 Nov 2024 23:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9153
IP address blocks: 46.248.96.0/19 maxlen: 19
82.136.0.0/18 maxlen: 18
82.136.4.0/23 maxlen: 23
82.136.8.0/22 maxlen: 22
82.136.48.0/22 maxlen: 22
195.22.128.0/23 maxlen: 23
195.68.206.0/24 maxlen: 24
2001:4088::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f4:42:a6:65:db:19:ec:f3:f5:39:b6:22:89:8c:ed:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Nov 3 23:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4ee437e4bcfc8259307cbb41a18b2019262b779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e8:a5:07:c6:74:08:e6:9b:39:57:03:9f:bd:
b8:f2:10:a8:a3:0d:ba:5d:d7:7e:6c:98:e8:ce:11:
94:ea:dd:e9:ce:1e:1d:7f:96:48:f7:11:3b:1f:ef:
ff:8f:ce:47:95:87:36:dc:15:65:6e:cc:25:8c:09:
fd:c9:a4:5c:49:1e:da:8c:52:40:8e:b4:9c:f1:90:
cd:5d:cb:a8:a9:77:b1:4c:d5:98:3b:24:fb:c6:3d:
f8:5a:5f:82:4d:e1:54:8d:96:87:80:0d:c0:93:b0:
9f:52:b4:62:be:57:2b:7f:c1:64:21:a3:cb:c5:02:
0d:6b:86:da:1d:a4:1b:04:83:3d:1b:1e:e3:e4:8e:
0d:73:f8:b9:c3:64:46:f6:70:8a:43:51:8b:0f:a1:
8f:7f:f1:19:2f:8f:8e:b3:6b:8c:4b:87:c7:7b:e4:
10:56:e4:d7:0d:c9:21:04:fa:52:1e:43:aa:06:77:
f5:e9:79:de:f9:b8:2c:3b:19:63:6e:74:ad:70:72:
27:5c:78:ca:cd:89:2c:43:dd:e0:0d:b6:e0:bd:ec:
33:d9:dc:00:f4:fc:2d:0c:6a:b6:fb:41:10:58:e2:
22:bd:4b:1b:b0:01:42:7b:67:7a:91:3f:2c:e1:7e:
57:cb:25:07:7b:97:f5:eb:9b:24:8b:5a:1f:5f:2b:
3d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EE:43:7E:4B:CF:C8:25:93:07:CB:B4:1A:18:B2:01:92:62:B7:79
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/tO5DfkvPyCWTB8u0GhiyAZJit3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.96.0/19
82.136.0.0/18
195.22.128.0/23
195.68.206.0/24
IPv6:
2001:4088::/32
Signature Algorithm: sha256WithRSAEncryption
2f:9c:4c:a2:c6:5a:67:e8:83:c6:07:b2:2d:0c:02:9b:7e:7e:
35:ee:ce:e7:98:1c:66:9c:aa:06:69:fe:c4:46:2e:63:46:b8:
8e:c3:c8:e9:5e:e3:74:4e:98:4d:0f:63:60:52:b9:03:56:f3:
1a:bd:8e:d0:0b:92:fe:5b:c8:64:e6:ef:84:ab:9d:89:6a:90:
c9:86:6a:19:51:20:fd:d3:96:0c:3c:9e:cf:40:5b:26:4e:92:
94:80:3e:e4:1d:83:d7:46:13:f5:76:6b:55:38:8a:f7:f8:89:
68:9f:66:bb:f7:04:54:96:33:ec:9a:8c:e9:74:ff:78:1b:34:
02:08:30:76:c5:c4:1e:75:85:9d:da:eb:61:4e:74:c2:1c:c6:
00:50:dc:ec:61:6a:f3:1a:7b:32:e8:0a:8e:94:bd:78:60:5c:
9e:1c:d8:79:45:52:99:0e:06:0a:1e:63:f6:e5:c1:82:0c:e3:
ff:d9:d6:b2:97:05:ee:19:eb:57:3c:1c:57:57:68:72:8d:c1:
46:71:a2:0f:3b:fb:fb:5e:c0:bc:da:2d:64:c9:28:0a:f8:87:
c0:5b:88:e9:28:62:30:28:de:20:f9:eb:23:c3:79:07:7b:f7:
3b:61:3e:38:bc:f4:a1:ba:06:67:5c:cd:76:c8:99:f1:31:86:
f7:81:a9:6d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZL0QqZl2xns8/U5tiKJjO0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjQxMTAzMjMwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGVlNDM3ZTRiY2ZjODI1OTMwN2NiYjQxYTE4YjIwMTkyNjJiNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruilB8Z0COabOVcDn7248hCoow26
Xdd+bJjozhGU6t3pzh4df5ZI9xE7H+//j85HlYc23BVlbswljAn9yaRcSR7ajFJA
jrSc8ZDNXcuoqXexTNWYOyT7xj34Wl+CTeFUjZaHgA3Ak7CfUrRivlcrf8FkIaPL
xQINa4baHaQbBIM9Gx7j5I4Nc/i5w2RG9nCKQ1GLD6GPf/EZL4+Os2uMS4fHe+QQ
VuTXDckhBPpSHkOqBnf16Xne+bgsOxljbnStcHInXHjKzYksQ93gDbbgvewz2dwA
9PwtDGq2+0EQWOIivUsbsAFCe2d6kT8s4X5XyyUHe5f165ski1ofXys9PQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLTuQ35Lz8glkwfLtBoYsgGSYrd5MB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvdE81RGZrdlB5Q1dUQjh1MEdoaXlBWkppdDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFLvhgAwQG
UogAAwQBwxaAAwQAw0TOMA0EAgACMAcDBQAgAUCIMA0GCSqGSIb3DQEBCwUAA4IB
AQAvnEyixlpn6IPGB7ItDAKbfn417s7nmBxmnKoGaf7ERi5jRriOw8jpXuN0TphN
D2NgUrkDVvMavY7QC5L+W8hk5u+Eq52JapDJhmoZUSD905YMPJ7PQFsmTpKUgD7k
HYPXRhP1dmtVOIr3+Ilon2a79wRUljPsmozpdP94GzQCCDB2xcQedYWd2uthTnTC
HMYAUNzsYWrzGnsy6AqOlL14YFyeHNh5RVKZDgYKHmP25cGCDOP/2daylwXuGetX
PBxXV2hyjcFGcaIPO/v7XsC82i1kySgK+IfAW4jpKGIwKN4g+esjw3kHe/c7YT44
vPShugZnXM12yJnxMYb3galt
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:16:54 2024 by rpki-client on console-fra.rpki-client.org