Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/WmFWq4_Vu-zfGwZTLuj0JN2QLUU.roa
File: WmFWq4_Vu-zfGwZTLuj0JN2QLUU.roa (raw, json)
Hash identifier: qQM7l1kSC5k8wMgpTEajcrG2vnLqeRG/cynENbftnZM=
Subject key identifier: 5A:61:56:AB:8F:D5:BB:EC:DF:1B:06:53:2E:E8:F4:24:DD:90:2D:45
Certificate issuer: /CN=be6144b459bce139f2734a44fbdb46c981329b2b
Certificate serial: 018CCA2B3CF1D0087ADDD40043D7567CBF21
Authority key identifier: BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/WmFWq4_Vu-zfGwZTLuj0JN2QLUU.roa
Signing time: Tue 02 Jan 2024 12:34:40 +0000
ROA not before: Tue 02 Jan 2024 12:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29007
IP address blocks: 185.9.124.0/22 maxlen: 22
217.28.144.0/20 maxlen: 20
46.182.96.0/21 maxlen: 21
78.154.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:3c:f1:d0:08:7a:dd:d4:00:43:d7:56:7c:bf:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be6144b459bce139f2734a44fbdb46c981329b2b
Validity
Not Before: Jan 2 12:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a6156ab8fd5bbecdf1b06532ee8f424dd902d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:07:d3:b0:e9:c0:f3:3d:fa:52:60:78:66:65:
60:23:29:55:c6:70:07:dd:92:33:af:d5:22:9a:6e:
05:08:08:13:b0:3a:bd:9f:59:2d:25:59:4c:45:34:
85:48:9e:9a:0b:f7:29:cb:a4:8f:23:7b:74:81:e1:
57:61:1f:1d:3e:1e:fd:25:4c:d9:9d:ff:c3:64:2b:
c9:17:df:3d:c0:80:b2:57:f3:16:97:50:23:58:ae:
d3:17:00:fc:c6:1e:33:c6:a1:78:d5:29:32:3d:4f:
39:e9:95:b2:ff:60:07:ba:28:c2:02:b9:2e:1e:ca:
75:6f:10:7a:b7:69:e5:7c:ae:30:da:94:91:2c:02:
b1:29:f3:eb:3c:7d:95:f5:21:ab:c7:9e:34:02:d8:
16:39:30:46:19:3e:2a:5a:c1:f4:53:35:4f:af:e3:
7e:d4:6c:77:33:1c:45:9b:a5:bb:bc:2d:7f:d2:dd:
03:63:84:d7:15:2d:aa:38:fb:41:07:9c:93:6d:0e:
0a:e9:5c:36:29:3c:0e:1f:39:9b:79:af:81:dd:77:
e9:26:77:07:ff:50:10:4e:e0:07:79:c3:d8:59:3a:
82:02:47:58:66:a8:94:b4:af:5b:dd:cf:dd:62:d3:
f3:0d:ce:24:5f:9b:00:b8:8d:71:74:3f:93:1c:a1:
3f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:61:56:AB:8F:D5:BB:EC:DF:1B:06:53:2E:E8:F4:24:DD:90:2D:45
X509v3 Authority Key Identifier:
keyid:BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/WmFWq4_Vu-zfGwZTLuj0JN2QLUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.96.0/21
78.154.64.0/19
185.9.124.0/22
217.28.144.0/20
Signature Algorithm: sha256WithRSAEncryption
48:dc:14:b2:20:41:e8:53:b7:ac:bb:ea:30:03:a3:09:31:9a:
49:c5:57:36:02:70:5e:0f:6c:56:9e:52:b2:b5:ca:f7:34:d5:
58:f8:3f:81:1d:16:82:c7:dc:ac:4d:9b:63:d0:ee:cb:2a:8c:
98:f2:99:43:71:8b:9c:99:45:3d:f1:7d:9d:b2:72:07:e0:60:
96:a6:fb:7b:7e:94:53:c7:45:16:a5:85:c8:eb:19:03:6e:03:
f4:67:7b:92:82:fa:57:a5:9c:c8:cc:c1:c6:4e:55:46:c3:f7:
b4:a7:52:13:e7:cb:3c:2b:f1:f9:a7:2c:72:32:70:ab:e6:93:
8b:88:83:c7:d6:b0:bc:45:76:80:09:03:b9:f0:80:cd:17:f3:
4b:9c:da:15:70:6e:2c:27:f8:f1:a9:bb:77:31:4c:6a:5f:f7:
83:58:79:64:74:30:8e:13:c1:08:a7:12:14:73:90:eb:0c:c2:
1b:63:ce:8f:8b:d2:d3:ba:50:dd:b8:c5:53:ec:04:e1:6c:db:
e1:60:34:fa:75:7a:27:2c:49:16:56:39:74:e4:61:f7:b8:14:
a1:a6:ce:43:4b:ae:9f:ef:24:34:f7:88:57:f3:ba:35:d3:40:
c3:4c:7b:e3:fa:ed:1b:0d:31:df:6a:c1:73:50:fc:99:e7:c4:
84:2a:8f:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKzzx0Ah63dQAQ9dWfL8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjE0NGI0NTliY2UxMzlmMjczNGE0NGZiZGI0NmM5ODEz
MjliMmIwHhcNMjQwMTAyMTIzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTYxNTZhYjhmZDViYmVjZGYxYjA2NTMyZWU4ZjQyNGRkOTAyZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigfTsOnA8z36UmB4ZmVgIylVxnAH
3ZIzr9Uimm4FCAgTsDq9n1ktJVlMRTSFSJ6aC/cpy6SPI3t0geFXYR8dPh79JUzZ
nf/DZCvJF989wICyV/MWl1AjWK7TFwD8xh4zxqF41SkyPU856ZWy/2AHuijCArku
Hsp1bxB6t2nlfK4w2pSRLAKxKfPrPH2V9SGrx540AtgWOTBGGT4qWsH0UzVPr+N+
1Gx3MxxFm6W7vC1/0t0DY4TXFS2qOPtBB5yTbQ4K6Vw2KTwOHzmbea+B3XfpJncH
/1AQTuAHecPYWTqCAkdYZqiUtK9b3c/dYtPzDc4kX5sAuI1xdD+THKE/LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFphVquP1bvs3xsGUy7o9CTdkC1FMB8GA1UdIwQY
MBaAFL5hRLRZvOE58nNKRPvbRsmBMpsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2Yt
MTdlZmE1N2IzOWQ3LzEvV21GV3E0X1Z1LXpmR3daVEx1ajBKTjJRTFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2YtMTdlZmE1N2IzOWQ3
LzEvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLrZgAwQF
TppAAwQCuQl8AwQE2RyQMA0GCSqGSIb3DQEBCwUAA4IBAQBI3BSyIEHoU7esu+ow
A6MJMZpJxVc2AnBeD2xWnlKytcr3NNVY+D+BHRaCx9ysTZtj0O7LKoyY8plDcYuc
mUU98X2dsnIH4GCWpvt7fpRTx0UWpYXI6xkDbgP0Z3uSgvpXpZzIzMHGTlVGw/e0
p1IT58s8K/H5pyxyMnCr5pOLiIPH1rC8RXaACQO58IDNF/NLnNoVcG4sJ/jxqbt3
MUxqX/eDWHlkdDCOE8EIpxIUc5DrDMIbY86Pi9LTulDduMVT7AThbNvhYDT6dXon
LEkWVjl05GH3uBShps5DS66f7yQ094hX87o100DDTHvj+u0bDTHfasFzUPyZ58SE
Ko8q
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:06 2024 by rpki-client on console-fra.rpki-client.org