Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/qefX8nsNSFezO2M8rsjsOtg6B4Y.roa
File: qefX8nsNSFezO2M8rsjsOtg6B4Y.roa (raw, json)
Hash identifier: Atq8BFa11OqjPrGzIa+8IsbLn4KKlwy/f0fF+jBqFxM=
Subject key identifier: A9:E7:D7:F2:7B:0D:48:57:B3:3B:63:3C:AE:C8:EC:3A:D8:3A:07:86
Certificate issuer: /CN=74f59301011c45af635634d2e53c0b08c2054e2d
Certificate serial: 018CC5DC0B0B4C21707D4CC07BD3D5D491B0
Authority key identifier: 74:F5:93:01:01:1C:45:AF:63:56:34:D2:E5:3C:0B:08:C2:05:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPWTAQEcRa9jVjTS5TwLCMIFTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/qefX8nsNSFezO2M8rsjsOtg6B4Y.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 185.248.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/dPWTAQEcRa9jVjTS5TwLCMIFTi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/dPWTAQEcRa9jVjTS5TwLCMIFTi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dPWTAQEcRa9jVjTS5TwLCMIFTi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0b:0b:4c:21:70:7d:4c:c0:7b:d3:d5:d4:91:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74f59301011c45af635634d2e53c0b08c2054e2d
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9e7d7f27b0d4857b33b633caec8ec3ad83a0786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f9:09:e3:e2:71:d9:15:a4:af:a7:01:8f:c6:
3a:f9:cc:10:24:30:94:c2:84:c2:b7:31:e6:0c:54:
d2:49:21:dd:64:16:8c:72:da:32:77:e9:8b:b6:cd:
c5:33:1f:e7:3d:32:a1:5b:27:df:bf:14:55:27:5f:
73:6c:57:e3:1f:ae:99:db:19:a5:3c:3c:d2:e1:83:
87:63:d1:41:08:a3:5e:b4:5d:16:bd:e0:a8:92:67:
55:09:f0:2a:a7:11:96:63:91:f5:b5:14:ca:ec:ae:
c6:dc:8b:70:ad:f0:19:47:17:4e:82:d3:d5:74:20:
15:de:52:64:78:6a:13:16:1e:ad:a7:f3:cf:f3:1e:
84:6b:d4:f4:7d:39:b1:91:85:bf:ac:ed:b8:96:f7:
c0:ad:b6:76:22:ba:5f:16:af:8a:6e:0c:91:38:b2:
1b:24:c3:4d:df:6e:27:32:ed:96:b5:14:f0:8d:af:
e9:25:c1:bc:fd:7f:59:f4:56:80:a3:66:45:7c:5b:
c6:36:ea:ff:9c:3f:e5:10:5d:69:c0:b9:f7:8e:3d:
b8:87:79:fe:26:80:65:02:e9:17:4a:c2:a2:29:ce:
a8:09:3e:e5:31:5d:82:34:46:10:ec:34:ff:15:9a:
87:db:ab:60:1a:31:fb:10:2a:dc:bc:b1:f2:76:ed:
c7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E7:D7:F2:7B:0D:48:57:B3:3B:63:3C:AE:C8:EC:3A:D8:3A:07:86
X509v3 Authority Key Identifier:
keyid:74:F5:93:01:01:1C:45:AF:63:56:34:D2:E5:3C:0B:08:C2:05:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPWTAQEcRa9jVjTS5TwLCMIFTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/qefX8nsNSFezO2M8rsjsOtg6B4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/dPWTAQEcRa9jVjTS5TwLCMIFTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.144.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:3a:8b:e9:a4:01:e9:65:04:b5:58:f1:e2:eb:0a:6e:37:9a:
79:2c:05:a4:4a:94:17:43:3b:71:67:7b:2c:7c:9c:e3:68:49:
28:db:93:3b:82:63:ea:b2:a2:67:d0:5f:bc:99:37:a1:93:55:
11:91:ae:31:5c:a6:35:ed:8b:ce:62:7d:2d:0d:75:4b:24:a7:
69:0e:51:b3:ee:32:c5:c9:e4:74:a0:5d:5c:40:4f:bb:ef:2b:
5f:6e:ad:c8:57:80:68:9d:53:c4:f6:15:15:49:70:5f:50:80:
8b:8b:c8:ba:37:38:34:60:07:15:a1:9e:9a:58:79:f6:2b:40:
ac:d0:a0:e8:0a:c5:a9:41:cc:1f:6b:8d:bb:e6:02:a4:d5:39:
92:e8:7f:fb:29:40:ab:77:62:92:dd:3b:15:09:82:d9:86:ab:
4c:09:06:18:2a:5a:6d:46:bd:36:52:4f:08:09:47:86:49:7e:
e5:2b:37:79:da:37:ed:7b:96:45:d0:da:1d:06:62:b8:15:e3:
77:ea:2f:50:0d:cc:19:6a:05:e6:1c:d9:99:06:d8:44:72:e9:
a9:09:6b:86:d5:3b:f1:c6:1c:b5:49:19:7d:46:6f:e0:01:7c:
21:c3:01:3a:2f:e3:b0:17:c4:fc:38:e9:bc:9f:ff:44:c5:c6:
b3:0e:3f:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3AsLTCFwfUzAe9PV1JGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjU5MzAxMDExYzQ1YWY2MzU2MzRkMmU1M2MwYjA4YzIw
NTRlMmQwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU3ZDdmMjdiMGQ0ODU3YjMzYjYzM2NhZWM4ZWMzYWQ4M2EwNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPkJ4+Jx2RWkr6cBj8Y6+cwQJDCU
woTCtzHmDFTSSSHdZBaMctoyd+mLts3FMx/nPTKhWyffvxRVJ19zbFfjH66Z2xml
PDzS4YOHY9FBCKNetF0WveCokmdVCfAqpxGWY5H1tRTK7K7G3ItwrfAZRxdOgtPV
dCAV3lJkeGoTFh6tp/PP8x6Ea9T0fTmxkYW/rO24lvfArbZ2IrpfFq+KbgyROLIb
JMNN324nMu2WtRTwja/pJcG8/X9Z9FaAo2ZFfFvGNur/nD/lEF1pwLn3jj24h3n+
JoBlAukXSsKiKc6oCT7lMV2CNEYQ7DT/FZqH26tgGjH7ECrcvLHydu3HSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnn1/J7DUhXsztjPK7I7DrYOgeGMB8GA1UdIwQY
MBaAFHT1kwEBHEWvY1Y00uU8CwjCBU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBXVEFRRWNSYTlqVmpUUzVUd0xDTUlGVGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYTk0NWItMGUxNS00NTZkLThiOTAt
NWFhMTZlN2E5OTg5LzEvcWVmWDhuc05TRmV6TzJNOHJzanNPdGc2QjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYTk0NWItMGUxNS00NTZkLThiOTAtNWFhMTZlN2E5OTg5
LzEvZFBXVEFRRWNSYTlqVmpUUzVUd0xDTUlGVGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiQMA0G
CSqGSIb3DQEBCwUAA4IBAQBOOovppAHpZQS1WPHi6wpuN5p5LAWkSpQXQztxZ3ss
fJzjaEko25M7gmPqsqJn0F+8mTehk1URka4xXKY17YvOYn0tDXVLJKdpDlGz7jLF
yeR0oF1cQE+77ytfbq3IV4BonVPE9hUVSXBfUICLi8i6Nzg0YAcVoZ6aWHn2K0Cs
0KDoCsWpQcwfa4275gKk1TmS6H/7KUCrd2KS3TsVCYLZhqtMCQYYKlptRr02Uk8I
CUeGSX7lKzd52jfte5ZF0NodBmK4FeN36i9QDcwZagXmHNmZBthEcumpCWuG1Tvx
xhy1SRl9Rm/gAXwhwwE6L+OwF8T8OOm8n/9ExcazDj98
-----END CERTIFICATE-----
Generated at Sun May 19 21:12:09 2024 by rpki-client on console-fra.rpki-client.org