Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/mQ2Vz9unnpP_F3g8h_9xilBQvjA.roa
File: mQ2Vz9unnpP_F3g8h_9xilBQvjA.roa (raw, json)
Hash identifier: v3DnxdiQETIdhSt1+VKw1LrsY1zyc5NKfhfYw69iEy4=
Subject key identifier: 99:0D:95:CF:DB:A7:9E:93:FF:17:78:3C:87:FF:71:8A:50:50:BE:30
Certificate issuer: /CN=f19655b59a864cad73cc295f4f78ff83cae86aac
Certificate serial: 018CCA2AAA308DF08D2617E0DB456409439A
Authority key identifier: F1:96:55:B5:9A:86:4C:AD:73:CC:29:5F:4F:78:FF:83:CA:E8:6A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/mQ2Vz9unnpP_F3g8h_9xilBQvjA.roa
Signing time: Tue 02 Jan 2024 12:34:02 +0000
ROA not before: Tue 02 Jan 2024 12:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47777
IP address blocks: 46.19.56.0/21 maxlen: 24
94.125.24.0/21 maxlen: 24
94.125.28.0/24 maxlen: 24
185.15.180.0/22 maxlen: 22
185.15.183.0/24 maxlen: 24
2a00:1b40::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/8ZZVtZqGTK1zzClfT3j_g8roaqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/8ZZVtZqGTK1zzClfT3j_g8roaqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 18:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:aa:30:8d:f0:8d:26:17:e0:db:45:64:09:43:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f19655b59a864cad73cc295f4f78ff83cae86aac
Validity
Not Before: Jan 2 12:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=990d95cfdba79e93ff17783c87ff718a5050be30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:47:91:39:e0:85:95:55:7d:aa:c1:3a:9f:e5:
1c:7d:09:b5:8f:2e:43:09:52:f8:19:17:c3:18:2a:
76:7b:c0:a0:23:40:08:94:fc:12:f9:d8:7a:80:11:
b6:89:68:00:81:05:77:1e:80:73:e9:29:57:38:8d:
11:0f:0d:b3:45:d8:2e:e2:da:88:29:51:4e:48:ff:
81:88:17:04:fb:e7:b4:7d:f7:8b:35:bd:f5:83:c4:
2e:65:c3:cd:9d:9f:df:f5:20:c5:1a:16:9d:bf:c3:
06:3e:e8:ca:aa:72:15:1c:8a:62:8d:b1:6c:7c:6a:
67:54:e0:f4:6b:4d:8f:39:17:b4:bf:b1:c9:c4:33:
28:41:f7:3f:92:3e:c4:47:e5:83:8d:d9:aa:94:55:
7f:05:91:39:42:81:f2:6f:0d:99:65:cf:0b:41:29:
5f:24:54:e6:62:f5:34:2f:dc:8c:75:03:0a:60:75:
ce:53:54:36:1a:0c:92:54:fa:48:14:68:9c:12:b7:
8f:d1:d1:15:f6:2a:05:2f:30:f9:07:03:8a:70:09:
6d:91:6e:7d:da:6f:bc:7c:cd:c6:16:cb:3c:54:84:
82:a7:39:b4:d9:2f:46:a6:05:11:b0:19:ec:62:af:
3b:b7:bb:84:37:6b:49:0a:e4:ed:92:a7:27:e3:8e:
5b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0D:95:CF:DB:A7:9E:93:FF:17:78:3C:87:FF:71:8A:50:50:BE:30
X509v3 Authority Key Identifier:
keyid:F1:96:55:B5:9A:86:4C:AD:73:CC:29:5F:4F:78:FF:83:CA:E8:6A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/mQ2Vz9unnpP_F3g8h_9xilBQvjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/8ZZVtZqGTK1zzClfT3j_g8roaqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.56.0/21
94.125.24.0/21
185.15.180.0/22
IPv6:
2a00:1b40::/32
Signature Algorithm: sha256WithRSAEncryption
90:be:68:33:d6:67:ab:82:48:50:d6:c7:12:7c:7f:af:5a:60:
cd:66:58:58:28:55:d3:26:3d:76:14:c3:1b:d9:29:e5:06:cf:
b5:1e:09:a6:4f:19:14:90:92:c1:64:be:a3:ab:3a:4a:fc:83:
21:24:7a:09:f7:91:fd:5e:e7:90:4c:a2:65:97:f1:e5:47:ae:
71:94:18:ec:3e:2e:11:34:9b:2b:38:0f:ba:f3:36:f8:3d:77:
dd:b2:6a:fa:9c:83:b7:09:82:54:2c:51:68:27:94:f4:c8:60:
33:51:30:c9:8d:f3:32:7a:b3:26:66:0d:b4:65:d9:71:e0:e3:
bd:ef:2d:6a:0f:17:8c:20:62:bf:15:74:6f:72:df:bc:34:ac:
d8:1e:b9:f9:af:9b:1b:ce:74:13:36:d1:ab:33:b5:68:e6:5a:
91:11:65:16:7a:07:99:ce:6b:c7:79:75:aa:b8:7f:29:2c:5a:
8d:26:50:47:b0:f1:d8:a1:90:62:1a:2d:6d:d4:e9:a1:ee:62:
65:a9:b9:80:44:1b:41:6f:f0:7d:06:6d:05:3e:7a:25:57:01:
a1:73:6b:2a:88:0d:cb:63:cb:24:ba:80:5c:7b:10:bd:bc:4d:
d2:a8:7e:76:5f:58:be:92:2a:a5:1b:ac:84:6d:db:0f:04:ad:
b2:7b:b0:d6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKqowjfCNJhfg20VkCUOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxOTY1NWI1OWE4NjRjYWQ3M2NjMjk1ZjRmNzhmZjgzY2Fl
ODZhYWMwHhcNMjQwMTAyMTIzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTBkOTVjZmRiYTc5ZTkzZmYxNzc4M2M4N2ZmNzE4YTUwNTBiZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkeROeCFlVV9qsE6n+UcfQm1jy5D
CVL4GRfDGCp2e8CgI0AIlPwS+dh6gBG2iWgAgQV3HoBz6SlXOI0RDw2zRdgu4tqI
KVFOSP+BiBcE++e0ffeLNb31g8QuZcPNnZ/f9SDFGhadv8MGPujKqnIVHIpijbFs
fGpnVOD0a02PORe0v7HJxDMoQfc/kj7ER+WDjdmqlFV/BZE5QoHybw2ZZc8LQSlf
JFTmYvU0L9yMdQMKYHXOU1Q2GgySVPpIFGicEreP0dEV9ioFLzD5BwOKcAltkW59
2m+8fM3GFss8VISCpzm02S9GpgURsBnsYq87t7uEN2tJCuTtkqcn445b7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJkNlc/bp56T/xd4PIf/cYpQUL4wMB8GA1UdIwQY
MBaAFPGWVbWahkytc8wpX094/4PK6GqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFpaVnRacUdUSzF6ekNsZlQzal9nOHJvYXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yYmQxZGMtYWRlMS00NmM5LWI5YzAt
MzM5ZWU3MDBhZjZmLzEvbVEyVno5dW5ucFBfRjNnOGhfOXhpbEJRdmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yYmQxZGMtYWRlMS00NmM5LWI5YzAtMzM5ZWU3MDBhZjZm
LzEvOFpaVnRacUdUSzF6ekNsZlQzal9nOHJvYXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhM4AwQD
Xn0YAwQCuQ+0MA0EAgACMAcDBQAqABtAMA0GCSqGSIb3DQEBCwUAA4IBAQCQvmgz
1mergkhQ1scSfH+vWmDNZlhYKFXTJj12FMMb2SnlBs+1HgmmTxkUkJLBZL6jqzpK
/IMhJHoJ95H9XueQTKJll/HlR65xlBjsPi4RNJsrOA+68zb4PXfdsmr6nIO3CYJU
LFFoJ5T0yGAzUTDJjfMyerMmZg20Zdlx4OO97y1qDxeMIGK/FXRvct+8NKzYHrn5
r5sbznQTNtGrM7Vo5lqREWUWegeZzmvHeXWquH8pLFqNJlBHsPHYoZBiGi1t1Omh
7mJlqbmARBtBb/B9Bm0FPnolVwGhc2sqiA3LY8skuoBcexC9vE3SqH52X1i+kiql
G6yEbdsPBK2ye7DW
-----END CERTIFICATE-----
Generated at Sun May 26 00:24:58 2024 by rpki-client on console-ams.rpki-client.org