Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/48q5bu4UK2ZNFpJdCdXbL72gIGc.roa
File: 48q5bu4UK2ZNFpJdCdXbL72gIGc.roa (raw, json)
Hash identifier: 7VmiOZRumF6kUX7nqjQxN7V6H/A3qstoJkIB1imtlT8=
Subject key identifier: E3:CA:B9:6E:EE:14:2B:66:4D:16:92:5D:09:D5:DB:2F:BD:A0:20:67
Certificate issuer: /CN=d1e55f25295d4d82db20721cd8117a7d283baa4c
Certificate serial: 018CC348DA34EE84FD2BD898918AE1881D56
Authority key identifier: D1:E5:5F:25:29:5D:4D:82:DB:20:72:1C:D8:11:7A:7D:28:3B:AA:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eVfJSldTYLbIHIc2BF6fSg7qkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/48q5bu4UK2ZNFpJdCdXbL72gIGc.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49515
IP address blocks: 185.230.32.0/22 maxlen: 24
188.95.32.0/21 maxlen: 24
2a02:ca80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/0eVfJSldTYLbIHIc2BF6fSg7qkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/0eVfJSldTYLbIHIc2BF6fSg7qkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/0eVfJSldTYLbIHIc2BF6fSg7qkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:da:34:ee:84:fd:2b:d8:98:91:8a:e1:88:1d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e55f25295d4d82db20721cd8117a7d283baa4c
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3cab96eee142b664d16925d09d5db2fbda02067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c2:64:e8:52:da:c5:92:9c:b7:27:49:8a:4a:
fb:8f:0b:0b:e6:02:56:27:b8:15:db:65:80:38:af:
29:e8:b4:3e:3a:3e:ea:e6:0a:0c:52:f9:8f:a2:5c:
73:39:43:f3:89:a1:71:95:70:f6:b4:aa:bd:54:be:
79:b3:fc:1a:8a:1e:11:b9:02:e4:a8:05:f7:3f:0b:
c5:f2:07:5f:af:3f:c4:39:d5:8e:4b:fd:65:d3:a1:
03:63:5c:b5:54:d8:47:3d:13:40:38:5c:05:8b:4c:
10:13:9b:2f:b9:14:2a:d3:11:8f:81:5c:37:04:95:
53:0e:47:d4:35:42:04:17:b1:13:38:38:d7:46:92:
8d:e6:b4:bc:c5:8c:49:0f:38:16:17:95:ff:7d:9e:
93:a9:15:b0:d2:8e:b0:39:54:c3:3d:bb:41:ba:03:
e3:be:5e:41:b3:f9:0a:9b:33:b2:a5:80:9d:a6:a4:
7d:4c:fc:ab:67:ae:13:3a:57:31:3c:42:5a:9b:30:
7a:98:37:5b:57:30:fd:63:04:27:4d:81:42:aa:b1:
8d:f8:7b:48:7f:da:78:36:2e:c5:31:87:91:9f:f5:
cf:cd:e3:65:b9:92:ca:4d:2c:a9:07:54:4c:52:ba:
0d:38:e7:21:4e:1a:58:16:5f:14:39:31:06:36:3e:
bf:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CA:B9:6E:EE:14:2B:66:4D:16:92:5D:09:D5:DB:2F:BD:A0:20:67
X509v3 Authority Key Identifier:
keyid:D1:E5:5F:25:29:5D:4D:82:DB:20:72:1C:D8:11:7A:7D:28:3B:AA:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eVfJSldTYLbIHIc2BF6fSg7qkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/48q5bu4UK2ZNFpJdCdXbL72gIGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ef846c-ec08-4f79-b93a-ff4f8394b91c/1/0eVfJSldTYLbIHIc2BF6fSg7qkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.32.0/22
188.95.32.0/21
IPv6:
2a02:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
81:11:f7:4b:cd:0a:bf:01:8f:4f:8a:aa:50:41:bd:af:2d:6c:
e7:9f:59:5d:40:08:20:9a:ca:92:ef:60:0f:1c:bc:86:a2:67:
4e:53:8c:d5:19:31:d9:c7:f4:7b:63:2b:78:1a:f7:77:f4:52:
b6:f6:f3:b3:4c:d0:38:55:f5:b1:a2:49:d5:eb:6b:91:97:63:
cc:9d:bc:e4:94:d5:2a:1e:4f:4f:8e:d1:f4:c6:ba:c1:1e:61:
84:ba:f4:e5:53:f3:57:bb:43:69:11:7d:3d:0d:cb:3e:21:73:
f8:cc:a4:a4:eb:ee:3b:05:8a:68:cd:4a:33:e7:6a:cb:94:02:
1b:7d:cc:ab:d2:a2:0c:51:4c:ce:b6:20:67:b0:75:84:ff:a1:
5f:ff:fb:99:5c:a6:1e:1f:7a:77:02:9c:b9:a6:de:77:26:b5:
0d:55:b4:7c:b9:fb:22:ef:a2:71:bc:86:ec:68:92:2f:76:10:
88:42:b8:6c:a0:9c:3a:ed:8c:0e:28:60:84:1d:ef:cc:5a:e6:
d1:b8:71:19:41:42:f8:2b:58:94:80:cc:03:a1:bd:fc:78:a5:
26:78:c4:69:fe:1b:fb:f9:ed:74:57:18:81:34:09:a4:8c:1e:
1f:a7:e2:b2:be:b9:d5:c9:10:6e:de:22:b0:97:2f:94:99:b4:
f5:19:6c:01
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSNo07oT9K9iYkYrhiB1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTU1ZjI1Mjk1ZDRkODJkYjIwNzIxY2Q4MTE3YTdkMjgz
YmFhNGMwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NhYjk2ZWVlMTQyYjY2NGQxNjkyNWQwOWQ1ZGIyZmJkYTAyMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMJk6FLaxZKctydJikr7jwsL5gJW
J7gV22WAOK8p6LQ+Oj7q5goMUvmPolxzOUPziaFxlXD2tKq9VL55s/waih4RuQLk
qAX3PwvF8gdfrz/EOdWOS/1l06EDY1y1VNhHPRNAOFwFi0wQE5svuRQq0xGPgVw3
BJVTDkfUNUIEF7ETODjXRpKN5rS8xYxJDzgWF5X/fZ6TqRWw0o6wOVTDPbtBugPj
vl5Bs/kKmzOypYCdpqR9TPyrZ64TOlcxPEJamzB6mDdbVzD9YwQnTYFCqrGN+HtI
f9p4Ni7FMYeRn/XPzeNluZLKTSypB1RMUroNOOchThpYFl8UOTEGNj6/LwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOPKuW7uFCtmTRaSXQnV2y+9oCBnMB8GA1UdIwQY
MBaAFNHlXyUpXU2C2yByHNgRen0oO6pMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVWZkpTbGRUWUxiSUhJYzJCRjZmU2c3cWt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lZjg0NmMtZWMwOC00Zjc5LWI5M2Et
ZmY0ZjgzOTRiOTFjLzEvNDhxNWJ1NFVLMlpORnBKZENkWGJMNzJnSUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lZjg0NmMtZWMwOC00Zjc5LWI5M2EtZmY0ZjgzOTRiOTFj
LzEvMGVWZkpTbGRUWUxiSUhJYzJCRjZmU2c3cWt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueYgAwQD
vF8gMA0EAgACMAcDBQMqAsqAMA0GCSqGSIb3DQEBCwUAA4IBAQCBEfdLzQq/AY9P
iqpQQb2vLWznn1ldQAggmsqS72APHLyGomdOU4zVGTHZx/R7Yyt4Gvd39FK29vOz
TNA4VfWxoknV62uRl2PMnbzklNUqHk9PjtH0xrrBHmGEuvTlU/NXu0NpEX09Dcs+
IXP4zKSk6+47BYpozUoz52rLlAIbfcyr0qIMUUzOtiBnsHWE/6Ff//uZXKYeH3p3
Apy5pt53JrUNVbR8ufsi76JxvIbsaJIvdhCIQrhsoJw67YwOKGCEHe/MWubRuHEZ
QUL4K1iUgMwDob38eKUmeMRp/hv7+e10VxiBNAmkjB4fp+KyvrnVyRBu3iKwly+U
mbT1GWwB
-----END CERTIFICATE-----
Generated at Sun May 26 04:06:12 2024 by rpki-client on console-fra.rpki-client.org