Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/E9PLy4ktGFgqoVwqqLele9yI0_Q.roa
File: E9PLy4ktGFgqoVwqqLele9yI0_Q.roa (raw, json)
Hash identifier: CAXjiX0vmTUOi5bXic5DEgSevygNwk9ufuADFn6bvOI=
Subject key identifier: 13:D3:CB:CB:89:2D:18:58:2A:A1:5C:2A:A8:B7:A5:7B:DC:88:D3:F4
Certificate issuer: /CN=3f947c4fd2396d9edb8bc454405e57558d8b9502
Certificate serial: 018CC26D50E58136A8BCC7778479553F311C
Authority key identifier: 3F:94:7C:4F:D2:39:6D:9E:DB:8B:C4:54:40:5E:57:55:8D:8B:95:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/E9PLy4ktGFgqoVwqqLele9yI0_Q.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50629
IP address blocks: 185.55.116.0/22 maxlen: 23
185.146.228.0/22 maxlen: 23
46.19.88.0/21 maxlen: 22
31.209.80.0/20 maxlen: 21
185.76.188.0/22 maxlen: 23
37.72.144.0/21 maxlen: 22
2a00:c380::/32 maxlen: 33
2a02:2918::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:50:e5:81:36:a8:bc:c7:77:84:79:55:3f:31:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f947c4fd2396d9edb8bc454405e57558d8b9502
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13d3cbcb892d18582aa15c2aa8b7a57bdc88d3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:49:47:dd:88:e7:84:bf:ce:44:e3:97:49:df:
08:43:3f:59:fa:2b:69:b7:a9:12:d3:71:a3:ce:ae:
93:e2:b7:26:b1:01:f3:9f:e3:c2:0d:6d:6a:d1:56:
09:18:ca:b8:00:b7:b2:dc:de:ec:31:08:2c:ec:1b:
d2:ed:d9:30:22:c0:fd:a0:27:a5:c6:04:d0:d3:55:
49:0a:aa:9b:36:ad:f0:c3:24:42:c6:91:55:af:6f:
b2:0d:85:e8:60:45:7a:12:71:46:9e:9c:70:98:c5:
03:59:1c:20:93:3a:aa:45:59:0a:cb:2d:23:ab:3d:
22:9e:50:d5:d9:02:b9:1b:c4:b7:59:7f:37:14:e9:
20:93:a7:68:aa:46:7e:c6:0b:aa:07:8f:60:3b:68:
55:46:bc:b2:af:64:15:41:94:3f:c9:b6:0e:1c:c1:
4c:e3:5e:e6:65:70:e7:40:49:1b:e4:db:9f:4f:9d:
ec:88:0b:f6:e3:ce:17:81:52:5a:dc:b3:76:94:66:
f1:3a:c0:75:ff:ee:a3:f1:5d:a0:ec:29:aa:28:0f:
7b:9c:c2:ad:b7:5d:5c:3d:70:a7:4e:c6:1b:f1:f0:
bb:ce:e7:0a:5c:76:40:71:37:a0:9c:e6:60:70:be:
26:f9:c6:09:6d:9b:54:16:cc:48:21:90:f5:8a:13:
7a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D3:CB:CB:89:2D:18:58:2A:A1:5C:2A:A8:B7:A5:7B:DC:88:D3:F4
X509v3 Authority Key Identifier:
keyid:3F:94:7C:4F:D2:39:6D:9E:DB:8B:C4:54:40:5E:57:55:8D:8B:95:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/E9PLy4ktGFgqoVwqqLele9yI0_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d9b450-729d-48de-ab8f-cec40e425264/1/P5R8T9I5bZ7bi8RUQF5XVY2LlQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.80.0/20
37.72.144.0/21
46.19.88.0/21
185.55.116.0/22
185.76.188.0/22
185.146.228.0/22
IPv6:
2a00:c380::/32
2a02:2918::/32
Signature Algorithm: sha256WithRSAEncryption
44:b5:86:11:74:f5:2c:97:86:e3:2d:3d:67:c5:a6:2b:c6:21:
b8:e4:20:16:00:b5:f1:9d:91:bf:9c:5d:06:3d:37:a3:68:b6:
9b:08:f3:4f:a2:fd:f3:d6:fa:44:87:88:f5:70:93:a5:e6:08:
df:77:c0:b2:0d:c2:5a:55:f4:24:a2:94:69:ef:6e:be:a7:6a:
45:3b:a0:b6:40:db:eb:2f:01:15:1e:78:69:dc:25:a4:e2:73:
6e:b1:a9:82:c0:eb:40:45:ec:15:30:ac:73:3c:4a:01:7f:52:
1e:d2:56:e7:cf:dc:b7:75:91:78:b2:0e:3b:9e:fc:3c:99:e0:
da:f8:fd:09:4b:5d:0a:ee:4f:80:ce:98:75:46:f5:dc:87:ad:
cb:53:a2:62:52:14:70:e2:82:0e:50:0e:47:1e:9f:19:09:a9:
c6:55:0f:c7:73:30:d7:c1:12:f6:5a:6e:6c:b2:10:eb:d0:ac:
ec:89:f2:0e:5f:6e:5a:aa:ac:45:aa:bc:4d:f5:a0:ae:6c:64:
56:15:e0:36:60:3f:f8:95:4f:ba:40:0b:2e:7d:46:f9:ee:c1:
4c:9e:94:a8:5c:27:ae:cc:77:dc:8c:8d:e4:3e:7b:e2:91:ef:
1b:8c:ed:0b:71:cd:8c:96:52:08:a2:61:a5:9d:78:88:a6:64:
b4:e8:0d:04
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzCbVDlgTaovMd3hHlVPzEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTQ3YzRmZDIzOTZkOWVkYjhiYzQ1NDQwNWU1NzU1OGQ4
Yjk1MDIwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2QzY2JjYjg5MmQxODU4MmFhMTVjMmFhOGI3YTU3YmRjODhkM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkElH3YjnhL/OROOXSd8IQz9Z+itp
t6kS03Gjzq6T4rcmsQHzn+PCDW1q0VYJGMq4ALey3N7sMQgs7BvS7dkwIsD9oCel
xgTQ01VJCqqbNq3wwyRCxpFVr2+yDYXoYEV6EnFGnpxwmMUDWRwgkzqqRVkKyy0j
qz0inlDV2QK5G8S3WX83FOkgk6doqkZ+xguqB49gO2hVRryyr2QVQZQ/ybYOHMFM
417mZXDnQEkb5NufT53siAv2484XgVJa3LN2lGbxOsB1/+6j8V2g7CmqKA97nMKt
t11cPXCnTsYb8fC7zucKXHZAcTegnOZgcL4m+cYJbZtUFsxIIZD1ihN6PQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBPTy8uJLRhYKqFcKqi3pXvciNP0MB8GA1UdIwQY
MBaAFD+UfE/SOW2e24vEVEBeV1WNi5UCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVSOFQ5STViWjdiaThSVVFGNVhWWTJMbFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOWI0NTAtNzI5ZC00OGRlLWFiOGYt
Y2VjNDBlNDI1MjY0LzEvRTlQTHk0a3RHRmdxb1Z3cXFMZWxlOXlJMF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOWI0NTAtNzI5ZC00OGRlLWFiOGYtY2VjNDBlNDI1MjY0
LzEvUDVSOFQ5STViWjdiaThSVVFGNVhWWTJMbFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEH9FQAwQD
JUiQAwQDLhNYAwQCuTd0AwQCuUy8AwQCuZLkMBQEAgACMA4DBQAqAMOAAwUAKgIp
GDANBgkqhkiG9w0BAQsFAAOCAQEARLWGEXT1LJeG4y09Z8WmK8YhuOQgFgC18Z2R
v5xdBj03o2i2mwjzT6L989b6RIeI9XCTpeYI33fAsg3CWlX0JKKUae9uvqdqRTug
tkDb6y8BFR54adwlpOJzbrGpgsDrQEXsFTCsczxKAX9SHtJW58/ct3WReLIOO578
PJng2vj9CUtdCu5PgM6YdUb13Iety1OiYlIUcOKCDlAORx6fGQmpxlUPx3Mw18ES
9lpubLIQ69Cs7InyDl9uWqqsRaq8TfWgrmxkVhXgNmA/+JVPukALLn1G+e7BTJ6U
qFwnrsx33IyN5D574pHvG4ztC3HNjJZSCKJhpZ14iKZktOgNBA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:53:56 2024 by rpki-client on console-ams.rpki-client.org