Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a4582e-1a4d-4d4a-a5f4-ab13356e5fec/1/9ESaw7LkRjIbURl0qyIUVrwp478.roa
File: 9ESaw7LkRjIbURl0qyIUVrwp478.roa (raw, json)
Hash identifier: ocJL1bjZy6iPqR0CNskAtJrOJU+qfs00mexAINUiElQ=
Subject key identifier: F4:44:9A:C3:B2:E4:46:32:1B:51:19:74:AB:22:14:56:BC:29:E3:BF
Certificate issuer: /CN=03f3f8259b30ec03722f942035a94e209f882861
Certificate serial: 018CC2DB24D9A5362AC72DAB5F74ED976245
Authority key identifier: 03:F3:F8:25:9B:30:EC:03:72:2F:94:20:35:A9:4E:20:9F:88:28:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_P4JZsw7ANyL5QgNalOIJ-IKGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a4582e-1a4d-4d4a-a5f4-ab13356e5fec/1/9ESaw7LkRjIbURl0qyIUVrwp478.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43341
IP address blocks: 193.46.36.0/22 maxlen: 22
2a0c:d240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/a4582e-1a4d-4d4a-a5f4-ab13356e5fec/1/A_P4JZsw7ANyL5QgNalOIJ-IKGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/a4582e-1a4d-4d4a-a5f4-ab13356e5fec/1/A_P4JZsw7ANyL5QgNalOIJ-IKGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/A_P4JZsw7ANyL5QgNalOIJ-IKGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:24:d9:a5:36:2a:c7:2d:ab:5f:74:ed:97:62:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03f3f8259b30ec03722f942035a94e209f882861
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4449ac3b2e446321b511974ab221456bc29e3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:96:30:90:50:87:cf:ff:57:67:7b:28:92:0d:
ab:ee:68:d9:7d:ff:9f:59:41:95:ba:e5:6a:de:5e:
7e:11:ae:84:b4:89:a5:aa:95:2a:8e:7c:d8:ea:b4:
0b:33:bc:d5:b8:70:76:9b:72:66:2f:eb:12:9f:55:
a3:36:1e:7b:85:2d:16:41:31:a1:05:62:dd:ce:98:
70:de:6d:aa:4a:a8:b2:97:50:88:1d:b1:a3:dd:e3:
f8:59:8a:dd:b3:8e:d4:9b:ec:ea:11:d4:13:c9:8c:
cd:ff:1c:68:b2:9f:52:9c:7a:d7:2e:95:93:54:f9:
89:75:4f:dc:5e:9f:fb:3d:c9:c9:5a:c3:5e:66:2c:
b5:00:02:38:1f:7d:8f:c2:1a:21:93:e5:97:b6:82:
25:6f:97:d6:37:66:6e:71:e5:87:44:1f:ae:03:28:
a9:7b:71:19:9f:2d:f5:8c:a0:ab:3d:41:bb:a0:bc:
c9:a9:a5:2f:02:8e:22:cd:2d:d2:1b:49:1f:4b:8c:
e0:59:55:b1:d0:33:36:38:4d:a0:e2:4f:ea:74:8e:
cf:5b:57:cb:30:83:84:5d:4f:74:c9:6a:87:8a:1b:
31:4f:dc:ef:18:f4:eb:90:76:d4:7b:19:4a:71:93:
15:ff:60:d6:48:54:61:a4:3c:2d:a9:e5:09:38:4a:
14:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:44:9A:C3:B2:E4:46:32:1B:51:19:74:AB:22:14:56:BC:29:E3:BF
X509v3 Authority Key Identifier:
keyid:03:F3:F8:25:9B:30:EC:03:72:2F:94:20:35:A9:4E:20:9F:88:28:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_P4JZsw7ANyL5QgNalOIJ-IKGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a4582e-1a4d-4d4a-a5f4-ab13356e5fec/1/9ESaw7LkRjIbURl0qyIUVrwp478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a4582e-1a4d-4d4a-a5f4-ab13356e5fec/1/A_P4JZsw7ANyL5QgNalOIJ-IKGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.36.0/22
IPv6:
2a0c:d240::/29
Signature Algorithm: sha256WithRSAEncryption
70:5f:c5:60:89:da:6e:76:3f:52:8e:e8:d6:f6:1c:c6:51:05:
29:5b:27:96:94:21:64:0b:f2:57:4c:c8:69:9a:c0:e6:82:f1:
02:fe:af:bf:43:c8:0c:c4:20:93:db:41:81:9b:6d:34:c4:b0:
db:a1:8f:12:26:f8:a3:06:bb:fb:6e:0d:be:a2:e6:fa:71:4c:
cb:8e:11:4e:96:eb:a4:01:0c:a0:9b:a8:bc:a2:53:e5:41:e1:
1e:91:c4:4f:52:fb:a7:33:12:8c:24:49:fd:c6:8f:05:27:c5:
a3:ad:5d:e0:dd:09:38:48:d3:f5:f7:21:6a:99:6c:a6:00:9d:
a3:73:b7:1a:f5:01:8a:0c:50:87:0c:cc:29:83:1b:38:ee:7e:
98:21:91:15:a1:66:f9:ac:6c:fd:3b:df:5d:cb:20:3e:1c:62:
d5:94:6c:2b:f6:3c:50:b3:5c:ba:db:5e:a5:9a:db:55:33:80:
fd:1f:c4:26:11:99:02:5c:37:c9:db:d5:68:78:cc:b0:01:ee:
8b:29:5d:8d:6b:10:a3:bf:ab:45:cb:9e:c4:31:da:8e:a0:6d:
ad:f9:d6:9a:02:60:99:8d:9b:88:c1:ce:69:96:b4:82:d9:62:
f5:53:a4:e6:19:e2:d1:e1:5c:d6:44:7f:19:18:5a:a8:9c:5f:
5d:b5:12:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2yTZpTYqxy2rX3Ttl2JFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjNmODI1OWIzMGVjMDM3MjJmOTQyMDM1YTk0ZTIwOWY4
ODI4NjEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDQ0OWFjM2IyZTQ0NjMyMWI1MTE5NzRhYjIyMTQ1NmJjMjllM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpYwkFCHz/9XZ3sokg2r7mjZff+f
WUGVuuVq3l5+Ea6EtImlqpUqjnzY6rQLM7zVuHB2m3JmL+sSn1WjNh57hS0WQTGh
BWLdzphw3m2qSqiyl1CIHbGj3eP4WYrds47Um+zqEdQTyYzN/xxosp9SnHrXLpWT
VPmJdU/cXp/7PcnJWsNeZiy1AAI4H32Pwhohk+WXtoIlb5fWN2ZuceWHRB+uAyip
e3EZny31jKCrPUG7oLzJqaUvAo4izS3SG0kfS4zgWVWx0DM2OE2g4k/qdI7PW1fL
MIOEXU90yWqHihsxT9zvGPTrkHbUexlKcZMV/2DWSFRhpDwtqeUJOEoUlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPREmsOy5EYyG1EZdKsiFFa8KeO/MB8GA1UdIwQY
MBaAFAPz+CWbMOwDci+UIDWpTiCfiChhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9QNEpac3c3QU55TDVRZ05hbE9JSi1JS0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hNDU4MmUtMWE0ZC00ZDRhLWE1ZjQt
YWIxMzM1NmU1ZmVjLzEvOUVTYXc3TGtSakliVVJsMHF5SVVWcndwNDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hNDU4MmUtMWE0ZC00ZDRhLWE1ZjQtYWIxMzM1NmU1ZmVj
LzEvQV9QNEpac3c3QU55TDVRZ05hbE9JSi1JS0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwS4kMA0E
AgACMAcDBQMqDNJAMA0GCSqGSIb3DQEBCwUAA4IBAQBwX8Vgidpudj9SjujW9hzG
UQUpWyeWlCFkC/JXTMhpmsDmgvEC/q+/Q8gMxCCT20GBm200xLDboY8SJvijBrv7
bg2+oub6cUzLjhFOluukAQygm6i8olPlQeEekcRPUvunMxKMJEn9xo8FJ8WjrV3g
3Qk4SNP19yFqmWymAJ2jc7ca9QGKDFCHDMwpgxs47n6YIZEVoWb5rGz9O99dyyA+
HGLVlGwr9jxQs1y6216lmttVM4D9H8QmEZkCXDfJ29VoeMywAe6LKV2NaxCjv6tF
y57EMdqOoG2t+daaAmCZjZuIwc5plrSC2WL1U6TmGeLR4VzWRH8ZGFqonF9dtRIO
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:12:28 2024 by rpki-client on console-ams.rpki-client.org