Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/45b9e3-5fa6-4534-91af-f4c7a7925975/1/9434QPnRdKRvmgjSc6Dxqnf6cfU.roa
File: 9434QPnRdKRvmgjSc6Dxqnf6cfU.roa (raw, json)
Hash identifier: kklWMbapGXqqLmwyibsIL/ACLcnAIY+r5utMDECnPqI=
Subject key identifier: F7:8D:F8:40:F9:D1:74:A4:6F:9A:08:D2:73:A0:F1:AA:77:FA:71:F5
Certificate issuer: /CN=ef133598bb10542114681ea86a35df169831cf03
Certificate serial: 018CC500AA0D06F0E6CFEA0771DB800C8D0A
Authority key identifier: EF:13:35:98:BB:10:54:21:14:68:1E:A8:6A:35:DF:16:98:31:CF:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xM1mLsQVCEUaB6oajXfFpgxzwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/45b9e3-5fa6-4534-91af-f4c7a7925975/1/9434QPnRdKRvmgjSc6Dxqnf6cfU.roa
Signing time: Mon 01 Jan 2024 12:30:04 +0000
ROA not before: Mon 01 Jan 2024 12:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206250
IP address blocks: 185.42.84.0/22 maxlen: 22
2a01:62a0::/32 maxlen: 32
2a01:62a0:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/45b9e3-5fa6-4534-91af-f4c7a7925975/1/7xM1mLsQVCEUaB6oajXfFpgxzwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/45b9e3-5fa6-4534-91af-f4c7a7925975/1/7xM1mLsQVCEUaB6oajXfFpgxzwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7xM1mLsQVCEUaB6oajXfFpgxzwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:aa:0d:06:f0:e6:cf:ea:07:71:db:80:0c:8d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef133598bb10542114681ea86a35df169831cf03
Validity
Not Before: Jan 1 12:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f78df840f9d174a46f9a08d273a0f1aa77fa71f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b2:09:6b:a7:2c:2b:73:7a:bb:29:e3:1f:f9:
d5:8d:93:63:49:28:22:71:d7:96:10:d7:4a:0a:12:
78:c8:74:54:ac:e7:c2:09:91:3b:9e:25:2b:99:53:
e2:9b:ae:43:07:3f:d5:74:5c:69:15:07:e6:0e:49:
25:10:2a:a7:73:e5:0d:65:32:5f:88:43:c6:4f:b1:
04:94:e4:25:3a:ce:0d:66:19:97:4b:1b:73:c7:31:
8f:a3:4a:39:d7:76:0b:3c:dd:e2:43:48:fb:da:a9:
0d:bb:cf:90:0c:ec:94:9b:ce:57:b7:77:ea:07:30:
e0:40:c9:31:3f:32:78:f7:9a:06:9c:3c:00:c2:5d:
be:9a:b2:af:29:3b:e7:91:18:a4:7a:ad:2f:50:7c:
5b:72:ef:e0:2e:6d:34:7c:7e:5c:ef:a1:ae:34:ec:
a1:cd:85:93:a2:b4:24:3c:b6:af:c1:1e:11:70:23:
a3:72:cc:d4:5f:0e:fa:1f:df:e5:45:f8:fd:46:eb:
20:3f:6c:48:d2:69:d9:63:87:4c:53:92:c0:56:38:
32:f6:99:ba:61:8a:e4:b5:9e:73:38:1c:2e:69:4f:
92:30:eb:fc:56:cd:07:b1:46:e8:43:fb:f7:4d:41:
6d:d6:6e:17:c9:96:27:56:73:3e:86:23:5d:90:2e:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8D:F8:40:F9:D1:74:A4:6F:9A:08:D2:73:A0:F1:AA:77:FA:71:F5
X509v3 Authority Key Identifier:
keyid:EF:13:35:98:BB:10:54:21:14:68:1E:A8:6A:35:DF:16:98:31:CF:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xM1mLsQVCEUaB6oajXfFpgxzwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/45b9e3-5fa6-4534-91af-f4c7a7925975/1/9434QPnRdKRvmgjSc6Dxqnf6cfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/45b9e3-5fa6-4534-91af-f4c7a7925975/1/7xM1mLsQVCEUaB6oajXfFpgxzwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.84.0/22
IPv6:
2a01:62a0::/32
Signature Algorithm: sha256WithRSAEncryption
43:ff:07:ef:99:9b:38:29:ad:21:fd:59:a1:3c:1c:ba:96:c5:
75:f6:c9:e6:63:2a:2f:21:b5:00:6d:07:9d:fc:bd:a6:72:8d:
57:e1:4e:b8:c8:7c:db:00:f7:a4:64:20:0a:59:67:43:0f:1c:
b2:15:cb:2d:63:00:0c:30:b3:9f:09:dc:41:4d:f0:3a:7c:0e:
3b:96:9a:81:79:32:53:32:5f:0f:ab:a5:a5:97:80:5e:9e:2e:
6d:db:65:0b:5e:7c:ca:f9:b2:4e:4e:48:6a:42:40:6e:bb:d1:
32:f9:40:19:ad:36:27:2d:96:a1:90:c3:68:0d:17:76:e6:0f:
04:c5:31:35:1a:bc:04:31:d7:66:e5:49:1f:e8:60:bc:9e:ff:
61:48:3b:e2:c2:a1:d7:58:0e:ea:f2:ba:e4:4e:b9:c5:ae:f6:
ac:8f:8e:ea:69:f4:7a:a3:50:ed:85:a7:6b:df:73:ae:dc:54:
bc:29:6b:e9:16:18:33:b7:49:7e:b1:82:fc:e5:41:d0:4f:95:
5e:0d:8b:98:48:ea:8c:df:73:ee:b7:73:77:a9:7c:bf:ff:6d:
9f:a9:ac:0a:6a:69:4e:de:99:d3:ee:56:23:e5:a7:ab:68:b2:
38:07:87:32:09:d0:88:e6:d9:f7:d2:0a:a7:db:98:b5:78:9c:
d7:af:a5:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAKoNBvDmz+oHcduADI0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMTMzNTk4YmIxMDU0MjExNDY4MWVhODZhMzVkZjE2OTgz
MWNmMDMwHhcNMjQwMTAxMTIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzhkZjg0MGY5ZDE3NGE0NmY5YTA4ZDI3M2EwZjFhYTc3ZmE3MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrIJa6csK3N6uynjH/nVjZNjSSgi
cdeWENdKChJ4yHRUrOfCCZE7niUrmVPim65DBz/VdFxpFQfmDkklECqnc+UNZTJf
iEPGT7EElOQlOs4NZhmXSxtzxzGPo0o513YLPN3iQ0j72qkNu8+QDOyUm85Xt3fq
BzDgQMkxPzJ495oGnDwAwl2+mrKvKTvnkRikeq0vUHxbcu/gLm00fH5c76GuNOyh
zYWTorQkPLavwR4RcCOjcszUXw76H9/lRfj9RusgP2xI0mnZY4dMU5LAVjgy9pm6
YYrktZ5zOBwuaU+SMOv8Vs0HsUboQ/v3TUFt1m4XyZYnVnM+hiNdkC6HUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPeN+ED50XSkb5oI0nOg8ap3+nH1MB8GA1UdIwQY
MBaAFO8TNZi7EFQhFGgeqGo13xaYMc8DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3hNMW1Mc1FWQ0VVYUI2b2FqWGZGcGd4endNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NWI5ZTMtNWZhNi00NTM0LTkxYWYt
ZjRjN2E3OTI1OTc1LzEvOTQzNFFQblJkS1J2bWdqU2M2RHhxbmY2Y2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NWI5ZTMtNWZhNi00NTM0LTkxYWYtZjRjN2E3OTI1OTc1
LzEvN3hNMW1Mc1FWQ0VVYUI2b2FqWGZGcGd4endNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSpUMA0E
AgACMAcDBQAqAWKgMA0GCSqGSIb3DQEBCwUAA4IBAQBD/wfvmZs4Ka0h/VmhPBy6
lsV19snmYyovIbUAbQed/L2mco1X4U64yHzbAPekZCAKWWdDDxyyFcstYwAMMLOf
CdxBTfA6fA47lpqBeTJTMl8Pq6Wll4Beni5t22ULXnzK+bJOTkhqQkBuu9Ey+UAZ
rTYnLZahkMNoDRd25g8ExTE1GrwEMddm5Ukf6GC8nv9hSDviwqHXWA7q8rrkTrnF
rvasj47qafR6o1Dthadr33Ou3FS8KWvpFhgzt0l+sYL85UHQT5VeDYuYSOqM33Pu
t3N3qXy//22fqawKamlO3pnT7lYj5aeraLI4B4cyCdCI5tn30gqn25i1eJzXr6Vn
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:00:16 2024 by rpki-client on console-fra.rpki-client.org