Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/42srLbwN3xTsBswuPD-ilQM-OdE.roa
File: 42srLbwN3xTsBswuPD-ilQM-OdE.roa (raw, json)
Hash identifier: KmorBBrIAyRgK5K+3m/J25/3tn/BPhi1XXLNU3PtLy4=
Subject key identifier: E3:6B:2B:2D:BC:0D:DF:14:EC:06:CC:2E:3C:3F:A2:95:03:3E:39:D1
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018CCA2A5C36B749A14083FADF24E5CDF7E8
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/42srLbwN3xTsBswuPD-ilQM-OdE.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31679
IP address blocks: 212.55.224.0/19 maxlen: 19
185.165.36.0/22 maxlen: 24
84.16.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5c:36:b7:49:a1:40:83:fa:df:24:e5:cd:f7:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e36b2b2dbc0ddf14ec06cc2e3c3fa295033e39d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c6:db:d6:66:52:dd:e6:60:c5:1b:62:3b:0b:
b8:c0:76:f7:d7:16:63:55:39:41:0f:5a:51:49:e7:
bf:38:93:a6:32:14:77:a4:62:a2:67:b3:90:0d:b5:
9b:7d:18:c4:ed:e6:42:13:fc:4d:82:fd:c2:3b:49:
a2:5b:42:38:86:be:81:78:f4:e7:96:86:90:0a:5e:
cd:6d:f9:34:68:82:90:b6:ed:a5:9d:ad:f5:5f:e5:
1e:d6:17:3c:c1:5b:aa:57:0e:85:33:6c:25:c1:2f:
ce:72:2f:a0:7c:0c:82:83:fa:37:86:96:f8:bf:a3:
0f:07:44:0e:16:cb:37:93:89:5a:d3:2a:ee:94:e2:
9d:6e:55:a5:17:aa:e9:7e:29:aa:26:49:c8:3d:02:
ec:fd:58:1a:ee:20:8f:2c:c9:82:56:9e:af:4e:a0:
d6:94:f8:12:b5:57:00:aa:34:be:90:d8:64:64:af:
37:81:bd:a5:60:e6:dc:1c:d9:95:a5:21:d1:95:8e:
bd:bf:34:6c:8f:b5:86:54:5b:af:f9:bc:e3:b6:59:
64:88:75:e2:b3:02:90:e1:19:b5:10:ba:f6:b2:d9:
8e:ca:59:a3:fd:01:88:ba:78:b2:35:97:23:90:fc:
f1:34:73:bf:e9:cc:6b:61:b0:fd:6b:5d:73:88:4e:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6B:2B:2D:BC:0D:DF:14:EC:06:CC:2E:3C:3F:A2:95:03:3E:39:D1
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/42srLbwN3xTsBswuPD-ilQM-OdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.16.32.0/19
185.165.36.0/22
212.55.224.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:e7:d6:89:23:89:53:38:f0:30:b3:68:d3:37:8b:70:7d:d1:
36:d7:48:7b:76:eb:84:f2:71:ad:09:7d:64:3a:05:b7:b9:9f:
9c:70:b1:b7:d6:eb:1c:89:0e:a5:4f:36:7f:64:3e:bb:26:77:
34:3d:25:31:3f:e6:1c:97:c6:cb:62:d6:e1:4b:99:03:98:4f:
67:b6:41:7e:9f:3c:0b:d3:21:5e:2b:22:7e:2b:80:e0:5c:25:
36:2f:06:63:a8:37:9e:19:b5:65:27:39:5c:9e:e1:97:98:32:
c9:d4:34:2c:cf:81:cd:e5:21:77:5e:b6:7a:1b:85:2f:52:7d:
02:e9:c7:c6:b8:4b:0a:de:75:d2:34:94:48:3b:f1:e8:88:da:
bc:4c:49:aa:7c:1f:0f:33:01:1f:84:e7:33:5d:ca:0b:fa:6a:
2d:c8:c2:9e:44:be:11:0c:9e:8b:6e:20:2e:24:d3:e3:13:bb:
ad:82:2d:e8:cd:1d:8b:c2:29:ae:89:0d:d1:40:80:0b:dc:4f:
8e:1d:78:5f:9c:f2:73:b3:17:35:d6:d1:a5:b4:8b:7e:d2:1c:
d5:b0:dc:d4:c0:81:a3:2c:ac:e1:bd:ad:87:f9:17:db:9b:b8:
7a:5e:fc:d5:b6:fc:d3:e9:9f:c6:be:42:e3:f5:1f:ea:91:fb:
f0:3a:2b:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKlw2t0mhQIP63yTlzffoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZiMmIyZGJjMGRkZjE0ZWMwNmNjMmUzYzNmYTI5NTAzM2UzOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssbb1mZS3eZgxRtiOwu4wHb31xZj
VTlBD1pRSee/OJOmMhR3pGKiZ7OQDbWbfRjE7eZCE/xNgv3CO0miW0I4hr6BePTn
loaQCl7Nbfk0aIKQtu2lna31X+Ue1hc8wVuqVw6FM2wlwS/Oci+gfAyCg/o3hpb4
v6MPB0QOFss3k4la0yrulOKdblWlF6rpfimqJknIPQLs/Vga7iCPLMmCVp6vTqDW
lPgStVcAqjS+kNhkZK83gb2lYObcHNmVpSHRlY69vzRsj7WGVFuv+bzjtllkiHXi
swKQ4Rm1ELr2stmOylmj/QGIuniyNZcjkPzxNHO/6cxrYbD9a11ziE5wQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFONrKy28Dd8U7AbMLjw/opUDPjnRMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvNDJzckxid04zeFRzQnN3dVBELWlsUU0tT2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVBAgAwQC
uaUkAwQF1DfgMA0GCSqGSIb3DQEBCwUAA4IBAQB659aJI4lTOPAws2jTN4twfdE2
10h7duuE8nGtCX1kOgW3uZ+ccLG31usciQ6lTzZ/ZD67Jnc0PSUxP+Ycl8bLYtbh
S5kDmE9ntkF+nzwL0yFeKyJ+K4DgXCU2LwZjqDeeGbVlJzlcnuGXmDLJ1DQsz4HN
5SF3XrZ6G4UvUn0C6cfGuEsK3nXSNJRIO/HoiNq8TEmqfB8PMwEfhOczXcoL+mot
yMKeRL4RDJ6LbiAuJNPjE7utgi3ozR2LwimuiQ3RQIAL3E+OHXhfnPJzsxc11tGl
tIt+0hzVsNzUwIGjLKzhva2H+Rfbm7h6XvzVtvzT6Z/GvkLj9R/qkfvwOis6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:24 2024 by rpki-client on console-fra.rpki-client.org