Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rTAwpJVUSOcQsKFCoEhT86JCGb4.roa
File: rTAwpJVUSOcQsKFCoEhT86JCGb4.roa (raw, json)
Hash identifier: H8qPSlIfrYoxOeh7ms/Dm2JtiT7l/RQuWB9srdV+XjE=
Subject key identifier: AD:30:30:A4:95:54:48:E7:10:B0:A1:42:A0:48:53:F3:A2:42:19:BE
Certificate issuer: /CN=47b80caa97c13147d680c80976f8a4b15cade04f
Certificate serial: 018CC4930C441A2ABC3E599E6A180F7D4F78
Authority key identifier: 47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rTAwpJVUSOcQsKFCoEhT86JCGb4.roa
Signing time: Mon 01 Jan 2024 10:30:20 +0000
ROA not before: Mon 01 Jan 2024 10:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44547
IP address blocks: 185.161.122.0/24 maxlen: 24
185.171.88.0/24 maxlen: 24
185.171.91.0/24 maxlen: 24
2a0c:f500::/29 maxlen: 29
2a07:5dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.mft
rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0c:44:1a:2a:bc:3e:59:9e:6a:18:0f:7d:4f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b80caa97c13147d680c80976f8a4b15cade04f
Validity
Not Before: Jan 1 10:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad3030a4955448e710b0a142a04853f3a24219be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:89:7a:24:ed:24:d4:56:24:08:db:2c:1e:3e:
9b:8e:14:25:7f:a0:71:d0:f2:48:b9:fa:57:1a:cd:
75:5c:a2:14:a5:e6:85:76:13:44:92:0a:1b:56:29:
e6:1a:42:34:18:85:2d:64:6f:52:5a:31:b9:80:cc:
32:35:67:59:03:c7:70:cc:28:82:bf:08:86:ca:10:
91:af:9f:fd:5e:3f:f1:03:d6:6c:61:d1:5a:e3:dd:
0d:e9:32:54:7d:08:81:4b:dd:15:c3:10:92:22:44:
4b:0c:27:c5:94:f0:b9:6f:45:2c:85:c9:8d:b2:b7:
17:79:96:1d:e4:7e:5b:02:d7:c0:b3:d3:60:6b:f9:
b9:40:32:3c:04:0a:5b:39:5d:4f:a2:68:96:24:67:
c4:79:a0:14:3b:78:92:84:5b:d1:c1:ee:93:1e:9c:
58:41:7a:a4:db:48:56:37:db:5c:19:14:de:5f:88:
ec:95:bc:9e:ac:3f:2e:cd:42:98:e0:62:08:49:61:
c8:7e:98:78:c7:20:52:00:56:84:21:c9:70:df:a2:
1e:c0:03:9c:e3:e3:9b:42:2e:05:5e:1e:f7:d2:53:
aa:6f:4e:5f:8f:a1:90:5d:d6:b3:42:72:e6:7b:05:
12:7d:5a:ca:26:aa:d1:40:7e:32:a7:f2:d1:55:49:
45:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:30:30:A4:95:54:48:E7:10:B0:A1:42:A0:48:53:F3:A2:42:19:BE
X509v3 Authority Key Identifier:
keyid:47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rTAwpJVUSOcQsKFCoEhT86JCGb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.122.0/24
185.171.88.0/24
185.171.91.0/24
IPv6:
2a07:5dc0::/29
2a0c:f500::/29
Signature Algorithm: sha256WithRSAEncryption
21:da:54:37:df:9e:fb:27:f3:b5:1c:46:84:64:57:a9:29:fc:
0a:3f:93:d2:2f:16:5b:75:e8:cf:6f:ae:fb:d8:1f:12:68:9e:
25:20:4d:e8:2b:c3:8e:8b:ff:9d:09:dd:06:df:76:a7:eb:dd:
89:29:e0:b5:ba:95:6e:51:1d:9a:d8:fb:80:fa:b3:11:c7:d8:
69:bc:0c:12:b0:d8:c1:e9:cd:cc:ab:ca:78:08:85:b8:62:d8:
6d:19:23:08:0c:68:77:6c:0a:5c:08:c8:bf:e7:76:1f:e0:6c:
0f:a2:d9:91:61:5d:9a:ae:2f:e0:7c:70:fe:49:8c:e2:55:e7:
0e:22:ea:53:bd:ec:89:fc:79:39:a1:a7:bd:88:78:75:55:18:
89:5a:80:9b:4d:56:45:4e:63:ee:67:ea:cd:24:2a:8a:89:b5:
b1:6e:b4:5d:1f:95:1d:ef:28:9d:d0:2f:06:ec:3c:81:05:59:
c7:3b:2a:65:a6:9e:6f:7b:26:d0:9c:bb:dd:a2:fd:a0:71:48:
88:19:ee:9b:52:4f:b2:a4:47:5d:22:48:84:c7:fd:a7:71:d8:
c7:7a:51:04:1d:a8:66:81:57:a1:03:24:b5:72:11:e8:fa:1d:
9d:17:3b:01:09:f2:48:4e:de:79:f8:b9:d1:bd:a6:61:4e:a8:
12:02:f2:f4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzEkwxEGiq8PlmeahgPfU94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjgwY2FhOTdjMTMxNDdkNjgwYzgwOTc2ZjhhNGIxNWNh
ZGUwNGYwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDMwMzBhNDk1NTQ0OGU3MTBiMGExNDJhMDQ4NTNmM2EyNDIxOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIl6JO0k1FYkCNssHj6bjhQlf6Bx
0PJIufpXGs11XKIUpeaFdhNEkgobVinmGkI0GIUtZG9SWjG5gMwyNWdZA8dwzCiC
vwiGyhCRr5/9Xj/xA9ZsYdFa490N6TJUfQiBS90VwxCSIkRLDCfFlPC5b0UshcmN
srcXeZYd5H5bAtfAs9Nga/m5QDI8BApbOV1PomiWJGfEeaAUO3iShFvRwe6THpxY
QXqk20hWN9tcGRTeX4jslbyerD8uzUKY4GIISWHIfph4xyBSAFaEIclw36IewAOc
4+ObQi4FXh730lOqb05fj6GQXdazQnLmewUSfVrKJqrRQH4yp/LRVUlFnwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK0wMKSVVEjnELChQqBIU/OiQhm+MB8GA1UdIwQY
MBaAFEe4DKqXwTFH1oDICXb4pLFcreBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAt
MTBlMjRlOWQwZmE3LzEvclRBd3BKVlVTT2NRc0tGQ29FaFQ4NkpDR2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAtMTBlMjRlOWQwZmE3
LzEvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAuaF6AwQA
uatYAwQAuatbMBQEAgACMA4DBQMqB13AAwUDKgz1ADANBgkqhkiG9w0BAQsFAAOC
AQEAIdpUN9+e+yfztRxGhGRXqSn8Cj+T0i8WW3Xoz2+u+9gfEmieJSBN6CvDjov/
nQndBt92p+vdiSngtbqVblEdmtj7gPqzEcfYabwMErDYwenNzKvKeAiFuGLYbRkj
CAxod2wKXAjIv+d2H+BsD6LZkWFdmq4v4Hxw/kmM4lXnDiLqU73sifx5OaGnvYh4
dVUYiVqAm01WRU5j7mfqzSQqiom1sW60XR+VHe8ondAvBuw8gQVZxzsqZaaeb3sm
0Jy73aL9oHFIiBnum1JPsqRHXSJIhMf9p3HYx3pRBB2oZoFXoQMktXIR6PodnRc7
AQnySE7eefi50b2mYU6oEgLy9A==
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:00:07 2024 by rpki-client on console-fra.rpki-client.org