Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/s4ZMbnhqGkWtJVuP7GBT19RVKtc.roa
File: s4ZMbnhqGkWtJVuP7GBT19RVKtc.roa (raw, json)
Hash identifier: YsR2RGCtiFuAVY2vRM4YNPkyng7TAnIRaWt8vnlJ9pY=
Subject key identifier: B3:86:4C:6E:78:6A:1A:45:AD:25:5B:8F:EC:60:53:D7:D4:55:2A:D7
Certificate issuer: /CN=e6596e1552fc0a5884a881b352817d0b73009083
Certificate serial: 018E18592C828A2724DC683E38C4DC38485E
Authority key identifier: E6:59:6E:15:52:FC:0A:58:84:A8:81:B3:52:81:7D:0B:73:00:90:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/s4ZMbnhqGkWtJVuP7GBT19RVKtc.roa
Signing time: Thu 07 Mar 2024 09:58:01 +0000
ROA not before: Thu 07 Mar 2024 09:58:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20849
IP address blocks: 80.72.128.0/20 maxlen: 20
147.78.92.0/22 maxlen: 22
217.22.192.0/20 maxlen: 20
2a02:2958::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:59:2c:82:8a:27:24:dc:68:3e:38:c4:dc:38:48:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6596e1552fc0a5884a881b352817d0b73009083
Validity
Not Before: Mar 7 09:58:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3864c6e786a1a45ad255b8fec6053d7d4552ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:dd:75:44:32:a8:13:58:8e:e3:e9:a9:62:3c:
07:39:98:19:26:23:ba:7d:b6:0c:3e:16:f0:ef:dd:
c2:c1:81:66:92:a5:f9:7a:89:16:31:a6:74:bf:6b:
3d:78:6f:4a:92:5b:94:db:d8:35:b8:a9:f8:81:3c:
a4:23:05:4e:40:60:51:fd:52:40:68:1e:95:2f:58:
c6:c7:6e:21:94:a5:51:90:d0:71:7b:d7:ae:d6:23:
ba:e3:b7:be:11:16:f8:fe:be:68:3a:bc:8c:90:87:
77:20:a4:4a:5c:6f:f5:4c:1f:62:48:21:09:eb:42:
f3:f9:f1:2f:3f:8e:33:6a:61:8b:22:0c:0e:c7:df:
6b:4f:00:a9:89:84:56:b6:db:17:ba:ed:ce:c3:40:
c4:74:40:8c:08:ad:f4:16:cc:b3:dc:38:61:2a:bc:
b1:79:ae:81:9f:0e:6a:7b:2a:60:fa:7a:29:2f:d7:
3a:70:04:53:8b:c4:0b:ff:1e:e3:de:5f:55:fd:5d:
ca:59:b6:8e:e8:2a:34:2c:3d:93:90:ce:ef:48:35:
ab:e0:4b:26:43:d1:dd:b3:83:c0:33:54:4a:d0:1d:
87:dd:35:a9:da:13:11:02:70:ee:e6:9c:ad:4e:d1:
a8:64:27:9b:a5:16:d5:79:ef:14:e4:36:16:25:4d:
07:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:86:4C:6E:78:6A:1A:45:AD:25:5B:8F:EC:60:53:D7:D4:55:2A:D7
X509v3 Authority Key Identifier:
keyid:E6:59:6E:15:52:FC:0A:58:84:A8:81:B3:52:81:7D:0B:73:00:90:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/s4ZMbnhqGkWtJVuP7GBT19RVKtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.128.0/20
147.78.92.0/22
217.22.192.0/20
IPv6:
2a02:2958::/32
Signature Algorithm: sha256WithRSAEncryption
4b:bb:87:8c:80:10:57:a0:c6:ed:86:9a:91:a7:cb:1b:aa:20:
a0:54:e4:22:d2:db:ee:68:f4:24:29:4e:a8:39:2f:da:86:d1:
be:7e:69:c0:a3:e5:33:38:50:f4:10:e8:b6:d5:46:39:46:c7:
5a:48:b5:4c:27:8e:8c:b3:1f:73:74:f6:34:b3:18:35:3e:ba:
33:5b:a7:46:1c:f0:4a:41:09:df:d7:e5:a7:95:58:fc:ff:a9:
a0:f7:1a:53:e1:99:96:60:69:7e:f6:04:f1:45:09:d8:0b:3a:
14:92:2b:70:05:fb:9d:77:4a:d4:b2:b5:62:a7:d1:c3:71:7d:
cf:7e:a4:7b:fc:3a:a0:9d:fd:ba:46:e2:85:cd:41:ac:db:ea:
3c:75:27:c1:ce:3f:0a:69:2c:58:25:38:62:fb:d3:1b:8a:43:
4c:26:49:f6:d9:c6:1d:3b:92:03:06:98:76:5c:b3:d9:a2:12:
ca:0c:8f:4e:d2:96:c5:15:39:e9:af:4f:f3:59:b0:e2:ed:04:
47:b1:2c:96:43:dc:1c:bf:23:2d:43:0d:6e:be:47:db:0d:5a:
45:b2:51:31:38:b0:6d:01:22:5d:54:39:74:6a:fe:04:c0:1e:
8e:4d:f2:fd:59:88:8d:11:b9:9e:e6:d4:a1:be:50:1f:92:62:
3f:23:2d:ec
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY4YWSyCiick3Gg+OMTcOEheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTk2ZTE1NTJmYzBhNTg4NGE4ODFiMzUyODE3ZDBiNzMw
MDkwODMwHhcNMjQwMzA3MDk1ODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzg2NGM2ZTc4NmExYTQ1YWQyNTViOGZlYzYwNTNkN2Q0NTUyYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3911RDKoE1iO4+mpYjwHOZgZJiO6
fbYMPhbw793CwYFmkqX5eokWMaZ0v2s9eG9KkluU29g1uKn4gTykIwVOQGBR/VJA
aB6VL1jGx24hlKVRkNBxe9eu1iO647e+ERb4/r5oOryMkId3IKRKXG/1TB9iSCEJ
60Lz+fEvP44zamGLIgwOx99rTwCpiYRWttsXuu3Ow0DEdECMCK30Fsyz3DhhKryx
ea6Bnw5qeypg+nopL9c6cARTi8QL/x7j3l9V/V3KWbaO6Co0LD2TkM7vSDWr4Esm
Q9Hds4PAM1RK0B2H3TWp2hMRAnDu5pytTtGoZCebpRbVee8U5DYWJU0HMwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLOGTG54ahpFrSVbj+xgU9fUVSrXMB8GA1UdIwQY
MBaAFOZZbhVS/ApYhKiBs1KBfQtzAJCDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxsdUZWTDhDbGlFcUlHelVvRjlDM01Ba0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wY2EyODctM2VlZi00MTRjLTg4M2Et
MDgxNjkxMjU3YTI2LzEvczRaTWJuaHFHa1d0SlZ1UDdHQlQxOVJWS3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wY2EyODctM2VlZi00MTRjLTg4M2EtMDgxNjkxMjU3YTI2
LzEvNWxsdUZWTDhDbGlFcUlHelVvRjlDM01Ba0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUEiAAwQC
k05cAwQE2RbAMA0EAgACMAcDBQAqAilYMA0GCSqGSIb3DQEBCwUAA4IBAQBLu4eM
gBBXoMbthpqRp8sbqiCgVOQi0tvuaPQkKU6oOS/ahtG+fmnAo+UzOFD0EOi21UY5
RsdaSLVMJ46Msx9zdPY0sxg1ProzW6dGHPBKQQnf1+WnlVj8/6mg9xpT4ZmWYGl+
9gTxRQnYCzoUkitwBfudd0rUsrVip9HDcX3PfqR7/Dqgnf26RuKFzUGs2+o8dSfB
zj8KaSxYJThi+9MbikNMJkn22cYdO5IDBph2XLPZohLKDI9O0pbFFTnpr0/zWbDi
7QRHsSyWQ9wcvyMtQw1uvkfbDVpFslExOLBtASJdVDl0av4EwB6OTfL9WYiNEbme
5tShvlAfkmI/Iy3s
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:47:59 2024 by rpki-client on console-fra.rpki-client.org