Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/mE3-8wR_S5Q4aSbEN6oJsh4O4e0.roa
File: mE3-8wR_S5Q4aSbEN6oJsh4O4e0.roa (raw, json)
Hash identifier: cDQ0R3EvLEK5BkvMyLogDox++kfNaPU8wqnu5Cgrv8g=
Subject key identifier: 98:4D:FE:F3:04:7F:4B:94:38:69:26:C4:37:AA:09:B2:1E:0E:E1:ED
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 018CC9BBFFACEA3021E5C0D2832712FE740E
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/mE3-8wR_S5Q4aSbEN6oJsh4O4e0.roa
Signing time: Tue 02 Jan 2024 10:33:10 +0000
ROA not before: Tue 02 Jan 2024 10:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1120
IP address blocks: 193.171.255.0/24 maxlen: 24
193.170.120.96/28 maxlen: 28
193.171.3.0/24 maxlen: 24
78.104.145.0/24 maxlen: 24
2001:628:2000::/48 maxlen: 48
2001:628:453::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ff:ac:ea:30:21:e5:c0:d2:83:27:12:fe:74:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 2 10:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=984dfef3047f4b94386926c437aa09b21e0ee1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7d:dc:e4:0e:94:eb:ca:eb:a4:a5:3b:98:7d:
01:e0:26:77:3d:24:fc:72:ad:19:2e:29:16:71:46:
eb:4e:be:44:89:88:1a:4b:7e:d9:69:f5:a1:ba:7a:
97:04:39:3a:cb:3c:73:05:a3:81:71:35:60:f1:b6:
80:66:0f:9d:d7:8b:d6:b5:5f:84:69:74:91:e5:22:
bd:a3:c0:58:53:36:cd:f0:c4:9d:e8:27:59:d3:d5:
6c:62:6f:ff:c6:ea:cf:00:09:ff:4e:88:e2:27:fa:
c2:31:4f:23:0e:63:25:c5:a5:a4:fa:cb:dd:84:5d:
ef:b2:1c:2d:b2:50:2f:14:cd:c9:fe:cf:10:27:ab:
f6:d6:51:82:3b:37:28:9b:3e:ee:c6:a3:14:8f:dc:
92:78:e3:5e:75:f8:f7:b5:f3:90:78:db:66:96:a9:
02:08:51:74:f1:e4:ed:42:fd:b8:71:47:35:49:ad:
1e:14:7d:a8:2d:d8:ff:9d:38:00:6d:b9:3a:2d:52:
66:78:52:96:c9:d8:da:ee:61:7d:dd:5d:4f:8d:40:
a4:3d:fb:58:5b:4a:b9:7b:66:18:be:57:f6:88:16:
48:5e:5e:6d:2a:ad:ee:a6:b3:92:94:8d:26:60:37:
de:be:dc:af:f2:e3:1b:79:57:3d:a8:e1:8e:1b:ee:
a8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:4D:FE:F3:04:7F:4B:94:38:69:26:C4:37:AA:09:B2:1E:0E:E1:ED
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/mE3-8wR_S5Q4aSbEN6oJsh4O4e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.104.145.0/24
193.170.120.96/28
193.171.3.0/24
193.171.255.0/24
IPv6:
2001:628:453::/48
2001:628:2000::/48
Signature Algorithm: sha256WithRSAEncryption
92:e4:89:1f:62:ad:9b:5e:c5:1b:ef:00:9c:8f:72:9a:60:4c:
29:55:67:9e:b5:5c:fb:ee:82:ff:49:48:60:ad:6c:44:65:3a:
89:9b:ab:91:0d:fa:1f:9b:90:93:ff:89:19:d7:03:71:bc:0f:
3c:b4:a6:be:f4:09:85:a2:49:e1:21:30:42:65:59:ec:df:d6:
8e:1a:9d:57:d4:30:c5:1e:f8:de:f2:5d:2a:ab:65:53:b4:e2:
b7:7c:3e:b7:53:4f:98:83:33:b0:50:cf:73:0c:b4:92:c2:2e:
56:d9:a7:9b:f5:9b:d6:5f:7c:f3:7b:93:8b:d6:b9:5b:78:ce:
ae:17:97:5f:2f:66:3e:28:d9:ad:ee:e4:1d:ac:4e:d0:ee:a9:
f6:b1:a2:9c:48:39:73:ae:79:4a:f3:c6:72:63:0d:24:c5:86:
f0:ce:fc:54:18:4f:b9:e8:29:39:af:97:d9:65:fe:95:67:c6:
95:5f:72:e8:53:59:eb:20:2f:52:14:23:af:dd:b4:03:40:7f:
e1:25:08:6a:22:af:9f:44:b9:8b:68:91:7c:3f:eb:fa:89:02:
fd:57:48:b5:46:f8:89:a8:de:2f:8b:12:9f:7d:e3:fd:72:c6:
e5:c8:84:77:d8:8b:f2:01:f7:6a:ca:c4:c9:87:af:fd:af:e2:
f7:a5:35:f3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJu/+s6jAh5cDSgycS/nQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjQwMTAyMTAzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODRkZmVmMzA0N2Y0Yjk0Mzg2OTI2YzQzN2FhMDliMjFlMGVlMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun3c5A6U68rrpKU7mH0B4CZ3PST8
cq0ZLikWcUbrTr5EiYgaS37ZafWhunqXBDk6yzxzBaOBcTVg8baAZg+d14vWtV+E
aXSR5SK9o8BYUzbN8MSd6CdZ09VsYm//xurPAAn/TojiJ/rCMU8jDmMlxaWk+svd
hF3vshwtslAvFM3J/s8QJ6v21lGCOzcomz7uxqMUj9ySeONedfj3tfOQeNtmlqkC
CFF08eTtQv24cUc1Sa0eFH2oLdj/nTgAbbk6LVJmeFKWydja7mF93V1PjUCkPftY
W0q5e2YYvlf2iBZIXl5tKq3uprOSlI0mYDfevtyv8uMbeVc9qOGOG+6orQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJhN/vMEf0uUOGkmxDeqCbIeDuHtMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvbUUzLTh3Ul9TNVE0YVNiRU42b0pzaDRPNGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAfBAIAATAZAwQATmiRAwUE
wap4YAMEAMGrAwMEAMGr/zAYBAIAAjASAwcAIAEGKARTAwcAIAEGKCAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCS5IkfYq2bXsUb7wCcj3KaYEwpVWeetVz77oL/SUhgrWxE
ZTqJm6uRDfofm5CT/4kZ1wNxvA88tKa+9AmFoknhITBCZVns39aOGp1X1DDFHvje
8l0qq2VTtOK3fD63U0+YgzOwUM9zDLSSwi5W2aeb9ZvWX3zze5OL1rlbeM6uF5df
L2Y+KNmt7uQdrE7Q7qn2saKcSDlzrnlK88ZyYw0kxYbwzvxUGE+56Ck5r5fZZf6V
Z8aVX3LoU1nrIC9SFCOv3bQDQH/hJQhqIq+fRLmLaJF8P+v6iQL9V0i1RviJqN4v
ixKffeP9csblyIR32IvyAfdqysTJh6/9r+L3pTXz
-----END CERTIFICATE-----
Generated at Tue May 28 13:09:42 2024 by rpki-client on console-ams.rpki-client.org