Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/T5byYDOE50G6ye_wRxX-GgwSJ80.roa
File: T5byYDOE50G6ye_wRxX-GgwSJ80.roa (raw, json)
Hash identifier: MbQdbiiAnXCH6waCTqqD8DqTyaXPjMXqf4U9ywFak/w=
Subject key identifier: 4F:96:F2:60:33:84:E7:41:BA:C9:EF:F0:47:15:FE:1A:0C:12:27:CD
Certificate issuer: /CN=efa842e67147252505f41551f0f735b7f72e3e97
Certificate serial: 019248974F7E1680CC9CF6CB491F150B1F82
Authority key identifier: EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/T5byYDOE50G6ye_wRxX-GgwSJ80.roa
Signing time: Tue 01 Oct 2024 14:58:48 +0000
ROA not before: Tue 01 Oct 2024 14:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30058
IP address blocks: 185.30.233.0/24 maxlen: 24
185.165.190.0/24 maxlen: 24
185.165.191.0/24 maxlen: 24
2a07:85c3::/48 maxlen: 48
2a07:85c5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:97:4f:7e:16:80:cc:9c:f6:cb:49:1f:15:0b:1f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa842e67147252505f41551f0f735b7f72e3e97
Validity
Not Before: Oct 1 14:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f96f2603384e741bac9eff04715fe1a0c1227cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:76:59:6d:f2:fa:7e:fb:1d:48:c4:d1:45:
8d:98:ab:aa:1f:b4:84:13:e7:4d:30:89:af:35:7c:
72:f8:8f:03:0f:4d:89:c0:db:bd:fa:25:c9:0a:31:
15:de:3d:06:2d:ab:c3:52:53:54:e7:fe:f6:fd:27:
e4:18:05:b4:32:52:ba:fb:da:21:55:ca:81:95:83:
ef:2c:89:c2:73:62:33:07:9f:5e:a7:22:0e:7b:f5:
b4:b8:dc:f1:ee:9f:0c:1a:be:25:4f:0d:c7:cc:b0:
61:a4:7a:a4:d5:e7:9e:f5:5d:bc:95:fa:46:c1:92:
43:93:0b:8a:ae:5a:a6:70:17:f1:3a:98:49:9d:40:
aa:3e:31:c8:ac:a0:13:a6:d0:6a:b9:81:98:1d:37:
f7:e0:c0:4a:54:da:92:5c:59:e6:dc:4c:13:0b:99:
5a:48:70:28:c4:9a:07:dc:ae:7c:bc:91:58:3f:f8:
1c:08:13:1b:eb:60:b9:ec:e2:97:24:75:93:ca:4b:
10:ee:6d:a1:3b:b3:41:fd:66:70:3a:39:3d:fd:3f:
f6:14:34:85:e5:4a:60:bf:da:a8:45:a9:0d:97:ac:
a9:fd:42:5b:25:44:53:db:29:7b:d3:5b:3a:3c:ab:
3f:ca:f3:c8:9a:8b:ca:66:6a:a9:df:eb:6a:02:2d:
62:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:96:F2:60:33:84:E7:41:BA:C9:EF:F0:47:15:FE:1A:0C:12:27:CD
X509v3 Authority Key Identifier:
keyid:EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/T5byYDOE50G6ye_wRxX-GgwSJ80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.233.0/24
185.165.190.0/23
IPv6:
2a07:85c3::/48
2a07:85c5::/48
Signature Algorithm: sha256WithRSAEncryption
8d:1d:66:3b:a5:36:47:61:b3:5b:ac:f5:84:be:fe:a1:51:0b:
f3:51:da:55:ac:cb:af:0f:ff:20:0c:2a:81:46:ac:06:f1:19:
f3:9f:9c:ba:00:76:63:aa:5b:43:b3:d2:7b:a7:fa:42:10:d2:
e9:99:f1:ee:42:76:79:ae:cd:c3:3f:47:2f:23:4f:cf:5c:af:
ac:c3:eb:2d:df:d6:15:7f:66:60:59:01:95:9c:49:74:43:6c:
a3:8f:aa:cf:13:99:fc:9d:91:53:34:b0:16:7d:b1:30:36:c3:
c1:c5:0e:5c:e1:ee:53:4a:3a:0a:23:95:cd:fa:b8:ef:0f:71:
14:4b:13:4c:a3:7a:7a:e8:76:f6:d3:c5:37:4a:45:28:6a:06:
f3:48:f7:79:18:c1:57:7c:cd:47:60:e6:44:9b:75:90:25:31:
c0:8c:f0:70:91:07:55:f5:3f:91:fc:26:28:09:36:c8:c1:87:
a3:58:2d:05:be:8a:b9:81:14:62:ce:61:d8:d5:e1:1d:cd:5c:
c4:3b:41:63:b0:49:a3:1b:d6:40:18:25:3e:a9:ef:f0:13:c9:
09:10:25:98:b0:62:ee:0d:8c:79:67:6f:72:e9:50:0d:4b:6a:
d2:d0:70:f9:e8:23:70:06:12:a2:ad:b7:61:cc:97:b5:3d:47:
30:7f:d2:39
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZJIl09+FoDMnPbLSR8VCx+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTg0MmU2NzE0NzI1MjUwNWY0MTU1MWYwZjczNWI3Zjcy
ZTNlOTcwHhcNMjQxMDAxMTQ1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjk2ZjI2MDMzODRlNzQxYmFjOWVmZjA0NzE1ZmUxYTBjMTIyN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZR2WW3y+n77HUjE0UWNmKuqH7SE
E+dNMImvNXxy+I8DD02JwNu9+iXJCjEV3j0GLavDUlNU5/72/SfkGAW0MlK6+9oh
VcqBlYPvLInCc2IzB59epyIOe/W0uNzx7p8MGr4lTw3HzLBhpHqk1eee9V28lfpG
wZJDkwuKrlqmcBfxOphJnUCqPjHIrKATptBquYGYHTf34MBKVNqSXFnm3EwTC5la
SHAoxJoH3K58vJFYP/gcCBMb62C57OKXJHWTyksQ7m2hO7NB/WZwOjk9/T/2FDSF
5Upgv9qoRakNl6yp/UJbJURT2yl701s6PKs/yvPImovKZmqp3+tqAi1iQwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE+W8mAzhOdBusnv8EcV/hoMEifNMB8GA1UdIwQY
MBaAFO+oQuZxRyUlBfQVUfD3Nbf3Lj6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYt
OGUwYzMxMjIzZGI4LzEvVDVieVlET0U1MEc2eWVfd1J4WC1HZ3dTSjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYtOGUwYzMxMjIzZGI4
LzEvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuR7pAwQB
uaW+MBgEAgACMBIDBwAqB4XDAAADBwAqB4XFAAAwDQYJKoZIhvcNAQELBQADggEB
AI0dZjulNkdhs1us9YS+/qFRC/NR2lWsy68P/yAMKoFGrAbxGfOfnLoAdmOqW0Oz
0nun+kIQ0umZ8e5CdnmuzcM/Ry8jT89cr6zD6y3f1hV/ZmBZAZWcSXRDbKOPqs8T
mfydkVM0sBZ9sTA2w8HFDlzh7lNKOgojlc36uO8PcRRLE0yjenrodvbTxTdKRShq
BvNI93kYwVd8zUdg5kSbdZAlMcCM8HCRB1X1P5H8JigJNsjBh6NYLQW+irmBFGLO
YdjV4R3NXMQ7QWOwSaMb1kAYJT6p7/ATyQkQJZiwYu4NjHlnb3LpUA1LatLQcPno
I3AGEqKtt2HMl7U9RzB/0jk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:15:33 2024 by rpki-client on console-ams.rpki-client.org