Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/U0fXtsdMJsCqzQ5LVxBYaHLkkg0.roa
File: U0fXtsdMJsCqzQ5LVxBYaHLkkg0.roa (raw, json)
Hash identifier: vJ6r+zZnSn0nYek2HSwm3VmJB/VL+M886jQOrTIVCDU=
Subject key identifier: 53:47:D7:B6:C7:4C:26:C0:AA:CD:0E:4B:57:10:58:68:72:E4:92:0D
Certificate issuer: /CN=3ebd5f8bb5a594d67b5ce807a84c59dde569a775
Certificate serial: 01920FDE2136796870F44A5FE6036420B1A9
Authority key identifier: 3E:BD:5F:8B:B5:A5:94:D6:7B:5C:E8:07:A8:4C:59:DD:E5:69:A7:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/U0fXtsdMJsCqzQ5LVxBYaHLkkg0.roa
Signing time: Fri 20 Sep 2024 14:37:48 +0000
ROA not before: Fri 20 Sep 2024 14:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35542
IP address blocks: 80.92.128.0/20 maxlen: 20
185.128.0.0/22 maxlen: 24
185.128.2.0/24 maxlen: 24
185.128.3.0/24 maxlen: 24
193.222.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:de:21:36:79:68:70:f4:4a:5f:e6:03:64:20:b1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebd5f8bb5a594d67b5ce807a84c59dde569a775
Validity
Not Before: Sep 20 14:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5347d7b6c74c26c0aacd0e4b5710586872e4920d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c2:00:46:30:5f:44:41:e4:80:9c:3b:bd:7e:
24:0c:15:04:bd:8c:c5:78:9c:7c:e2:c5:30:10:3c:
94:f9:2d:c5:57:cd:ea:8d:c1:0c:a1:64:59:5e:8e:
d5:49:79:19:17:bd:cc:88:de:53:c2:75:3a:80:69:
9f:a8:77:d0:9f:2d:71:a6:87:08:d9:c3:3b:3c:36:
f8:df:97:18:fa:c3:c8:ff:84:94:84:53:cd:24:ce:
67:89:a4:cd:5b:9a:fb:91:02:ee:46:7c:68:34:80:
5e:8a:41:17:2f:6b:e9:72:fa:27:a5:92:0c:6a:6d:
8f:1a:19:08:31:a5:39:72:86:8e:43:77:5e:3c:75:
0e:0e:1f:88:09:6a:18:5f:d6:5c:27:7d:99:db:b9:
61:28:f9:e7:6b:80:ac:4f:3a:4a:d0:c4:06:8c:43:
68:2d:58:10:99:b0:b4:a5:82:75:4b:ff:55:de:d8:
26:8e:68:8d:a7:35:d5:4a:9d:3f:86:d2:b2:65:3b:
00:60:ef:3b:26:f0:ba:96:05:03:aa:ff:7e:ee:cb:
21:47:56:31:de:c1:6b:79:28:5f:36:5b:62:cc:3c:
39:71:ab:8a:ec:c0:6e:21:09:1c:eb:c6:27:bf:b4:
a8:0d:17:16:9b:60:43:dd:1b:eb:db:84:38:9d:b4:
82:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:47:D7:B6:C7:4C:26:C0:AA:CD:0E:4B:57:10:58:68:72:E4:92:0D
X509v3 Authority Key Identifier:
keyid:3E:BD:5F:8B:B5:A5:94:D6:7B:5C:E8:07:A8:4C:59:DD:E5:69:A7:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/U0fXtsdMJsCqzQ5LVxBYaHLkkg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.128.0/20
185.128.0.0/22
193.222.141.0/24
Signature Algorithm: sha256WithRSAEncryption
75:4d:26:08:3e:17:04:8b:34:6b:c3:13:53:10:ce:1a:0a:d0:
ba:f1:ad:54:ce:57:b0:6d:6e:02:1a:0e:4f:b4:57:0f:c9:41:
49:53:9d:b0:11:44:7f:9e:fd:6a:c2:c2:ce:19:f5:b4:3a:64:
ea:cb:56:50:23:82:a6:7c:bf:e3:f9:83:61:3b:22:17:20:3a:
e7:d4:08:1a:b2:c3:17:0a:ee:ef:65:f1:a5:01:1a:b0:66:81:
8d:97:41:d5:af:4c:e5:b4:ee:bf:72:86:11:9f:8e:d1:77:09:
1b:ee:40:a6:c1:36:69:5b:7d:4f:be:de:bd:6b:f1:dd:c8:e2:
13:e9:c0:fc:bb:5f:aa:cd:2b:d4:83:d6:8b:0d:15:02:33:c2:
af:73:44:1c:df:18:8d:63:ad:d7:30:b2:3d:f5:22:46:fd:56:
d8:7a:fc:b4:c3:31:75:06:e8:27:f7:7f:30:5b:58:21:74:d8:
12:b7:30:71:f5:5b:ba:2c:07:9d:a0:10:39:62:fa:c4:f5:95:
6f:c7:7e:d9:42:7d:f4:cb:2b:a8:af:12:4b:24:2a:c2:7d:63:
51:fe:92:f4:da:44:46:2d:b5:51:b2:8b:16:c6:b9:7b:c1:67:
1d:b9:16:01:0d:ff:1e:82:76:8b:25:bf:02:f4:28:b1:c9:1d:
0e:5f:93:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIP3iE2eWhw9Epf5gNkILGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmQ1ZjhiYjVhNTk0ZDY3YjVjZTgwN2E4NGM1OWRkZTU2
OWE3NzUwHhcNMjQwOTIwMTQzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQ3ZDdiNmM3NGMyNmMwYWFjZDBlNGI1NzEwNTg2ODcyZTQ5MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58IARjBfREHkgJw7vX4kDBUEvYzF
eJx84sUwEDyU+S3FV83qjcEMoWRZXo7VSXkZF73MiN5TwnU6gGmfqHfQny1xpocI
2cM7PDb435cY+sPI/4SUhFPNJM5niaTNW5r7kQLuRnxoNIBeikEXL2vpcvonpZIM
am2PGhkIMaU5coaOQ3dePHUODh+ICWoYX9ZcJ32Z27lhKPnna4CsTzpK0MQGjENo
LVgQmbC0pYJ1S/9V3tgmjmiNpzXVSp0/htKyZTsAYO87JvC6lgUDqv9+7sshR1Yx
3sFreShfNltizDw5cauK7MBuIQkc68Ynv7SoDRcWm2BD3Rvr24Q4nbSCyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFNH17bHTCbAqs0OS1cQWGhy5JINMB8GA1UdIwQY
MBaAFD69X4u1pZTWe1zoB6hMWd3laad1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHIxZmk3V2xsTlo3WE9nSHFFeFozZVZwcDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jZWE1Y2YtMDc4Mi00MGQxLTg5MTMt
OTI3MTJmOTVlMzM2LzEvVTBmWHRzZE1Kc0NxelE1TFZ4QllhSExra2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jZWE1Y2YtMDc4Mi00MGQxLTg5MTMtOTI3MTJmOTVlMzM2
LzEvUHIxZmk3V2xsTlo3WE9nSHFFeFozZVZwcDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUFyAAwQC
uYAAAwQAwd6NMA0GCSqGSIb3DQEBCwUAA4IBAQB1TSYIPhcEizRrwxNTEM4aCtC6
8a1UzlewbW4CGg5PtFcPyUFJU52wEUR/nv1qwsLOGfW0OmTqy1ZQI4KmfL/j+YNh
OyIXIDrn1AgassMXCu7vZfGlARqwZoGNl0HVr0zltO6/coYRn47Rdwkb7kCmwTZp
W31Pvt69a/HdyOIT6cD8u1+qzSvUg9aLDRUCM8Kvc0Qc3xiNY63XMLI99SJG/VbY
evy0wzF1Bugn938wW1ghdNgStzBx9Vu6LAedoBA5YvrE9ZVvx37ZQn30yyuorxJL
JCrCfWNR/pL02kRGLbVRsosWxrl7wWcduRYBDf8egnaLJb8C9CixyR0OX5M6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:36 2024 by rpki-client on console-ams.rpki-client.org