Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/SVJ-kHrpHJj-4FjjeM2s2uG2Hn4.roa
File: SVJ-kHrpHJj-4FjjeM2s2uG2Hn4.roa (raw, json)
Hash identifier: +UtG00QwKjROB3k1GMys/+R/4iZQ0w47BFdGQgPejd0=
Subject key identifier: 49:52:7E:90:7A:E9:1C:98:FE:E0:58:E3:78:CD:AC:DA:E1:B6:1E:7E
Certificate issuer: /CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Certificate serial: 01918E9AE962F751510F7CEA89B7378E5300
Authority key identifier: 3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/SVJ-kHrpHJj-4FjjeM2s2uG2Hn4.roa
Signing time: Mon 26 Aug 2024 12:13:22 +0000
ROA not before: Mon 26 Aug 2024 12:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39257
IP address blocks: 185.146.48.0/22 maxlen: 22
185.191.216.0/22 maxlen: 22
185.221.148.0/22 maxlen: 22
2a0a:2040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:9a:e9:62:f7:51:51:0f:7c:ea:89:b7:37:8e:53:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Validity
Not Before: Aug 26 12:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49527e907ae91c98fee058e378cdacdae1b61e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e3:4a:03:06:83:34:87:54:a4:3e:82:fa:8f:
87:75:15:27:5e:4d:44:ad:7d:85:54:58:d6:f9:57:
8e:ee:78:49:72:10:70:63:ec:11:12:46:77:6e:fb:
ec:91:10:e4:4f:71:b8:eb:36:03:a2:bf:cd:c8:24:
d0:dd:5f:2a:9b:d5:e0:eb:dc:9e:ad:67:3f:65:06:
a7:03:81:c3:bd:42:e9:2e:29:94:9e:bf:b5:61:31:
6f:aa:b1:4d:54:8c:a9:c9:50:c9:3b:36:47:b9:55:
43:51:ac:be:1c:cf:ab:42:53:b0:d9:49:ba:18:ef:
5a:f3:6f:be:e2:5f:14:4f:64:93:aa:88:f5:1e:19:
34:b2:a2:1b:d5:56:cc:49:70:91:f5:91:5a:e6:6f:
dd:5e:27:8d:92:a2:2e:ac:07:61:bb:c1:63:ca:cf:
84:2f:2c:98:51:38:5f:24:44:fe:d8:f1:2e:f3:bc:
f4:77:1a:13:02:49:0c:86:b7:0f:1a:1e:cc:62:ba:
fd:9f:51:56:e4:eb:a6:e9:62:04:20:0f:c2:53:2d:
48:83:0b:ef:6f:67:bb:a4:23:1f:2b:30:1f:5b:90:
11:2b:cf:70:e6:58:ca:ed:88:53:e1:1d:aa:5e:13:
4a:a2:ce:fd:0c:7d:6b:bc:ba:cc:48:81:9c:e6:87:
d7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:52:7E:90:7A:E9:1C:98:FE:E0:58:E3:78:CD:AC:DA:E1:B6:1E:7E
X509v3 Authority Key Identifier:
keyid:3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/SVJ-kHrpHJj-4FjjeM2s2uG2Hn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.48.0/22
185.191.216.0/22
185.221.148.0/22
IPv6:
2a0a:2040::/32
Signature Algorithm: sha256WithRSAEncryption
81:78:ad:29:31:61:31:a4:bb:e5:98:1c:58:0a:b0:12:e8:bf:
bb:8e:07:16:12:78:78:43:b9:27:94:40:7b:8b:25:9c:20:0b:
42:92:f6:68:99:4c:27:68:19:59:c5:71:58:5d:4b:fe:88:5c:
bf:4c:1c:a7:de:91:bc:f8:72:08:a7:f6:58:4d:9e:a2:6d:77:
22:5e:4e:71:66:1a:05:73:74:c4:b9:86:97:5f:7b:28:f5:8f:
88:95:d4:fb:3f:76:86:18:c5:c2:8d:9d:d6:28:74:a5:bf:4c:
6f:88:b8:76:23:0f:9a:b3:be:85:58:95:09:ce:b4:87:6b:a5:
5c:0a:32:ef:66:59:56:74:2f:24:cd:6f:6f:6b:2c:0d:aa:3d:
25:fd:5f:4f:87:84:69:8e:a3:e0:18:53:de:ea:0d:89:68:da:
c0:57:d9:89:57:5b:ac:9a:c6:99:c6:d8:bd:25:60:72:3f:c4:
b9:37:91:9d:b6:ce:2a:b9:72:f2:bd:79:6e:38:f0:f1:77:56:
64:b2:2f:51:9b:87:c7:fe:3b:ee:a0:74:99:2c:50:23:24:d4:
0c:7b:77:ff:7a:7e:3b:62:92:37:57:89:e7:e1:29:78:26:c4:
3a:2c:44:d6:16:f8:e8:ff:22:3b:f7:71:83:b1:17:a6:4a:30:
f6:fa:d6:ab
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZGOmuli91FRD3zqibc3jlMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODdmZWI0YWI5YTU3NzY1ZmMwYTY2NDU3MmMzNTAzMmU4
NjZhZDQwHhcNMjQwODI2MTIxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTUyN2U5MDdhZTkxYzk4ZmVlMDU4ZTM3OGNkYWNkYWUxYjYxZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+NKAwaDNIdUpD6C+o+HdRUnXk1E
rX2FVFjW+VeO7nhJchBwY+wREkZ3bvvskRDkT3G46zYDor/NyCTQ3V8qm9Xg69ye
rWc/ZQanA4HDvULpLimUnr+1YTFvqrFNVIypyVDJOzZHuVVDUay+HM+rQlOw2Um6
GO9a82++4l8UT2STqoj1Hhk0sqIb1VbMSXCR9ZFa5m/dXieNkqIurAdhu8Fjys+E
LyyYUThfJET+2PEu87z0dxoTAkkMhrcPGh7MYrr9n1FW5Oum6WIEIA/CUy1Igwvv
b2e7pCMfKzAfW5ARK89w5ljK7YhT4R2qXhNKos79DH1rvLrMSIGc5ofXBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFElSfpB66RyY/uBY43jNrNrhth5+MB8GA1UdIwQY
MBaAFDyH/rSrmld2X8CmZFcsNQMuhmrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQt
NDhmYjAwZmM5N2I2LzEvU1ZKLWtIcnBISmotNEZqamVNMnMydUcySG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQtNDhmYjAwZmM5N2I2
LzEvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZIwAwQC
ub/YAwQCud2UMA0EAgACMAcDBQAqCiBAMA0GCSqGSIb3DQEBCwUAA4IBAQCBeK0p
MWExpLvlmBxYCrAS6L+7jgcWEnh4Q7knlEB7iyWcIAtCkvZomUwnaBlZxXFYXUv+
iFy/TByn3pG8+HIIp/ZYTZ6ibXciXk5xZhoFc3TEuYaXX3so9Y+IldT7P3aGGMXC
jZ3WKHSlv0xviLh2Iw+as76FWJUJzrSHa6VcCjLvZllWdC8kzW9vaywNqj0l/V9P
h4RpjqPgGFPe6g2JaNrAV9mJV1usmsaZxti9JWByP8S5N5Gdts4quXLyvXluOPDx
d1Zksi9Rm4fH/jvuoHSZLFAjJNQMe3f/en47YpI3V4nn4Sl4JsQ6LETWFvjo/yI7
93GDsRemSjD2+tar
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:59:27 2024 by rpki-client on console-ams.rpki-client.org