Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/i1MOmfOUaQYxHpeJKD8pVQBjO8U.roa
File: i1MOmfOUaQYxHpeJKD8pVQBjO8U.roa (raw, json)
Hash identifier: qDEKt1s0KovGjUWstwFnhFDk3nByWjUNtLbQUd4MbYY=
Subject key identifier: 8B:53:0E:99:F3:94:69:06:31:1E:97:89:28:3F:29:55:00:63:3B:C5
Certificate issuer: /CN=5421ba4b539162d7ef191a5662049e51fdc3622b
Certificate serial: 018CC725DD2B235A0C41F4448E283BF8524A
Authority key identifier: 54:21:BA:4B:53:91:62:D7:EF:19:1A:56:62:04:9E:51:FD:C3:62:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCG6S1ORYtfvGRpWYgSeUf3DYis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/i1MOmfOUaQYxHpeJKD8pVQBjO8U.roa
Signing time: Mon 01 Jan 2024 22:29:56 +0000
ROA not before: Mon 01 Jan 2024 22:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13243
IP address blocks: 217.18.192.0/20 maxlen: 20
185.226.100.0/22 maxlen: 22
195.245.202.0/24 maxlen: 24
62.148.32.0/19 maxlen: 19
195.254.192.0/19 maxlen: 19
146.192.128.0/17 maxlen: 17
193.36.191.0/24 maxlen: 24
77.94.232.0/21 maxlen: 21
2a00:97c0::/32 maxlen: 32
2a00:ef8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/VCG6S1ORYtfvGRpWYgSeUf3DYis.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/VCG6S1ORYtfvGRpWYgSeUf3DYis.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCG6S1ORYtfvGRpWYgSeUf3DYis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:dd:2b:23:5a:0c:41:f4:44:8e:28:3b:f8:52:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5421ba4b539162d7ef191a5662049e51fdc3622b
Validity
Not Before: Jan 1 22:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b530e99f3946906311e9789283f295500633bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:92:86:e2:86:74:b5:3e:d0:d8:61:86:4c:f8:
1f:c1:e0:08:f9:22:e3:a8:5f:89:d8:01:63:ac:1e:
0e:37:ed:54:e2:2e:1e:e3:07:c7:6d:ef:d7:56:e6:
99:18:8a:10:78:a9:17:04:9b:2a:e2:39:f9:8b:14:
2b:e5:56:f5:56:64:1a:77:02:0b:0b:6f:ef:ff:e1:
55:53:1a:21:d5:4b:ce:b0:81:ff:e9:de:65:71:ac:
53:a5:e1:14:7f:19:74:17:9c:9c:d5:31:67:53:e5:
8a:e7:dd:d5:3b:bb:02:ea:f9:51:4e:24:00:7d:82:
63:e5:a8:7e:c4:e2:18:29:c2:e9:20:f8:d9:76:bd:
17:c4:c3:9d:1a:97:f8:4e:47:7d:91:9a:2d:c7:73:
b6:64:d0:36:b8:40:b8:79:68:2f:ef:07:d9:51:a8:
83:e5:55:56:a1:7e:b5:f0:59:b8:e7:78:04:7e:ba:
0c:38:64:84:ac:a5:a2:c2:22:ef:e8:98:65:7b:9b:
79:f3:63:6b:b0:46:c5:31:17:65:21:76:89:f9:36:
bd:ff:da:7b:7c:4d:a5:51:72:88:5a:e4:2c:dd:22:
85:09:6a:f0:49:b2:b8:53:05:72:15:15:97:81:89:
ea:67:ec:cd:50:d8:0e:39:6a:b0:ab:fe:98:06:ef:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:53:0E:99:F3:94:69:06:31:1E:97:89:28:3F:29:55:00:63:3B:C5
X509v3 Authority Key Identifier:
keyid:54:21:BA:4B:53:91:62:D7:EF:19:1A:56:62:04:9E:51:FD:C3:62:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCG6S1ORYtfvGRpWYgSeUf3DYis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/i1MOmfOUaQYxHpeJKD8pVQBjO8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/VCG6S1ORYtfvGRpWYgSeUf3DYis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.32.0/19
77.94.232.0/21
146.192.128.0/17
185.226.100.0/22
193.36.191.0/24
195.245.202.0/24
195.254.192.0/19
217.18.192.0/20
IPv6:
2a00:ef8::/32
2a00:97c0::/32
Signature Algorithm: sha256WithRSAEncryption
49:9e:f6:38:59:55:b0:e4:28:81:0d:d6:e0:50:d3:5e:2c:b4:
87:00:ad:0c:51:e8:40:b4:59:80:8f:62:5f:45:77:48:d8:fc:
2b:0e:a7:78:4e:5e:02:5e:67:f9:e8:c8:e9:26:31:0e:88:a3:
96:26:61:2c:79:66:20:be:07:78:84:50:84:fc:4b:5a:cc:75:
09:80:ab:dd:50:42:32:a9:cf:dc:9c:52:77:fb:44:33:5e:f6:
ec:82:ee:4b:6a:9f:d5:69:05:0e:79:e0:2a:88:e2:ba:af:40:
5c:45:b8:f6:8a:f6:b5:3b:9b:b0:3f:be:67:8f:26:e6:4f:64:
f7:bd:23:eb:e1:c3:3b:30:84:f5:e1:db:3d:4c:49:1b:18:9d:
2f:0b:b5:25:f2:a9:2a:fe:1e:66:05:58:ea:cf:10:21:be:cb:
0c:40:d7:c0:6d:3f:99:5b:18:84:87:07:95:84:b3:a3:d4:7c:
92:a0:cf:3c:49:12:04:b3:22:e1:cc:3e:54:9a:e3:1a:b1:89:
d5:4f:98:53:df:33:d9:d3:7c:63:4c:d4:f7:b7:87:5b:86:6f:
a3:ab:20:17:f0:b8:48:c9:1b:4d:ac:d6:b0:2d:93:eb:9a:c8:
7f:a9:01:71:63:97:24:45:37:6e:92:44:94:f5:ce:a1:33:22:
d0:31:62:8e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzHJd0rI1oMQfREjig7+FJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MjFiYTRiNTM5MTYyZDdlZjE5MWE1NjYyMDQ5ZTUxZmRj
MzYyMmIwHhcNMjQwMTAxMjIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjUzMGU5OWYzOTQ2OTA2MzExZTk3ODkyODNmMjk1NTAwNjMzYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5KG4oZ0tT7Q2GGGTPgfweAI+SLj
qF+J2AFjrB4ON+1U4i4e4wfHbe/XVuaZGIoQeKkXBJsq4jn5ixQr5Vb1VmQadwIL
C2/v/+FVUxoh1UvOsIH/6d5lcaxTpeEUfxl0F5yc1TFnU+WK593VO7sC6vlRTiQA
fYJj5ah+xOIYKcLpIPjZdr0XxMOdGpf4Tkd9kZotx3O2ZNA2uEC4eWgv7wfZUaiD
5VVWoX618Fm453gEfroMOGSErKWiwiLv6Jhle5t582NrsEbFMRdlIXaJ+Ta9/9p7
fE2lUXKIWuQs3SKFCWrwSbK4UwVyFRWXgYnqZ+zNUNgOOWqwq/6YBu9AWwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFItTDpnzlGkGMR6XiSg/KVUAYzvFMB8GA1UdIwQY
MBaAFFQhuktTkWLX7xkaVmIEnlH9w2IrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNHNlMxT1JZdGZ2R1JwV1lnU2VVZjNEWWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8zYWVlN2EtMTViNS00M2Q2LTgyNzUt
ZWYwNjNlNzg2ZTU0LzEvaTFNT21mT1VhUVl4SHBlSktEOHBWUUJqTzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8zYWVlN2EtMTViNS00M2Q2LTgyNzUtZWYwNjNlNzg2ZTU0
LzEvVkNHNlMxT1JZdGZ2R1JwV1lnU2VVZjNEWWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQFPpQgAwQD
TV7oAwQHksCAAwQCueJkAwQAwSS/AwQAw/XKAwQFw/7AAwQE2RLAMBQEAgACMA4D
BQAqAA74AwUAKgCXwDANBgkqhkiG9w0BAQsFAAOCAQEASZ72OFlVsOQogQ3W4FDT
Xiy0hwCtDFHoQLRZgI9iX0V3SNj8Kw6neE5eAl5n+ejI6SYxDoijliZhLHlmIL4H
eIRQhPxLWsx1CYCr3VBCMqnP3JxSd/tEM1727ILuS2qf1WkFDnngKojiuq9AXEW4
9or2tTubsD++Z48m5k9k970j6+HDOzCE9eHbPUxJGxidLwu1JfKpKv4eZgVY6s8Q
Ib7LDEDXwG0/mVsYhIcHlYSzo9R8kqDPPEkSBLMi4cw+VJrjGrGJ1U+YU98z2dN8
Y0zU97eHW4Zvo6sgF/C4SMkbTazWsC2T65rIf6kBcWOXJEU3bpJElPXOoTMi0DFi
jg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:54 2024 by rpki-client on console-fra.rpki-client.org