Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/Sl_fRC5JfD-oOOYmHI52DiXobHI.roa
File: Sl_fRC5JfD-oOOYmHI52DiXobHI.roa (raw, json)
Hash identifier: Ol8cYTHNDZ4iSNge1r+Q28goP1vrKY4Nent0GisNWYw=
Subject key identifier: 4A:5F:DF:44:2E:49:7C:3F:A8:38:E6:26:1C:8E:76:0E:25:E8:6C:72
Certificate issuer: /CN=776405e0283743cf52180d5b13812dfba3ded7fc
Certificate serial: 018CC349423A36BCEB974B5292FCD523B753
Authority key identifier: 77:64:05:E0:28:37:43:CF:52:18:0D:5B:13:81:2D:FB:A3:DE:D7:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/Sl_fRC5JfD-oOOYmHI52DiXobHI.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43128
IP address blocks: 212.44.112.0/24 maxlen: 24
212.44.113.0/24 maxlen: 24
212.44.118.0/24 maxlen: 24
212.44.120.0/24 maxlen: 24
212.44.119.0/24 maxlen: 24
212.44.126.0/23 maxlen: 24
146.247.24.0/22 maxlen: 24
185.148.72.0/22 maxlen: 24
212.44.96.0/20 maxlen: 24
212.44.96.0/19 maxlen: 24
2a02:ec::/32 maxlen: 48
2a02:e8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:42:3a:36:bc:eb:97:4b:52:92:fc:d5:23:b7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776405e0283743cf52180d5b13812dfba3ded7fc
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a5fdf442e497c3fa838e6261c8e760e25e86c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:82:f5:69:65:44:6a:bd:e3:e7:bc:5b:1a:e7:
a3:aa:75:21:fa:d5:f9:f1:64:f3:4f:d0:b8:f0:15:
82:9b:11:c0:aa:28:17:e3:13:ad:e7:15:9f:de:ef:
12:ec:b6:d0:71:0c:77:eb:06:77:c6:c5:ac:d2:1b:
42:00:c8:cb:ab:fe:61:3e:26:ae:83:56:28:93:99:
26:36:66:dd:10:31:23:81:ae:dc:bb:50:4c:56:f1:
41:51:0a:f3:9f:cc:27:0b:0e:cd:27:be:a8:61:4c:
37:8b:38:1a:a4:d5:44:a3:44:b2:c4:5e:f8:a0:92:
02:53:ad:bb:2e:51:22:da:f6:9b:86:96:9f:28:10:
83:af:fe:01:43:0a:76:95:35:7e:c5:cd:7c:34:d7:
64:b9:b9:9c:a7:6e:2c:07:52:48:d2:a0:90:c2:61:
c9:9d:18:ad:ce:26:87:23:86:07:31:d7:23:ff:5c:
d3:20:78:72:08:6c:80:48:40:09:e9:3a:c9:47:27:
a7:6e:b1:04:29:a6:34:0a:e8:eb:c1:f8:75:aa:1d:
ef:41:9f:e5:ee:cf:45:1d:3f:34:48:96:e8:f6:21:
1e:b0:ce:0e:d2:cc:ca:ad:b7:9f:06:be:8b:55:6b:
1c:17:a6:a5:9f:b2:2e:85:83:1d:f8:05:f8:df:2f:
ae:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5F:DF:44:2E:49:7C:3F:A8:38:E6:26:1C:8E:76:0E:25:E8:6C:72
X509v3 Authority Key Identifier:
keyid:77:64:05:E0:28:37:43:CF:52:18:0D:5B:13:81:2D:FB:A3:DE:D7:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/Sl_fRC5JfD-oOOYmHI52DiXobHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.24.0/22
185.148.72.0/22
212.44.96.0/19
IPv6:
2a02:e8::/32
2a02:ec::/32
Signature Algorithm: sha256WithRSAEncryption
09:b5:32:ee:63:48:2a:f0:74:a3:b6:02:15:41:81:5c:5d:f1:
37:d4:c3:51:a8:a9:23:b0:9e:30:c7:de:53:35:12:cf:0a:e4:
bd:52:94:6c:03:61:0f:dc:13:5a:a9:c6:de:ee:d2:5c:0b:f4:
96:30:d3:ef:77:71:3b:d8:ef:9b:00:c8:cc:44:ac:17:64:52:
b7:27:94:87:27:96:54:75:15:19:ab:25:7b:08:7d:c5:53:41:
71:85:25:6e:18:05:4e:38:f9:42:8d:85:3f:eb:c7:04:da:fa:
b7:a2:0e:21:bd:54:ad:54:1e:ae:10:1e:97:9c:29:6f:ac:06:
15:a9:46:07:7f:ad:fc:d5:8e:d0:ea:02:9f:80:52:33:5f:11:
81:c2:5a:8c:c3:ed:0b:f8:2c:f9:ae:3b:42:49:f5:bd:bd:5d:
df:3e:59:24:fc:d8:04:8e:20:3e:bf:00:4b:ce:26:5f:d6:e8:
a8:71:23:68:33:2e:91:f4:35:b8:b3:4e:5a:d8:ca:55:2a:87:
be:f7:f0:13:ed:13:75:92:11:ce:34:82:4f:9f:d9:3d:a9:46:
43:2d:96:d5:64:72:83:8d:aa:98:27:06:80:74:e9:46:8e:5a:
d2:25:22:8d:da:02:56:fc:2e:80:5c:1a:78:0d:62:c2:98:a7:
85:6b:51:df
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzDSUI6Nrzrl0tSkvzVI7dTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjQwNWUwMjgzNzQzY2Y1MjE4MGQ1YjEzODEyZGZiYTNk
ZWQ3ZmMwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTVmZGY0NDJlNDk3YzNmYTgzOGU2MjYxYzhlNzYwZTI1ZTg2YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoL1aWVEar3j57xbGuejqnUh+tX5
8WTzT9C48BWCmxHAqigX4xOt5xWf3u8S7LbQcQx36wZ3xsWs0htCAMjLq/5hPiau
g1Yok5kmNmbdEDEjga7cu1BMVvFBUQrzn8wnCw7NJ76oYUw3izgapNVEo0SyxF74
oJICU627LlEi2vabhpafKBCDr/4BQwp2lTV+xc18NNdkubmcp24sB1JI0qCQwmHJ
nRitziaHI4YHMdcj/1zTIHhyCGyASEAJ6TrJRyenbrEEKaY0Cujrwfh1qh3vQZ/l
7s9FHT80SJbo9iEesM4O0szKrbefBr6LVWscF6aln7IuhYMd+AX43y+ubQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEpf30QuSXw/qDjmJhyOdg4l6GxyMB8GA1UdIwQY
MBaAFHdkBeAoN0PPUhgNWxOBLfuj3tf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJRRjRDZzNRODlTR0ExYkU0RXQtNlBlMV93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8zNjM1ODYtOWI4MC00NTdiLWJkZjAt
NmNhNTJlMDI5Y2JlLzEvU2xfZlJDNUpmRC1vT09ZbUhJNTJEaVhvYkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8zNjM1ODYtOWI4MC00NTdiLWJkZjAtNmNhNTJlMDI5Y2Jl
LzEvZDJRRjRDZzNRODlTR0ExYkU0RXQtNlBlMV93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCkvcYAwQC
uZRIAwQF1CxgMBQEAgACMA4DBQAqAgDoAwUAKgIA7DANBgkqhkiG9w0BAQsFAAOC
AQEACbUy7mNIKvB0o7YCFUGBXF3xN9TDUaipI7CeMMfeUzUSzwrkvVKUbANhD9wT
WqnG3u7SXAv0ljDT73dxO9jvmwDIzESsF2RStyeUhyeWVHUVGaslewh9xVNBcYUl
bhgFTjj5Qo2FP+vHBNr6t6IOIb1UrVQerhAel5wpb6wGFalGB3+t/NWO0OoCn4BS
M18RgcJajMPtC/gs+a47Qkn1vb1d3z5ZJPzYBI4gPr8AS84mX9boqHEjaDMukfQ1
uLNOWtjKVSqHvvfwE+0TdZIRzjSCT5/ZPalGQy2W1WRyg42qmCcGgHTpRo5a0iUi
jdoCVvwugFwaeA1iwpinhWtR3w==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:32:48 2024 by rpki-client on console-fra.rpki-client.org