Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/rEpVUvNQUQQ6nmjJVbPW58MME5g.roa
File: rEpVUvNQUQQ6nmjJVbPW58MME5g.roa (raw, json)
Hash identifier: M6BaQNIAanpUOptS3Q+ktfa3mD7zIuHVgnmCKakEISY=
Subject key identifier: AC:4A:55:52:F3:50:51:04:3A:9E:68:C9:55:B3:D6:E7:C3:0C:13:98
Certificate issuer: /CN=cbffc771f2ed58fc2821ee74cda853fd2e36c428
Certificate serial: 018CC424C564A2DB87A718E20EE8F8A2B916
Authority key identifier: CB:FF:C7:71:F2:ED:58:FC:28:21:EE:74:CD:A8:53:FD:2E:36:C4:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y__HcfLtWPwoIe50zahT_S42xCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/rEpVUvNQUQQ6nmjJVbPW58MME5g.roa
Signing time: Mon 01 Jan 2024 08:29:53 +0000
ROA not before: Mon 01 Jan 2024 08:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 185.49.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/y__HcfLtWPwoIe50zahT_S42xCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/y__HcfLtWPwoIe50zahT_S42xCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/y__HcfLtWPwoIe50zahT_S42xCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c5:64:a2:db:87:a7:18:e2:0e:e8:f8:a2:b9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbffc771f2ed58fc2821ee74cda853fd2e36c428
Validity
Not Before: Jan 1 08:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac4a5552f35051043a9e68c955b3d6e7c30c1398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5a:5f:ad:8f:47:03:2e:6d:18:9a:41:92:aa:
d0:8f:d0:76:17:35:e7:4a:c6:9d:15:16:61:bd:93:
3c:5a:bb:1b:77:b0:37:9f:2c:80:f7:80:5b:5b:2d:
01:29:ce:48:10:8f:14:e7:54:83:8e:42:a4:f9:55:
02:9e:00:48:28:a4:39:c6:b0:bd:a6:8c:ba:08:60:
b5:36:2e:f6:16:67:1b:59:97:31:f8:94:de:d9:b2:
1e:72:86:f7:ea:05:1c:be:37:5a:72:3d:33:ff:56:
0a:d7:7a:fd:85:cb:e2:37:12:be:cb:a9:58:b5:6c:
34:fa:86:d6:48:b0:ee:29:e1:9f:93:e2:46:6f:b1:
2e:84:56:1f:30:6f:73:1c:c8:59:e6:ef:02:a5:79:
95:d4:5a:69:d2:52:c4:62:42:ee:93:bc:84:f0:c0:
8d:33:2a:ca:d5:59:98:d0:2d:24:d8:0f:4b:ed:a6:
3e:e2:d7:fc:ee:9c:d9:fa:b9:77:96:d3:72:38:88:
0e:91:1e:c4:d3:35:40:c4:75:83:0b:bd:3c:b4:a6:
79:19:d9:8b:84:4a:fc:84:32:b0:50:df:12:2f:2b:
3b:8e:23:86:cb:30:9f:71:75:e0:bc:d8:1e:ac:60:
17:05:ca:5c:f6:86:d9:18:01:7c:0b:78:c1:8b:b5:
0a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4A:55:52:F3:50:51:04:3A:9E:68:C9:55:B3:D6:E7:C3:0C:13:98
X509v3 Authority Key Identifier:
keyid:CB:FF:C7:71:F2:ED:58:FC:28:21:EE:74:CD:A8:53:FD:2E:36:C4:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y__HcfLtWPwoIe50zahT_S42xCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/rEpVUvNQUQQ6nmjJVbPW58MME5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/y__HcfLtWPwoIe50zahT_S42xCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.16.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:6a:2b:9b:0b:d3:90:9c:ea:78:10:ba:24:a0:7c:ef:ad:0c:
8a:7c:e3:3f:f6:64:14:a5:20:12:b5:8a:74:14:96:82:24:d5:
9a:00:b8:ac:96:49:91:93:83:ff:0b:d4:57:42:c7:b8:04:8a:
ab:3b:e3:68:49:76:a9:94:72:f2:78:27:a3:81:a6:05:24:89:
91:43:50:5d:89:54:43:66:f4:ed:6f:ef:57:3a:b1:29:d6:a7:
7b:d5:b9:37:92:69:06:aa:d2:1d:91:11:3f:90:30:10:da:e7:
20:2f:f6:22:1d:b7:dd:4d:46:99:a4:97:c5:a3:9f:d3:c2:e5:
81:be:1a:3a:29:5b:fe:54:a7:fe:ae:d9:b0:01:8f:2b:2a:39:
40:c8:e3:1f:85:b5:c0:2a:66:65:0e:61:57:c9:5c:19:cb:02:
e1:75:1a:3f:b6:57:a5:b7:4a:9c:fb:48:23:bf:18:55:18:33:
6f:9d:45:a2:b7:90:fa:21:a3:16:95:f5:37:e0:eb:11:78:1d:
8b:be:58:2a:f8:50:f6:10:68:15:89:0a:c5:3e:4b:08:4b:72:
aa:81:e0:46:a5:7b:1c:21:d2:7e:20:b1:7c:29:60:78:7b:a5:
ee:35:b4:b7:d1:99:05:b7:be:05:d0:c6:2b:e6:a9:32:56:06:
46:0a:8e:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJMVkotuHpxjiDuj4orkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmZjNzcxZjJlZDU4ZmMyODIxZWU3NGNkYTg1M2ZkMmUz
NmM0MjgwHhcNMjQwMTAxMDgyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzRhNTU1MmYzNTA1MTA0M2E5ZTY4Yzk1NWIzZDZlN2MzMGMxMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFpfrY9HAy5tGJpBkqrQj9B2FzXn
SsadFRZhvZM8Wrsbd7A3nyyA94BbWy0BKc5IEI8U51SDjkKk+VUCngBIKKQ5xrC9
poy6CGC1Ni72FmcbWZcx+JTe2bIecob36gUcvjdacj0z/1YK13r9hcviNxK+y6lY
tWw0+obWSLDuKeGfk+JGb7EuhFYfMG9zHMhZ5u8CpXmV1Fpp0lLEYkLuk7yE8MCN
MyrK1VmY0C0k2A9L7aY+4tf87pzZ+rl3ltNyOIgOkR7E0zVAxHWDC708tKZ5GdmL
hEr8hDKwUN8SLys7jiOGyzCfcXXgvNgerGAXBcpc9obZGAF8C3jBi7UKhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxKVVLzUFEEOp5oyVWz1ufDDBOYMB8GA1UdIwQY
MBaAFMv/x3Hy7Vj8KCHudM2oU/0uNsQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9fSGNmTHRXUHdvSWU1MHphaFRfUzQyeENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9lNTJlMTQtN2FhZC00M2U0LTg4YzQt
N2E0MDU0NTUxZmQ0LzEvckVwVlV2TlFVUVE2bm1qSlZiUFc1OE1NRTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9lNTJlMTQtN2FhZC00M2U0LTg4YzQtN2E0MDU0NTUxZmQ0
LzEveV9fSGNmTHRXUHdvSWU1MHphaFRfUzQyeENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTEQMA0G
CSqGSIb3DQEBCwUAA4IBAQAKaiubC9OQnOp4ELokoHzvrQyKfOM/9mQUpSAStYp0
FJaCJNWaALislkmRk4P/C9RXQse4BIqrO+NoSXaplHLyeCejgaYFJImRQ1BdiVRD
ZvTtb+9XOrEp1qd71bk3kmkGqtIdkRE/kDAQ2ucgL/YiHbfdTUaZpJfFo5/TwuWB
vho6KVv+VKf+rtmwAY8rKjlAyOMfhbXAKmZlDmFXyVwZywLhdRo/tlelt0qc+0gj
vxhVGDNvnUWit5D6IaMWlfU34OsReB2Lvlgq+FD2EGgViQrFPksIS3KqgeBGpXsc
IdJ+ILF8KWB4e6XuNbS30ZkFt74F0MYr5qkyVgZGCo6m
-----END CERTIFICATE-----
Generated at Sun May 5 19:18:54 2024 by rpki-client on console-fra.rpki-client.org