Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9438b7-39a2-4c95-af1a-cdb1fdc9d57d/1/RAv4IEmFmVdUUDDrSbsC020Rdhs.roa
File: RAv4IEmFmVdUUDDrSbsC020Rdhs.roa (raw, json)
Hash identifier: bz13xSiSnMUN0XGmUxUD8cuyR0bYX8moRJpBIsypesA=
Subject key identifier: 44:0B:F8:20:49:85:99:57:54:50:30:EB:49:BB:02:D3:6D:11:76:1B
Certificate issuer: /CN=efe01974743a3b3a28f7a64e2d871bf1e5e5f6e5
Certificate serial: 018D25F4B9A91255EAEB9BFFA46BC2A7AAFE
Authority key identifier: EF:E0:19:74:74:3A:3B:3A:28:F7:A6:4E:2D:87:1B:F1:E5:E5:F6:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-AZdHQ6Ozoo96ZOLYcb8eXl9uU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9438b7-39a2-4c95-af1a-cdb1fdc9d57d/1/RAv4IEmFmVdUUDDrSbsC020Rdhs.roa
Signing time: Sat 20 Jan 2024 08:20:11 +0000
ROA not before: Sat 20 Jan 2024 08:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13190
IP address blocks: 185.117.164.0/22 maxlen: 22
2001:678:bbc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/9438b7-39a2-4c95-af1a-cdb1fdc9d57d/1/7-AZdHQ6Ozoo96ZOLYcb8eXl9uU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/9438b7-39a2-4c95-af1a-cdb1fdc9d57d/1/7-AZdHQ6Ozoo96ZOLYcb8eXl9uU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7-AZdHQ6Ozoo96ZOLYcb8eXl9uU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:25:f4:b9:a9:12:55:ea:eb:9b:ff:a4:6b:c2:a7:aa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe01974743a3b3a28f7a64e2d871bf1e5e5f6e5
Validity
Not Before: Jan 20 08:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=440bf82049859957545030eb49bb02d36d11761b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:65:3d:a1:f8:6b:5f:c1:4b:2e:37:cd:ec:36:
ef:c1:75:ec:c6:1c:97:59:bd:57:ac:c0:02:5f:36:
95:74:ac:31:1d:b0:68:56:da:66:e9:5e:9a:66:cd:
2c:32:c2:33:35:67:20:8f:7b:09:cc:d3:e6:21:01:
55:51:e8:15:a7:e9:d1:38:d8:94:1b:eb:ad:01:e4:
12:2b:56:c2:42:cb:26:46:34:b3:37:9c:90:03:91:
6c:ea:7b:50:77:74:a2:33:43:cc:aa:20:d0:8d:ad:
7c:0e:ae:eb:12:f6:e4:4d:d6:21:f3:9e:06:75:20:
b5:b1:6f:44:cb:77:17:74:bb:82:54:e4:56:4c:3a:
94:64:6e:9a:5c:c1:74:26:f1:be:a0:10:58:e9:2f:
65:ac:18:24:55:3b:89:b3:5d:12:a0:ac:e9:1f:15:
50:a5:75:e9:c4:39:ed:0b:8e:09:0e:2c:30:49:33:
ab:bb:85:2f:44:6a:6f:cf:6f:8d:1b:7e:9a:3b:d0:
d5:fc:8a:4a:64:53:cc:0a:11:10:4c:af:b9:f3:02:
f4:3d:5c:fb:cf:89:f8:9e:e7:4f:08:24:3e:57:18:
b5:f1:83:bf:e3:8b:32:9b:0e:8b:cf:37:a2:14:68:
91:52:dd:dc:65:a7:d8:07:63:1c:14:41:83:4b:39:
e9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0B:F8:20:49:85:99:57:54:50:30:EB:49:BB:02:D3:6D:11:76:1B
X509v3 Authority Key Identifier:
keyid:EF:E0:19:74:74:3A:3B:3A:28:F7:A6:4E:2D:87:1B:F1:E5:E5:F6:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-AZdHQ6Ozoo96ZOLYcb8eXl9uU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9438b7-39a2-4c95-af1a-cdb1fdc9d57d/1/RAv4IEmFmVdUUDDrSbsC020Rdhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9438b7-39a2-4c95-af1a-cdb1fdc9d57d/1/7-AZdHQ6Ozoo96ZOLYcb8eXl9uU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.164.0/22
IPv6:
2001:678:bbc::/48
Signature Algorithm: sha256WithRSAEncryption
52:6a:55:5a:47:cb:94:30:86:48:e8:9c:74:07:4e:ea:f3:50:
25:ec:bc:4e:77:16:48:ee:12:21:6f:87:db:95:f6:f8:e4:7a:
cb:ae:06:a5:76:c8:38:0f:a6:01:58:9b:7f:85:6e:48:a3:f2:
80:01:68:3c:fc:aa:a0:58:c8:36:aa:b5:bf:6c:0b:eb:9f:8f:
ba:03:91:dd:db:e8:a1:31:04:5f:f8:b5:06:4b:70:8b:6f:ec:
01:f1:86:d2:8d:97:f6:aa:d2:a1:09:ce:7f:a6:2f:b9:17:83:
4d:0a:8e:ed:41:e9:43:68:2b:b7:a1:16:bd:b0:0b:d3:f9:a8:
68:be:78:e1:af:e5:cc:4e:a0:3d:ac:79:46:a9:82:2b:25:98:
06:4d:6f:5a:3d:9e:79:2f:a7:0c:88:96:7d:ec:c5:a5:fa:37:
a1:fc:36:28:69:89:d9:fb:41:fe:a2:6c:b9:5e:4e:30:9a:cf:
87:fb:62:e6:b4:9f:46:79:02:c1:d9:4f:b6:8b:82:51:da:3a:
8b:d5:5e:d7:01:3b:4e:fa:46:46:da:db:93:54:46:ed:10:5c:
27:a0:1d:e3:97:98:ea:2b:a9:c1:a0:68:d2:a1:49:43:f0:eb:
44:e6:74:4b:34:7b:ed:54:b1:ff:d0:3e:7a:7b:b7:bf:38:ce:
99:a0:f9:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0l9LmpElXq65v/pGvCp6r+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTAxOTc0NzQzYTNiM2EyOGY3YTY0ZTJkODcxYmYxZTVl
NWY2ZTUwHhcNMjQwMTIwMDgyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDBiZjgyMDQ5ODU5OTU3NTQ1MDMwZWI0OWJiMDJkMzZkMTE3NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2U9ofhrX8FLLjfN7DbvwXXsxhyX
Wb1XrMACXzaVdKwxHbBoVtpm6V6aZs0sMsIzNWcgj3sJzNPmIQFVUegVp+nRONiU
G+utAeQSK1bCQssmRjSzN5yQA5Fs6ntQd3SiM0PMqiDQja18Dq7rEvbkTdYh854G
dSC1sW9Ey3cXdLuCVORWTDqUZG6aXMF0JvG+oBBY6S9lrBgkVTuJs10SoKzpHxVQ
pXXpxDntC44JDiwwSTOru4UvRGpvz2+NG36aO9DV/IpKZFPMChEQTK+58wL0PVz7
z4n4nudPCCQ+Vxi18YO/44symw6LzzeiFGiRUt3cZafYB2McFEGDSznpBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEQL+CBJhZlXVFAw60m7AtNtEXYbMB8GA1UdIwQY
MBaAFO/gGXR0Ojs6KPemTi2HG/Hl5fblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1BWmRIUTZPem9vOTZaT0xZY2I4ZVhsOXVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85NDM4YjctMzlhMi00Yzk1LWFmMWEt
Y2RiMWZkYzlkNTdkLzEvUkF2NElFbUZtVmRVVUREclNic0MwMjBSZGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85NDM4YjctMzlhMi00Yzk1LWFmMWEtY2RiMWZkYzlkNTdk
LzEvNy1BWmRIUTZPem9vOTZaT0xZY2I4ZVhsOXVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXWkMA8E
AgACMAkDBwAgAQZ4C7wwDQYJKoZIhvcNAQELBQADggEBAFJqVVpHy5QwhkjonHQH
TurzUCXsvE53FkjuEiFvh9uV9vjkesuuBqV2yDgPpgFYm3+Fbkij8oABaDz8qqBY
yDaqtb9sC+ufj7oDkd3b6KExBF/4tQZLcItv7AHxhtKNl/aq0qEJzn+mL7kXg00K
ju1B6UNoK7ehFr2wC9P5qGi+eOGv5cxOoD2seUapgislmAZNb1o9nnkvpwyIln3s
xaX6N6H8Nihpidn7Qf6ibLleTjCaz4f7Yua0n0Z5AsHZT7aLglHaOovVXtcBO076
Rkba25NURu0QXCegHeOXmOorqcGgaNKhSUPw60TmdEs0e+1Usf/QPnp7t784zpmg
+W4=
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:37:17 2024 by rpki-client on console-ams.rpki-client.org