Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/sazNrD1qxpqNCVhrQfphO9OeiMA.roa
File: sazNrD1qxpqNCVhrQfphO9OeiMA.roa (raw, json)
Hash identifier: +E2zO5GuGljL8rpluwuuw5yJFXGfGSZQy+GHqP79BIo=
Subject key identifier: B1:AC:CD:AC:3D:6A:C6:9A:8D:09:58:6B:41:FA:61:3B:D3:9E:88:C0
Certificate issuer: /CN=08af091858bb99651764399c6565df7a0834dbad
Certificate serial: 018CC86F84DECC6AD9B542A9579155719032
Authority key identifier: 08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/sazNrD1qxpqNCVhrQfphO9OeiMA.roa
Signing time: Tue 02 Jan 2024 04:30:00 +0000
ROA not before: Tue 02 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 185.41.22.0/24 maxlen: 24
193.57.44.0/24 maxlen: 24
193.57.45.0/24 maxlen: 24
185.212.250.0/24 maxlen: 24
185.239.27.0/24 maxlen: 24
185.239.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.mft
rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:84:de:cc:6a:d9:b5:42:a9:57:91:55:71:90:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08af091858bb99651764399c6565df7a0834dbad
Validity
Not Before: Jan 2 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1accdac3d6ac69a8d09586b41fa613bd39e88c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8e:1d:ba:9e:38:05:52:aa:aa:e7:8b:57:c1:
39:14:99:df:48:69:6d:1a:27:72:61:3d:2b:ae:56:
d1:80:e3:69:4f:c5:f4:18:19:cd:9a:3b:8f:20:34:
3a:a1:82:c9:9b:aa:13:86:a2:ae:7c:08:cb:b8:a8:
91:cf:f4:65:08:fc:d1:47:bc:85:4f:c6:2d:c4:ce:
aa:02:2d:50:0d:7f:97:d3:20:09:09:f8:58:e3:06:
4e:1c:82:c5:3c:f6:55:3f:fd:f2:82:30:23:c6:44:
9a:ef:db:22:5c:e6:87:ee:95:8b:56:a6:1a:c8:47:
c5:a1:a4:84:88:ef:cc:75:0a:ca:44:76:8e:61:fd:
e0:28:00:70:35:cb:42:2b:cc:bb:af:74:26:13:db:
c2:7f:dc:d7:e9:78:a0:51:24:1b:f9:8e:40:14:b4:
62:19:f5:84:ed:dd:ff:58:3e:f2:0a:0b:ca:95:06:
7f:a1:09:6b:7e:cc:46:e5:b7:07:9f:33:c9:ad:93:
b3:27:ce:61:aa:24:f7:13:db:ba:cd:b9:fb:13:7a:
51:43:01:e5:d9:a1:70:2f:e3:49:d3:d6:0f:5d:f8:
9e:fa:69:0d:4b:61:e5:42:0a:c6:d2:66:22:d0:69:
17:47:e6:fc:15:7e:ad:a1:7c:8c:ed:de:38:bf:70:
4a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AC:CD:AC:3D:6A:C6:9A:8D:09:58:6B:41:FA:61:3B:D3:9E:88:C0
X509v3 Authority Key Identifier:
keyid:08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/sazNrD1qxpqNCVhrQfphO9OeiMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.22.0/24
185.212.250.0/24
185.239.26.0/23
193.57.44.0/23
Signature Algorithm: sha256WithRSAEncryption
62:14:62:0a:ff:a5:1b:d2:85:25:c3:00:c0:66:d0:f3:21:e6:
fd:86:de:50:9a:23:d4:00:ab:24:10:fa:85:00:7b:e6:45:12:
74:65:43:f6:ad:6b:a3:c2:b4:c7:89:ff:a5:74:75:6c:ca:58:
21:6b:4a:95:6a:59:0a:df:54:06:d0:43:44:21:0a:31:57:64:
70:57:00:65:c6:fe:e1:df:08:35:a0:88:74:e4:67:cc:73:ac:
2c:3d:1a:e7:5b:9f:4e:b5:0b:0e:24:3f:f4:57:ce:92:c2:83:
0a:20:ac:00:ac:d4:4f:c2:e1:ba:54:07:16:6d:55:c0:7f:64:
81:97:d4:bb:b1:93:28:83:19:b5:64:19:d5:23:22:d8:47:1c:
b2:28:12:93:58:af:3d:eb:d6:44:9a:18:59:03:3d:a4:ac:7c:
2a:ca:3e:11:aa:9a:45:a0:44:87:e6:40:67:c4:5b:d5:10:be:
d0:10:6e:3a:5e:25:6b:f6:f0:e6:32:68:77:32:9d:da:2d:de:
00:7d:6c:7b:f1:45:c5:87:48:e5:5e:e8:a2:69:08:e4:68:f6:
0a:b7:ca:dd:0b:fc:d7:96:f9:f2:b8:34:df:d5:9b:82:6c:b8:
18:82:cb:8f:20:cc:9a:34:c1:e5:4c:f4:0a:c6:68:83:d4:3e:
3c:b4:1e:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb4TezGrZtUKpV5FVcZAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YWYwOTE4NThiYjk5NjUxNzY0Mzk5YzY1NjVkZjdhMDgz
NGRiYWQwHhcNMjQwMTAyMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFjY2RhYzNkNmFjNjlhOGQwOTU4NmI0MWZhNjEzYmQzOWU4OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio4dup44BVKqqueLV8E5FJnfSGlt
GidyYT0rrlbRgONpT8X0GBnNmjuPIDQ6oYLJm6oThqKufAjLuKiRz/RlCPzRR7yF
T8YtxM6qAi1QDX+X0yAJCfhY4wZOHILFPPZVP/3ygjAjxkSa79siXOaH7pWLVqYa
yEfFoaSEiO/MdQrKRHaOYf3gKABwNctCK8y7r3QmE9vCf9zX6XigUSQb+Y5AFLRi
GfWE7d3/WD7yCgvKlQZ/oQlrfsxG5bcHnzPJrZOzJ85hqiT3E9u6zbn7E3pRQwHl
2aFwL+NJ09YPXfie+mkNS2HlQgrG0mYi0GkXR+b8FX6toXyM7d44v3BKhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLGszaw9asaajQlYa0H6YTvTnojAMB8GA1UdIwQY
MBaAFAivCRhYu5llF2Q5nGVl33oINNutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYt
NTYxMjliN2RjMDE4LzEvc2F6TnJEMXF4cHFOQ1ZoclFmcGhPOU9laU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYtNTYxMjliN2RjMDE4
LzEvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuSkWAwQA
udT6AwQBue8aAwQBwTksMA0GCSqGSIb3DQEBCwUAA4IBAQBiFGIK/6Ub0oUlwwDA
ZtDzIeb9ht5QmiPUAKskEPqFAHvmRRJ0ZUP2rWujwrTHif+ldHVsylgha0qValkK
31QG0ENEIQoxV2RwVwBlxv7h3wg1oIh05GfMc6wsPRrnW59OtQsOJD/0V86SwoMK
IKwArNRPwuG6VAcWbVXAf2SBl9S7sZMogxm1ZBnVIyLYRxyyKBKTWK8969ZEmhhZ
Az2krHwqyj4RqppFoESH5kBnxFvVEL7QEG46XiVr9vDmMmh3Mp3aLd4AfWx78UXF
h0jlXuiiaQjkaPYKt8rdC/zXlvnyuDTf1ZuCbLgYgsuPIMyaNMHlTPQKxmiD1D48
tB4a
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:41:29 2024 by rpki-client on console-fra.rpki-client.org