Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rD_SQlr9nwqaKHrfr3i6V9xuEYk.roa
File: rD_SQlr9nwqaKHrfr3i6V9xuEYk.roa (raw, json)
Hash identifier: 5sgkwIirQp5SZxCboDMGWEDv1wiDNbOqQc8QYANpKrY=
Subject key identifier: AC:3F:D2:42:5A:FD:9F:0A:9A:28:7A:DF:AF:78:BA:57:DC:6E:11:89
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018CC3B7472F3A48424729F1940E95DEF7E0
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rD_SQlr9nwqaKHrfr3i6V9xuEYk.roa
Signing time: Mon 01 Jan 2024 06:30:17 +0000
ROA not before: Mon 01 Jan 2024 06:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51813
IP address blocks: 37.61.182.0/23 maxlen: 32
81.18.140.0/23 maxlen: 32
46.20.76.0/22 maxlen: 32
193.150.108.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:47:2f:3a:48:42:47:29:f1:94:0e:95:de:f7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 06:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac3fd2425afd9f0a9a287adfaf78ba57dc6e1189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f1:c2:dd:5a:3e:17:ff:5a:93:85:85:ab:de:
63:99:db:cf:fd:11:08:5f:2f:92:1f:3e:25:5f:14:
57:e6:3b:3e:22:90:67:be:3c:c5:a2:f0:c8:84:d3:
cd:e7:19:58:2b:82:42:b3:10:ec:7a:23:7a:1a:93:
7b:8e:b6:69:23:80:3b:3e:f3:d4:06:b9:a5:86:b0:
45:59:fa:af:37:58:07:5d:7f:e4:3d:18:b4:6b:4c:
ed:a6:b9:09:fb:54:b7:ef:d8:14:9a:2a:9e:37:58:
47:3d:14:4b:cf:ea:89:a0:c1:9a:4e:4d:12:76:00:
45:40:df:cb:75:0c:e6:9d:1f:d2:d9:1a:02:3e:15:
7f:64:8c:76:1e:7b:38:e2:d2:f7:23:c5:35:13:60:
f7:b5:a8:1f:01:c9:0f:6c:40:b2:2c:79:ad:26:77:
a2:3a:d0:ef:f4:fd:1a:6c:b6:34:6e:f5:b1:a6:08:
a6:57:7a:5c:37:5d:eb:a0:f3:f3:fe:47:6c:7c:4f:
68:af:2d:a6:2c:e0:fc:fc:1d:a5:5f:db:7d:50:b7:
42:48:08:1d:b1:5b:0f:6a:4c:9d:ec:a0:a3:7f:58:
f9:46:4e:d5:6c:45:b8:a0:bf:c7:75:31:2d:53:cd:
15:2b:3d:c1:9b:b0:6e:be:9b:96:ed:d8:5c:2c:42:
60:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3F:D2:42:5A:FD:9F:0A:9A:28:7A:DF:AF:78:BA:57:DC:6E:11:89
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rD_SQlr9nwqaKHrfr3i6V9xuEYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.182.0/23
46.20.76.0/22
81.18.140.0/23
193.150.108.0/22
Signature Algorithm: sha256WithRSAEncryption
e0:17:fc:3e:40:1f:3d:60:8d:73:f4:76:7e:fd:79:ea:ec:35:
c0:e8:2d:50:2c:6f:e1:67:7b:2e:ea:5b:9c:e4:c1:5b:f1:92:
1d:de:c9:5e:31:c1:04:77:94:60:14:d0:45:5a:7b:d0:47:b3:
6c:c5:82:23:97:db:fc:5e:a6:66:dd:11:6d:d7:6f:1b:9f:e1:
b4:68:a9:58:f6:d0:83:fe:cc:f8:4f:57:73:6d:17:2e:0e:c4:
0e:0c:ef:90:51:44:b8:25:69:00:d5:cc:6d:ff:42:fb:1e:53:
3d:86:fd:8c:ae:44:d2:fb:74:8b:a0:6a:16:b3:53:37:eb:b9:
e3:f6:48:c6:51:16:4c:14:e3:d8:e7:a7:80:e7:c0:b6:a8:83:
32:9d:f0:c2:a4:60:71:36:64:51:5b:f1:bb:40:ca:e6:67:da:
3b:46:72:a0:95:45:70:ff:d5:fa:3a:63:fa:40:ed:ef:e8:da:
a4:07:f2:64:48:bc:05:40:c8:01:61:24:e6:f9:f1:97:61:15:
aa:2d:1a:5d:01:cb:70:10:a1:6f:0a:2e:75:00:53:f8:b9:c8:
66:dc:ca:7a:d6:13:a4:d8:b1:ac:99:41:d1:eb:85:5f:9f:3a:
93:95:35:49:cf:e6:bf:01:78:8e:6b:3d:92:5f:90:fd:2a:42:
16:72:83:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDt0cvOkhCRynxlA6V3vfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjQwMTAxMDYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzNmZDI0MjVhZmQ5ZjBhOWEyODdhZGZhZjc4YmE1N2RjNmUxMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfHC3Vo+F/9ak4WFq95jmdvP/REI
Xy+SHz4lXxRX5js+IpBnvjzFovDIhNPN5xlYK4JCsxDseiN6GpN7jrZpI4A7PvPU
BrmlhrBFWfqvN1gHXX/kPRi0a0ztprkJ+1S379gUmiqeN1hHPRRLz+qJoMGaTk0S
dgBFQN/LdQzmnR/S2RoCPhV/ZIx2Hns44tL3I8U1E2D3tagfAckPbECyLHmtJnei
OtDv9P0abLY0bvWxpgimV3pcN13roPPz/kdsfE9ory2mLOD8/B2lX9t9ULdCSAgd
sVsPakyd7KCjf1j5Rk7VbEW4oL/HdTEtU80VKz3Bm7BuvpuW7dhcLEJgGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKw/0kJa/Z8Kmih63694ulfcbhGJMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvckRfU1Fscjlud3FhS0hyZnIzaTZWOXh1RVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBJT22AwQC
LhRMAwQBURKMAwQCwZZsMA0GCSqGSIb3DQEBCwUAA4IBAQDgF/w+QB89YI1z9HZ+
/Xnq7DXA6C1QLG/hZ3su6luc5MFb8ZId3sleMcEEd5RgFNBFWnvQR7NsxYIjl9v8
XqZm3RFt128bn+G0aKlY9tCD/sz4T1dzbRcuDsQODO+QUUS4JWkA1cxt/0L7HlM9
hv2MrkTS+3SLoGoWs1M367nj9kjGURZMFOPY56eA58C2qIMynfDCpGBxNmRRW/G7
QMrmZ9o7RnKglUVw/9X6OmP6QO3v6NqkB/JkSLwFQMgBYSTm+fGXYRWqLRpdActw
EKFvCi51AFP4uchm3Mp61hOk2LGsmUHR64VfnzqTlTVJz+a/AXiOaz2SX5D9KkIW
coN6
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:36:10 2024 by rpki-client on console-ams.rpki-client.org