Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zUfetoVe1Qb7MOBguI3ZTyxboB8.roa
File: zUfetoVe1Qb7MOBguI3ZTyxboB8.roa (raw, json)
Hash identifier: YxRCGsAd56b5H+5Vw23tncgfYEHFAHwBgG+xoOiIB4g=
Subject key identifier: CD:47:DE:B6:85:5E:D5:06:FB:30:E0:60:B8:8D:D9:4F:2C:5B:A0:1F
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AED02867D077E906FAC5DC9E0EB4D
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zUfetoVe1Qb7MOBguI3ZTyxboB8.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211975
IP address blocks: 31.47.239.0/24 maxlen: 24
94.247.46.0/23 maxlen: 24
178.251.225.0/24 maxlen: 24
178.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ed:02:86:7d:07:7e:90:6f:ac:5d:c9:e0:eb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd47deb6855ed506fb30e060b88dd94f2c5ba01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bd:05:76:15:73:45:e2:c9:57:36:76:6b:29:
5d:cf:47:1e:b9:72:46:ce:42:b4:5b:12:eb:e8:b6:
82:ab:b0:db:05:ad:ff:f6:c9:88:d5:cd:cb:0c:eb:
34:96:a7:da:6f:b0:2b:9e:92:49:29:e8:a9:b0:01:
6d:76:84:df:37:0f:7f:93:04:85:78:ad:a3:e6:5a:
d3:5a:90:88:2e:ba:29:bc:4b:5d:89:c5:67:a9:4f:
36:8f:c3:b7:d2:6c:69:3c:cf:55:55:a6:ea:c6:b7:
83:0c:0c:1e:41:e3:60:88:e3:d8:c8:ee:3c:c4:cc:
04:9e:0b:29:db:57:2d:d1:cc:5f:c6:57:9f:5e:c9:
ff:9e:bc:35:14:9c:7a:a4:af:c2:43:a8:d1:71:17:
41:80:66:d7:bf:53:fb:98:4d:e3:b3:56:d0:e5:0d:
75:fa:c9:a5:50:80:49:bc:4e:4a:d3:e7:92:51:b8:
e7:9e:ac:86:79:a9:dd:1d:ac:61:85:93:b1:36:2a:
02:96:dd:c5:92:f6:33:16:47:90:55:54:25:f6:a9:
34:00:9d:dd:2e:eb:45:ab:2f:dc:b4:4e:bd:a5:91:
d1:52:30:d9:33:f6:80:e3:31:b5:4c:9b:04:ca:84:
10:06:50:be:60:ac:b2:d9:86:4f:8d:96:c6:a2:77:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:47:DE:B6:85:5E:D5:06:FB:30:E0:60:B8:8D:D9:4F:2C:5B:A0:1F
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zUfetoVe1Qb7MOBguI3ZTyxboB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.239.0/24
94.247.46.0/23
178.251.225.0/24
178.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b8:37:15:9d:d6:f9:ad:a5:8f:25:17:6c:e2:1c:5f:3b:62:
c3:8a:5b:65:fc:19:bd:73:45:5b:ad:64:49:db:ed:2c:55:6e:
dc:da:dd:86:50:53:19:0c:dd:d1:1f:db:0e:82:e7:df:68:8b:
3f:39:0e:40:64:11:88:55:dc:22:b2:0c:9c:ef:5a:49:c0:1c:
e8:80:5e:94:9a:51:f7:3b:0e:e5:76:e6:24:ac:a2:1d:91:c8:
41:0d:0e:92:f0:9e:23:52:c0:c0:90:b0:30:75:92:ad:93:d6:
4d:53:27:3a:f2:01:d9:e5:5b:c5:ae:95:3d:a3:8e:71:e7:8d:
d8:15:bc:05:f2:6c:44:6b:0f:31:af:8c:c4:13:7b:d6:62:17:
44:0e:71:a4:ff:2e:a4:38:ca:ba:6c:d8:e9:13:29:26:50:3b:
7e:01:c5:62:84:0e:53:b4:6c:5d:96:81:1b:ab:b3:b3:1f:08:
1a:d3:f4:9f:85:f9:d3:fc:ec:df:a4:80:e2:b0:d5:cd:57:cb:
52:81:2c:35:a7:4c:a8:ab:93:64:82:80:f2:83:d8:2a:0d:ca:
a3:66:f8:95:97:44:b6:db:c1:5d:8f:a0:14:f2:32:06:79:85:
c2:e3:87:55:18:df:66:a5:4f:66:ac:b7:6e:dd:74:63:9c:79:
60:57:32:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSu0Chn0HfpBvrF3J4OtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQ3ZGViNjg1NWVkNTA2ZmIzMGUwNjBiODhkZDk0ZjJjNWJhMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr0FdhVzReLJVzZ2ayldz0ceuXJG
zkK0WxLr6LaCq7DbBa3/9smI1c3LDOs0lqfab7ArnpJJKeipsAFtdoTfNw9/kwSF
eK2j5lrTWpCILropvEtdicVnqU82j8O30mxpPM9VVabqxreDDAweQeNgiOPYyO48
xMwEngsp21ct0cxfxlefXsn/nrw1FJx6pK/CQ6jRcRdBgGbXv1P7mE3js1bQ5Q11
+smlUIBJvE5K0+eSUbjnnqyGeandHaxhhZOxNioClt3FkvYzFkeQVVQl9qk0AJ3d
LutFqy/ctE69pZHRUjDZM/aA4zG1TJsEyoQQBlC+YKyy2YZPjZbGoneN6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM1H3raFXtUG+zDgYLiN2U8sW6AfMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvelVmZXRvVmUxUWI3TU9CZ3VJM1pUeXhib0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHy/vAwQB
XvcuAwQAsvvhAwQAsvvnMA0GCSqGSIb3DQEBCwUAA4IBAQBbuDcVndb5raWPJRds
4hxfO2LDiltl/Bm9c0VbrWRJ2+0sVW7c2t2GUFMZDN3RH9sOguffaIs/OQ5AZBGI
Vdwisgyc71pJwBzogF6UmlH3Ow7lduYkrKIdkchBDQ6S8J4jUsDAkLAwdZKtk9ZN
Uyc68gHZ5VvFrpU9o45x543YFbwF8mxEaw8xr4zEE3vWYhdEDnGk/y6kOMq6bNjp
EykmUDt+AcVihA5TtGxdloEbq7OzHwga0/SfhfnT/OzfpIDisNXNV8tSgSw1p0yo
q5NkgoDyg9gqDcqjZviVl0S228Fdj6AU8jIGeYXC44dVGN9mpU9mrLdu3XRjnHlg
VzLV
-----END CERTIFICATE-----
Generated at Tue May 7 11:10:58 2024 by rpki-client on console-fra.rpki-client.org