Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/1ActLPzZicpaF_0IR7mBotb_i04.roa
File: 1ActLPzZicpaF_0IR7mBotb_i04.roa (raw, json)
Hash identifier: vZVyNtiZOu71p/ff+vnh11HCu5Vyn4RwJStD2eGCUvY=
Subject key identifier: D4:07:2D:2C:FC:D9:89:CA:5A:17:FD:08:47:B9:81:A2:D6:FF:8B:4E
Certificate issuer: /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial: 018F2C0A9763A6C5C611AEFF053343BEB454
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/1ActLPzZicpaF_0IR7mBotb_i04.roa
Signing time: Mon 29 Apr 2024 22:47:22 +0000
ROA not before: Mon 29 Apr 2024 22:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 80.73.120.0/21 maxlen: 24
80.88.76.0/22 maxlen: 24
185.76.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2c:0a:97:63:a6:c5:c6:11:ae:ff:05:33:43:be:b4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Validity
Not Before: Apr 29 22:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4072d2cfcd989ca5a17fd0847b981a2d6ff8b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:34:4a:2f:25:95:27:79:e0:9d:e1:ac:18:
65:02:aa:41:39:7f:e2:18:de:ea:c6:79:e3:24:93:
3e:b2:fa:4a:ae:63:6f:79:d1:24:2e:ac:58:5b:9d:
b7:df:59:82:cd:06:51:6f:72:df:6b:11:54:d7:d4:
6c:b9:f5:e7:84:ba:ac:12:9b:df:82:dd:b8:07:50:
a3:34:08:78:b7:8e:e3:f3:ef:e2:22:cf:ed:4c:c4:
9e:f1:b1:61:1e:28:da:a3:bd:9a:19:1e:ce:cb:f0:
80:6e:2f:03:3a:a3:62:3f:f0:8f:27:4f:e6:ff:da:
40:1a:26:a9:ca:04:8f:30:e1:ca:0a:60:61:d9:53:
2e:3b:05:9e:42:31:69:45:05:0b:1a:35:74:28:19:
02:6e:40:6d:88:5e:50:58:97:9c:bd:55:b0:2f:45:
f6:77:c7:29:d0:c4:f9:de:be:51:d1:fd:2a:3f:8c:
40:c3:58:3f:a4:53:bd:12:ed:24:8b:9c:b4:21:34:
f4:5b:fb:84:5b:92:7e:50:10:0e:6b:f9:31:b3:7b:
ca:96:8f:42:b5:a3:a8:b0:f2:dd:d4:4b:48:ab:fa:
99:9b:83:9a:74:5c:20:35:4d:74:c1:60:a6:9d:9a:
a2:45:9f:e5:d8:4a:ed:f3:0e:09:8b:f8:e7:4a:f4:
d8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:07:2D:2C:FC:D9:89:CA:5A:17:FD:08:47:B9:81:A2:D6:FF:8B:4E
X509v3 Authority Key Identifier:
keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/1ActLPzZicpaF_0IR7mBotb_i04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.120.0/21
80.88.76.0/22
185.76.40.0/22
Signature Algorithm: sha256WithRSAEncryption
33:23:eb:27:d1:39:e8:3d:6e:35:e1:de:aa:0f:44:10:3d:ce:
2a:94:e3:8f:27:89:58:39:cf:bc:44:8a:7d:a4:67:5a:41:69:
17:7e:48:43:74:78:38:3a:a9:81:55:a5:ed:a7:59:50:8d:31:
60:88:95:c3:84:c0:aa:25:62:5b:83:06:b5:d8:90:50:48:94:
af:21:84:2c:c9:52:0c:17:7f:43:45:cd:e8:5c:33:f0:63:11:
76:2e:28:ce:45:e5:a4:cd:5c:a3:c0:31:ac:d8:e4:e8:c2:da:
b8:79:51:37:de:16:26:b7:6f:4b:1e:63:19:f6:c4:43:10:30:
63:27:50:d8:a5:3a:4c:35:16:d5:31:3d:9c:8f:c5:32:8d:a1:
c7:31:0b:57:e9:09:f6:16:48:d9:84:b6:32:ce:09:57:1e:06:
b3:a0:9a:14:e5:95:6d:cf:ea:85:7d:b1:aa:4d:bc:0e:4c:71:
08:d4:c7:48:0e:0a:07:a5:60:23:9c:86:60:13:c1:98:ff:d3:
24:12:0f:04:f5:b2:52:d1:07:1c:fa:31:39:41:29:4c:0f:f6:
50:fb:c4:63:3a:56:68:02:42:2c:a5:5f:29:6c:c2:59:15:eb:
25:9f:06:a6:2c:20:1d:38:a5:e8:47:e8:ab:6f:9d:b7:4d:b7:
07:a9:1a:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8sCpdjpsXGEa7/BTNDvrRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTVjOTBjYTkyODMxM2JjNzBkMjY4M2JiMGY2NGQ2MzJi
MjczYTEwHhcNMjQwNDI5MjI0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA3MmQyY2ZjZDk4OWNhNWExN2ZkMDg0N2I5ODFhMmQ2ZmY4YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO00Si8llSd54J3hrBhlAqpBOX/i
GN7qxnnjJJM+svpKrmNvedEkLqxYW52331mCzQZRb3LfaxFU19RsufXnhLqsEpvf
gt24B1CjNAh4t47j8+/iIs/tTMSe8bFhHijao72aGR7Oy/CAbi8DOqNiP/CPJ0/m
/9pAGiapygSPMOHKCmBh2VMuOwWeQjFpRQULGjV0KBkCbkBtiF5QWJecvVWwL0X2
d8cp0MT53r5R0f0qP4xAw1g/pFO9Eu0ki5y0ITT0W/uEW5J+UBAOa/kxs3vKlo9C
taOosPLd1EtIq/qZm4OadFwgNU10wWCmnZqiRZ/l2Ert8w4Ji/jnSvTYxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNQHLSz82YnKWhf9CEe5gaLW/4tOMB8GA1UdIwQY
MBaAFFKlyQypKDE7xw0mg7sPZNYysnOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUt
MTNlZDYzM2Y5MjJhLzEvMUFjdExQelppY3BhRl8wSVI3bUJvdGJfaTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUtMTNlZDYzM2Y5MjJh
LzEvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUEl4AwQC
UFhMAwQCuUwoMA0GCSqGSIb3DQEBCwUAA4IBAQAzI+sn0TnoPW414d6qD0QQPc4q
lOOPJ4lYOc+8RIp9pGdaQWkXfkhDdHg4OqmBVaXtp1lQjTFgiJXDhMCqJWJbgwa1
2JBQSJSvIYQsyVIMF39DRc3oXDPwYxF2LijOReWkzVyjwDGs2OTowtq4eVE33hYm
t29LHmMZ9sRDEDBjJ1DYpTpMNRbVMT2cj8UyjaHHMQtX6Qn2FkjZhLYyzglXHgaz
oJoU5ZVtz+qFfbGqTbwOTHEI1MdIDgoHpWAjnIZgE8GY/9MkEg8E9bJS0Qcc+jE5
QSlMD/ZQ+8RjOlZoAkIspV8pbMJZFeslnwamLCAdOKXoR+irb523TbcHqRqj
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:49:07 2024 by rpki-client on console-fra.rpki-client.org