Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/J5MRXSYfa9QtIaMfbm2oxEi-b7w.roa
File: J5MRXSYfa9QtIaMfbm2oxEi-b7w.roa (raw, json)
Hash identifier: Lm+QYBtFZcYU19tcNQwvBFCcfgt11gPEP9r3rewXPqw=
Subject key identifier: 27:93:11:5D:26:1F:6B:D4:2D:21:A3:1F:6E:6D:A8:C4:48:BE:6F:BC
Certificate issuer: /CN=41c8d0241108b01f5eb708fe8bbb847d53a30f16
Certificate serial: 018CC4932E42EE6A53A17C192BF789B4A08D
Authority key identifier: 41:C8:D0:24:11:08:B0:1F:5E:B7:08:FE:8B:BB:84:7D:53:A3:0F:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/J5MRXSYfa9QtIaMfbm2oxEi-b7w.roa
Signing time: Mon 01 Jan 2024 10:30:29 +0000
ROA not before: Mon 01 Jan 2024 10:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201160
IP address blocks: 185.163.33.0/24 maxlen: 24
185.163.32.0/24 maxlen: 24
185.163.35.0/24 maxlen: 24
185.163.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:2e:42:ee:6a:53:a1:7c:19:2b:f7:89:b4:a0:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41c8d0241108b01f5eb708fe8bbb847d53a30f16
Validity
Not Before: Jan 1 10:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2793115d261f6bd42d21a31f6e6da8c448be6fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:89:43:ce:ce:a0:87:60:d1:cd:1e:ac:3d:67:
59:72:56:4f:5a:07:fb:fb:9e:70:87:44:da:c8:85:
14:8e:51:14:44:89:22:fa:50:c9:a9:ef:e1:a1:9d:
cd:1b:fc:47:fb:2e:ef:fb:f5:b1:80:3d:fb:55:f9:
76:75:38:c7:11:94:af:3f:a4:64:cd:20:93:ab:b5:
ec:aa:d4:03:ed:6a:9a:a7:ee:5d:88:48:ef:95:5d:
37:aa:97:19:af:06:c8:f1:5b:95:07:7b:1d:b4:58:
4a:4f:dd:ce:8f:07:8e:f6:28:22:35:08:31:b4:32:
f0:fb:71:1a:4d:7c:16:6d:e8:d1:b4:9d:e7:87:26:
48:b6:d8:11:9f:79:0c:30:67:c9:1d:b7:b7:24:46:
b8:74:6d:e8:c7:d7:b8:f6:66:f8:ed:a2:1e:d6:34:
19:0e:56:2f:50:de:24:23:bc:e2:bb:a9:2f:5d:1d:
52:a4:48:f8:96:f7:cd:f6:4f:e7:c2:50:64:79:69:
cd:c7:c7:df:d9:dc:1c:3c:e5:0e:4e:64:9e:e0:ed:
23:5b:99:c5:5e:e5:ef:10:a1:d6:19:5a:30:b9:58:
92:25:3c:55:a0:0b:d5:ae:f1:6d:66:e7:0c:51:93:
cd:e0:8f:e8:3e:63:7e:6d:3e:1a:54:5e:97:1c:ba:
9d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:93:11:5D:26:1F:6B:D4:2D:21:A3:1F:6E:6D:A8:C4:48:BE:6F:BC
X509v3 Authority Key Identifier:
keyid:41:C8:D0:24:11:08:B0:1F:5E:B7:08:FE:8B:BB:84:7D:53:A3:0F:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/J5MRXSYfa9QtIaMfbm2oxEi-b7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.32.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:12:af:10:05:fe:7f:3f:45:15:bc:70:a2:63:2f:09:e1:5c:
e1:10:13:ef:60:a2:79:50:ed:f7:f5:e6:e1:0f:2b:44:9f:50:
35:7b:2c:6d:01:4e:84:a6:84:75:20:62:96:8f:7d:8b:7a:5a:
99:c7:33:db:be:07:77:77:df:42:e2:e1:bc:0a:0b:5c:4e:66:
d1:52:81:62:a2:b8:12:12:ce:bd:6b:52:64:55:8c:2c:ef:46:
7a:b1:b1:58:62:a7:07:9e:c9:02:f8:fd:07:ef:6b:62:37:54:
86:05:eb:c0:f9:ba:40:a1:5c:d2:b6:ca:50:30:92:27:b5:4c:
cd:83:06:6c:92:f6:bf:3e:a5:51:fe:e7:b4:6b:5a:0b:b4:cd:
5f:ef:af:db:7f:6d:d3:d2:77:83:0d:d0:a8:ef:f7:47:01:53:
0f:5a:85:32:74:94:a2:08:0d:c9:eb:ee:66:cc:fa:9e:14:c4:
63:9b:83:31:92:2b:01:b0:a6:91:f2:f0:d3:bb:ab:fd:5a:bc:
98:54:6a:f1:90:6b:e8:09:47:22:3e:1b:b1:48:81:17:64:ac:
68:45:d1:bf:06:17:dd:be:b9:bf:af:f1:a8:a5:f7:35:54:0a:
ec:be:ff:11:4c:05:f3:2b:18:ef:d8:02:ba:18:a7:bb:95:37:
94:5c:b3:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEky5C7mpToXwZK/eJtKCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzhkMDI0MTEwOGIwMWY1ZWI3MDhmZThiYmI4NDdkNTNh
MzBmMTYwHhcNMjQwMTAxMTAzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzkzMTE1ZDI2MWY2YmQ0MmQyMWEzMWY2ZTZkYThjNDQ4YmU2ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgolDzs6gh2DRzR6sPWdZclZPWgf7
+55wh0TayIUUjlEURIki+lDJqe/hoZ3NG/xH+y7v+/WxgD37Vfl2dTjHEZSvP6Rk
zSCTq7XsqtQD7Wqap+5diEjvlV03qpcZrwbI8VuVB3sdtFhKT93OjweO9igiNQgx
tDLw+3EaTXwWbejRtJ3nhyZIttgRn3kMMGfJHbe3JEa4dG3ox9e49mb47aIe1jQZ
DlYvUN4kI7ziu6kvXR1SpEj4lvfN9k/nwlBkeWnNx8ff2dwcPOUOTmSe4O0jW5nF
XuXvEKHWGVowuViSJTxVoAvVrvFtZucMUZPN4I/oPmN+bT4aVF6XHLqdGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeTEV0mH2vULSGjH25tqMRIvm+8MB8GA1UdIwQY
MBaAFEHI0CQRCLAfXrcI/ou7hH1Tow8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNqUUpCRUlzQjlldHdqLWk3dUVmVk9qRHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mZDdhZjItNTAzNi00MmFjLWEzZjct
ZDU5NmVjMTRlZTJlLzEvSjVNUlhTWWZhOVF0SWFNZmJtMm94RWktYjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mZDdhZjItNTAzNi00MmFjLWEzZjctZDU5NmVjMTRlZTJl
LzEvUWNqUUpCRUlzQjlldHdqLWk3dUVmVk9qRHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaMgMA0G
CSqGSIb3DQEBCwUAA4IBAQBOEq8QBf5/P0UVvHCiYy8J4VzhEBPvYKJ5UO339ebh
DytEn1A1eyxtAU6EpoR1IGKWj32LelqZxzPbvgd3d99C4uG8CgtcTmbRUoFiorgS
Es69a1JkVYws70Z6sbFYYqcHnskC+P0H72tiN1SGBevA+bpAoVzStspQMJIntUzN
gwZskva/PqVR/ue0a1oLtM1f76/bf23T0neDDdCo7/dHAVMPWoUydJSiCA3J6+5m
zPqeFMRjm4MxkisBsKaR8vDTu6v9WryYVGrxkGvoCUciPhuxSIEXZKxoRdG/Bhfd
vrm/r/Gopfc1VArsvv8RTAXzKxjv2AK6GKe7lTeUXLMA
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:54 2024 by rpki-client on console-fra.rpki-client.org