Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/kaG5xdAZOkKGR3RN7B4QYembAdk.roa
File: kaG5xdAZOkKGR3RN7B4QYembAdk.roa (raw, json)
Hash identifier: 6M3uGa+uTMgXy1MVbBzOlXXM/YguWaDzZlPmxK2Npxw=
Subject key identifier: 91:A1:B9:C5:D0:19:3A:42:86:47:74:4D:EC:1E:10:61:E9:9B:01:D9
Certificate issuer: /CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Certificate serial: 018CC7957C145CF3AB60797CB9538884790E
Authority key identifier: DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/kaG5xdAZOkKGR3RN7B4QYembAdk.roa
Signing time: Tue 02 Jan 2024 00:31:51 +0000
ROA not before: Tue 02 Jan 2024 00:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200435
IP address blocks: 185.248.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:7c:14:5c:f3:ab:60:79:7c:b9:53:88:84:79:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Validity
Not Before: Jan 2 00:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91a1b9c5d0193a428647744dec1e1061e99b01d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:25:f3:2e:99:ca:01:b8:ff:fc:9a:db:61:
93:f4:ba:96:79:14:a0:25:f2:41:2e:ba:d5:b2:3e:
c6:a3:d9:e7:f9:b4:51:e1:7f:dd:7a:d2:f9:0b:5a:
c9:8f:5d:df:18:bd:95:82:0c:c7:a2:fb:04:05:06:
69:90:05:17:f0:cd:79:2b:01:38:84:38:25:45:62:
dc:7b:d3:a3:4d:91:44:d2:e0:c4:3a:e4:25:a9:6d:
b0:6a:69:1e:46:11:0b:42:41:4f:b0:7e:5d:c4:5a:
72:3c:98:cf:58:2f:40:ef:8a:12:9a:ad:45:64:46:
d5:6e:4e:0b:3d:5a:5e:46:d3:11:05:ed:95:21:f8:
1d:84:8f:2c:95:3f:cb:da:12:80:19:58:f9:e1:4d:
c8:0a:7b:2e:ee:ce:af:6e:91:bd:9c:40:8d:b5:1a:
69:ff:24:64:fb:19:05:1c:e8:9a:1c:83:b4:90:fb:
0e:8e:27:4d:23:56:8e:53:20:08:47:89:73:26:b5:
ac:c5:6b:53:87:cb:29:07:8f:ed:cc:8c:ec:2a:be:
18:1f:1c:40:a5:5f:a3:b4:0a:ee:12:b5:fc:ea:21:
23:1d:24:81:76:6a:c9:19:cb:40:03:58:24:cb:f6:
11:d5:2d:a4:cd:c0:72:97:d2:ec:db:9e:d9:7c:f5:
38:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A1:B9:C5:D0:19:3A:42:86:47:74:4D:EC:1E:10:61:E9:9B:01:D9
X509v3 Authority Key Identifier:
keyid:DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/kaG5xdAZOkKGR3RN7B4QYembAdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.50.0/24
Signature Algorithm: sha256WithRSAEncryption
20:e0:f1:2d:b2:7e:bc:92:15:4d:7d:8b:46:c7:99:8c:00:da:
40:bd:d5:bc:a2:aa:95:07:74:d7:16:7d:55:dc:48:ca:6f:85:
35:58:a3:1b:08:8f:93:e5:f6:b1:2c:a7:97:ce:a2:73:64:22:
31:0f:73:44:27:e4:5c:14:75:ec:cc:29:f9:42:d1:6b:58:49:
98:67:82:cf:cb:cd:1f:32:ec:43:bd:14:af:a1:45:1e:88:ed:
b5:86:5a:fe:04:b8:83:cb:a9:35:9f:df:6f:0f:75:45:6e:89:
e4:da:45:71:86:dc:6c:37:d4:cb:54:94:da:08:de:69:78:ee:
d5:aa:e9:e2:b5:bb:84:60:6f:81:04:8b:db:3d:32:0a:c3:57:
c3:23:5a:ef:b2:6e:d9:8a:ff:4f:ee:13:e3:c1:c0:58:49:61:
26:03:b7:65:eb:e5:26:ee:c9:d4:88:55:6d:0c:9f:40:56:48:
98:0b:d9:83:ca:f8:b2:e3:7e:d5:21:00:bc:71:c6:a6:42:70:
0e:bf:72:e8:6e:3c:dc:a9:f0:61:6b:93:72:72:32:63:f5:74:
4b:1f:1e:db:e9:c1:45:d1:7d:c6:a4:d3:96:33:91:f5:1f:6a:
e7:15:b5:b9:e8:8f:61:b1:3c:04:d7:ba:5d:8d:c4:00:c6:db:
bf:cb:53:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlXwUXPOrYHl8uVOIhHkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDE0MTFlOTNlMjVkNWVjNjUwOTk1NjliMWI1YzVmYWRj
MWFlM2QwHhcNMjQwMTAyMDAzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWExYjljNWQwMTkzYTQyODY0Nzc0NGRlYzFlMTA2MWU5OWIwMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkMl8y6ZygG4//ya22GT9LqWeRSg
JfJBLrrVsj7Go9nn+bRR4X/detL5C1rJj13fGL2VggzHovsEBQZpkAUX8M15KwE4
hDglRWLce9OjTZFE0uDEOuQlqW2wamkeRhELQkFPsH5dxFpyPJjPWC9A74oSmq1F
ZEbVbk4LPVpeRtMRBe2VIfgdhI8slT/L2hKAGVj54U3ICnsu7s6vbpG9nECNtRpp
/yRk+xkFHOiaHIO0kPsOjidNI1aOUyAIR4lzJrWsxWtTh8spB4/tzIzsKr4YHxxA
pV+jtAruErX86iEjHSSBdmrJGctAA1gky/YR1S2kzcByl9Ls257ZfPU4fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGhucXQGTpChkd0TeweEGHpmwHZMB8GA1UdIwQY
MBaAFNxBQR6T4l1exlCZVpsbXF+twa49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEt
NTEzODdkMTYwYmE5LzEva2FHNXhkQVpPa0tHUjNSTjdCNFFZZW1iQWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEtNTEzODdkMTYwYmE5
LzEvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufgyMA0G
CSqGSIb3DQEBCwUAA4IBAQAg4PEtsn68khVNfYtGx5mMANpAvdW8oqqVB3TXFn1V
3EjKb4U1WKMbCI+T5faxLKeXzqJzZCIxD3NEJ+RcFHXszCn5QtFrWEmYZ4LPy80f
MuxDvRSvoUUeiO21hlr+BLiDy6k1n99vD3VFbonk2kVxhtxsN9TLVJTaCN5peO7V
qunitbuEYG+BBIvbPTIKw1fDI1rvsm7Ziv9P7hPjwcBYSWEmA7dl6+Um7snUiFVt
DJ9AVkiYC9mDyviy437VIQC8ccamQnAOv3LobjzcqfBha5NycjJj9XRLHx7b6cFF
0X3GpNOWM5H1H2rnFbW56I9hsTwE17pdjcQAxtu/y1MF
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:17:50 2024 by rpki-client on console-fra.rpki-client.org