Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/RPHABjietdDN8oK_I9PbsQ9y97U.roa
File: RPHABjietdDN8oK_I9PbsQ9y97U.roa (raw, json)
Hash identifier: jtfwP0TrM39/iwRgAy73kzHXidvLRjBgTD87lL/ouc8=
Subject key identifier: 44:F1:C0:06:38:9E:B5:D0:CD:F2:82:BF:23:D3:DB:B1:0F:72:F7:B5
Certificate issuer: /CN=d648294443aed16d06b86af14f5a5f0a5083774a
Certificate serial: 018CC9BCE88E5C7CDB8D9483CE04FBC57481
Authority key identifier: D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/RPHABjietdDN8oK_I9PbsQ9y97U.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197712
IP address blocks: 185.34.192.0/22 maxlen: 24
46.16.56.0/21 maxlen: 24
185.42.104.0/22 maxlen: 24
134.0.8.0/21 maxlen: 24
185.66.40.0/22 maxlen: 24
185.22.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e8:8e:5c:7c:db:8d:94:83:ce:04:fb:c5:74:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d648294443aed16d06b86af14f5a5f0a5083774a
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44f1c006389eb5d0cdf282bf23d3dbb10f72f7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:18:28:21:9e:da:0f:28:05:1b:ae:12:2f:48:
ca:b4:a9:29:74:46:be:9d:fb:4d:1a:ed:11:a5:3a:
63:23:d2:b5:4f:5e:55:fb:81:4c:72:dc:70:e5:4a:
63:90:05:61:3f:a5:9e:bb:e4:e1:10:b1:58:bf:3d:
0b:7b:22:61:89:04:d0:d3:9a:df:68:32:07:bf:1a:
28:98:f8:a1:cf:90:c1:34:70:fb:f3:af:8a:37:5c:
c1:b1:e0:02:56:3c:2e:0a:f8:5a:46:b8:c1:71:3c:
bf:96:2f:c3:35:4d:b1:aa:cf:f0:12:9a:b8:ab:08:
43:02:49:89:a7:6a:45:01:33:83:7f:f8:04:70:96:
9e:b7:76:1f:0a:d2:b0:38:25:7d:8c:98:62:cf:1e:
fc:e7:e1:59:dd:44:6b:a1:d0:24:99:3d:e0:88:65:
d3:e7:b6:fe:75:91:83:79:1c:b3:64:b1:d8:0d:ca:
61:66:a8:96:83:a5:35:79:96:df:04:ff:33:48:a1:
59:0c:1f:47:f5:50:76:1f:3e:86:bc:fc:26:a9:be:
d4:cd:9e:35:c8:0c:6f:59:2b:61:bb:f7:d6:3c:f7:
76:f8:7a:a7:45:61:b7:9d:f5:0a:15:35:9b:5f:4b:
79:ee:e0:70:5a:80:81:ea:85:48:ec:fd:f3:45:7e:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F1:C0:06:38:9E:B5:D0:CD:F2:82:BF:23:D3:DB:B1:0F:72:F7:B5
X509v3 Authority Key Identifier:
keyid:D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/RPHABjietdDN8oK_I9PbsQ9y97U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.56.0/21
134.0.8.0/21
185.22.200.0/22
185.34.192.0/22
185.42.104.0/22
185.66.40.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:ea:fe:78:6a:6b:51:5c:37:4a:2d:4a:13:6b:fa:da:b4:86:
9e:cb:10:59:0d:d6:8b:b2:18:10:b7:8e:9b:47:d8:cb:84:bc:
2b:a4:a3:13:a2:2d:85:0d:23:cc:f6:fc:23:0d:f3:8a:52:34:
43:d6:f4:f8:ca:75:29:f8:c6:dc:30:85:f4:4a:1c:ba:47:47:
f0:7e:01:14:44:c2:23:ca:1b:9f:93:a7:55:1d:0a:92:2d:52:
1b:7a:ff:0f:a7:0c:9c:62:df:fb:8a:af:cc:54:46:65:7e:c5:
40:6f:97:1c:c2:32:ae:b8:26:1f:56:8e:cf:0c:76:15:94:5d:
d8:4f:d4:2c:6a:f6:c1:b0:ca:b6:1e:93:76:b4:9a:15:f3:99:
c8:48:b4:0a:9d:40:c9:5c:b8:3a:65:1e:18:a2:93:b4:c1:1f:
93:24:96:d8:7f:0b:29:2c:a5:b1:23:69:53:f4:38:99:30:1a:
57:55:48:a7:92:0c:4b:ef:2c:e0:36:0c:d4:89:43:42:cb:1d:
87:3f:78:25:7d:56:be:5e:b3:e8:c0:c9:ec:26:9d:dc:c2:5f:
85:a6:6d:9d:eb:2e:ac:58:32:2d:2c:3e:a7:8d:1a:59:65:1b:
86:0d:ed:73:61:44:67:ef:8a:f7:81:4a:65:2e:98:f5:f9:67:
f1:f9:6e:1f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJvOiOXHzbjZSDzgT7xXSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NDgyOTQ0NDNhZWQxNmQwNmI4NmFmMTRmNWE1ZjBhNTA4
Mzc3NGEwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGYxYzAwNjM4OWViNWQwY2RmMjgyYmYyM2QzZGJiMTBmNzJmN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBgoIZ7aDygFG64SL0jKtKkpdEa+
nftNGu0RpTpjI9K1T15V+4FMctxw5UpjkAVhP6Weu+ThELFYvz0LeyJhiQTQ05rf
aDIHvxoomPihz5DBNHD786+KN1zBseACVjwuCvhaRrjBcTy/li/DNU2xqs/wEpq4
qwhDAkmJp2pFATODf/gEcJaet3YfCtKwOCV9jJhizx785+FZ3URrodAkmT3giGXT
57b+dZGDeRyzZLHYDcphZqiWg6U1eZbfBP8zSKFZDB9H9VB2Hz6GvPwmqb7UzZ41
yAxvWSthu/fWPPd2+HqnRWG3nfUKFTWbX0t57uBwWoCB6oVI7P3zRX5SIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFETxwAY4nrXQzfKCvyPT27EPcve1MB8GA1UdIwQY
MBaAFNZIKURDrtFtBrhq8U9aXwpQg3dKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDkt
ZTU3Y2M4MWY1MjMzLzEvUlBIQUJqaWV0ZEROOG9LX0k5UGJzUTl5OTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDktZTU3Y2M4MWY1MjMz
LzEvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLhA4AwQD
hgAIAwQCuRbIAwQCuSLAAwQCuSpoAwQCuUIoMA0GCSqGSIb3DQEBCwUAA4IBAQC2
6v54amtRXDdKLUoTa/ratIaeyxBZDdaLshgQt46bR9jLhLwrpKMToi2FDSPM9vwj
DfOKUjRD1vT4ynUp+MbcMIX0Shy6R0fwfgEURMIjyhufk6dVHQqSLVIbev8Ppwyc
Yt/7iq/MVEZlfsVAb5ccwjKuuCYfVo7PDHYVlF3YT9QsavbBsMq2HpN2tJoV85nI
SLQKnUDJXLg6ZR4YopO0wR+TJJbYfwspLKWxI2lT9DiZMBpXVUinkgxL7yzgNgzU
iUNCyx2HP3glfVa+XrPowMnsJp3cwl+Fpm2d6y6sWDItLD6njRpZZRuGDe1zYURn
74r3gUplLpj1+Wfx+W4f
-----END CERTIFICATE-----
Generated at Sat May 11 16:48:41 2024 by rpki-client on console-fra.rpki-client.org