Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/V1aCGoWzwn4nTK42ETnXtzL7i-A.roa
File: V1aCGoWzwn4nTK42ETnXtzL7i-A.roa (raw, json)
Hash identifier: 3lupH59htxN/pB5SqWUWGO+Mhosr1PWd7GPvuOqI1EY=
Subject key identifier: 57:56:82:1A:85:B3:C2:7E:27:4C:AE:36:11:39:D7:B7:32:FB:8B:E0
Certificate issuer: /CN=500151e464b29791376c0c57beb40c584ef5a1cf
Certificate serial: 018CC348E33DF40D7DDF56C847D04F448D07
Authority key identifier: 50:01:51:E4:64:B2:97:91:37:6C:0C:57:BE:B4:0C:58:4E:F5:A1:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/V1aCGoWzwn4nTK42ETnXtzL7i-A.roa
Signing time: Mon 01 Jan 2024 04:29:43 +0000
ROA not before: Mon 01 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41068
IP address blocks: 185.222.48.0/24 maxlen: 24
185.222.51.0/24 maxlen: 24
185.222.49.0/24 maxlen: 24
185.222.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/UAFR5GSyl5E3bAxXvrQMWE71oc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/UAFR5GSyl5E3bAxXvrQMWE71oc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e3:3d:f4:0d:7d:df:56:c8:47:d0:4f:44:8d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=500151e464b29791376c0c57beb40c584ef5a1cf
Validity
Not Before: Jan 1 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5756821a85b3c27e274cae361139d7b732fb8be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d3:8a:de:de:2d:1f:21:96:43:47:40:82:2a:
02:f8:fd:e5:d2:70:4b:51:c7:0f:0b:f9:91:70:bd:
e4:22:58:b3:cf:34:1c:bc:1c:76:fc:7e:ce:91:cf:
8c:ca:d8:74:7f:7b:ad:d0:30:c7:10:3b:52:7a:3d:
6b:ad:13:65:2b:fe:97:8b:31:fe:47:98:b4:5c:cb:
a5:f5:f1:3d:6c:f5:70:1e:be:c8:79:8e:a4:33:46:
4a:c1:78:83:ce:54:e8:e1:1f:98:16:e0:92:ec:35:
26:05:d8:82:7a:e5:55:96:c9:43:a9:b5:d4:da:34:
65:cf:5e:aa:47:a8:72:dd:85:01:a6:a0:b6:5a:5f:
48:6a:b2:6c:f1:53:9b:be:8d:a4:c6:77:58:60:69:
c6:bd:87:11:29:a3:be:e7:ba:c5:de:a6:af:d7:10:
85:21:8e:84:d4:8b:33:78:07:fb:03:e2:f8:ee:d5:
59:f5:95:be:27:f1:b6:3a:31:d8:ac:23:4b:f2:a8:
30:f8:76:18:b2:8a:9c:64:32:ab:cb:89:12:4e:0c:
e4:22:c2:4b:a7:58:8a:06:8b:72:bf:bd:46:7b:44:
01:7e:9e:6d:0c:b1:d6:97:fe:27:52:8a:d5:86:06:
c2:8e:6b:70:2c:7e:df:6f:b7:66:b0:f9:ca:8c:80:
52:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:56:82:1A:85:B3:C2:7E:27:4C:AE:36:11:39:D7:B7:32:FB:8B:E0
X509v3 Authority Key Identifier:
keyid:50:01:51:E4:64:B2:97:91:37:6C:0C:57:BE:B4:0C:58:4E:F5:A1:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/V1aCGoWzwn4nTK42ETnXtzL7i-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/UAFR5GSyl5E3bAxXvrQMWE71oc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.48.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:97:2b:fe:c0:ca:59:d0:60:b8:07:7a:6e:a0:80:98:03:b2:
03:30:bd:a4:2d:bb:08:14:85:c2:97:6b:df:67:b1:b3:51:33:
e8:8d:a3:31:49:c6:75:d5:91:19:4d:e9:7a:d2:a6:73:51:af:
fd:be:ca:97:3a:69:3a:e1:c3:1b:56:cf:0f:96:06:fd:ef:dc:
5e:43:98:36:b4:34:d4:e2:fa:4f:3e:5d:3f:2d:ff:f7:12:f0:
98:0e:cb:1d:dd:eb:9a:91:87:05:24:30:c8:2a:4b:e7:9f:a6:
e1:0e:85:45:16:8a:b8:9a:b1:af:6f:d0:a4:bd:bd:fe:c8:46:
15:1d:64:8b:6d:73:f0:f2:e3:4c:19:ec:b2:6a:4b:8b:a7:4b:
62:b8:96:1b:12:66:3e:93:1d:5a:10:42:a8:7e:f1:1c:68:00:
6b:aa:c0:cd:b7:10:e4:69:72:00:09:6f:fc:92:7a:29:5d:a7:
3f:e1:03:62:16:a6:5a:12:40:2f:57:ab:c3:ef:ca:55:73:4d:
92:34:88:e4:79:2e:d8:e8:d4:6a:7d:b3:96:51:79:4e:1a:c6:
00:51:7e:d5:8b:6b:75:b7:c9:f3:a2:b5:50:a1:d3:1f:1a:c2:
99:ad:3a:a7:04:04:1d:3e:c4:2d:51:e6:4f:00:29:6e:6f:cd:
49:b6:ca:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOM99A1931bIR9BPRI0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMDE1MWU0NjRiMjk3OTEzNzZjMGM1N2JlYjQwYzU4NGVm
NWExY2YwHhcNMjQwMTAxMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzU2ODIxYTg1YjNjMjdlMjc0Y2FlMzYxMTM5ZDdiNzMyZmI4YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtOK3t4tHyGWQ0dAgioC+P3l0nBL
UccPC/mRcL3kIlizzzQcvBx2/H7Okc+Myth0f3ut0DDHEDtSej1rrRNlK/6XizH+
R5i0XMul9fE9bPVwHr7IeY6kM0ZKwXiDzlTo4R+YFuCS7DUmBdiCeuVVlslDqbXU
2jRlz16qR6hy3YUBpqC2Wl9IarJs8VObvo2kxndYYGnGvYcRKaO+57rF3qav1xCF
IY6E1IszeAf7A+L47tVZ9ZW+J/G2OjHYrCNL8qgw+HYYsoqcZDKry4kSTgzkIsJL
p1iKBotyv71Ge0QBfp5tDLHWl/4nUorVhgbCjmtwLH7fb7dmsPnKjIBSlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdWghqFs8J+J0yuNhE517cy+4vgMB8GA1UdIwQY
MBaAFFABUeRkspeRN2wMV760DFhO9aHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUFGUjVHU3lsNUUzYkF4WHZyUU1XRTcxb2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80YTEyYzItOWJlZC00NWRkLTg2M2Mt
MGI5ZmI5N2U1MjlkLzEvVjFhQ0dvV3p3bjRuVEs0MkVUblh0ekw3aS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80YTEyYzItOWJlZC00NWRkLTg2M2MtMGI5ZmI5N2U1Mjlk
LzEvVUFGUjVHU3lsNUUzYkF4WHZyUU1XRTcxb2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud4wMA0G
CSqGSIb3DQEBCwUAA4IBAQCjlyv+wMpZ0GC4B3puoICYA7IDML2kLbsIFIXCl2vf
Z7GzUTPojaMxScZ11ZEZTel60qZzUa/9vsqXOmk64cMbVs8Plgb979xeQ5g2tDTU
4vpPPl0/Lf/3EvCYDssd3euakYcFJDDIKkvnn6bhDoVFFoq4mrGvb9Ckvb3+yEYV
HWSLbXPw8uNMGeyyakuLp0tiuJYbEmY+kx1aEEKofvEcaABrqsDNtxDkaXIACW/8
knopXac/4QNiFqZaEkAvV6vD78pVc02SNIjkeS7Y6NRqfbOWUXlOGsYAUX7Vi2t1
t8nzorVQodMfGsKZrTqnBAQdPsQtUeZPAClub81Jtsp6
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:55:31 2024 by rpki-client on console-ams.rpki-client.org