Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa
File: m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa (raw, json)
Hash identifier: MVJ2XBHnmFzrlTVtgm5DTz7pGxjB4E42nbm+VxABezM=
Subject key identifier: 9B:88:77:16:7A:A0:DC:97:7A:20:0E:51:6B:8A:00:16:E3:DF:92:0E
Certificate issuer: /CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Certificate serial: 018CC64AEF721ABD62B02EC61E407E2A6B20
Authority key identifier: 0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15456
IP address blocks: 62.116.128.0/18 maxlen: 24
62.116.128.0/19 maxlen: 24
85.236.32.0/19 maxlen: 24
62.116.160.0/19 maxlen: 24
185.91.244.0/22 maxlen: 24
2001:4178::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ef:72:1a:bd:62:b0:2e:c6:1e:40:7e:2a:6b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b8877167aa0dc977a200e516b8a0016e3df920e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:52:4d:95:d7:ce:9e:10:3d:fd:60:ce:eb:
d6:eb:5c:ce:10:51:81:9b:05:d2:c0:e3:11:d3:99:
12:c8:6c:a2:aa:52:47:ce:d9:cf:00:02:f7:28:d1:
57:87:d9:4d:e0:74:af:37:b3:21:1c:07:fe:f8:4b:
2f:41:50:73:d2:6c:bb:26:85:79:dc:93:a3:63:61:
a6:f3:2d:bf:11:bf:83:72:a5:21:ef:2d:a1:dc:ae:
e3:df:d4:68:cf:c6:fb:7e:91:a4:5a:93:54:15:c2:
a3:34:09:a2:07:fa:c9:d0:cb:c2:cc:52:16:cc:99:
e7:40:78:99:af:05:f9:27:3b:f4:6c:2c:07:25:63:
67:e5:57:84:7e:4a:f4:e3:13:d1:49:ef:ed:3e:7c:
31:4a:4d:ab:7c:f1:1d:9b:24:27:67:92:73:73:bf:
5b:12:14:b7:62:f9:69:4b:ca:4b:bd:23:18:00:c1:
dd:d9:12:e4:bf:d8:a3:26:c0:4b:31:60:27:0a:c0:
56:b7:b3:d8:53:9e:57:7b:23:5a:bf:16:bf:9b:8c:
65:1c:1a:f3:0a:8c:bf:98:99:54:0b:fb:c8:43:04:
2f:df:82:56:e1:4f:f1:4b:1a:c1:68:c0:9c:ec:39:
a4:2c:12:6e:19:77:72:3c:c0:0e:30:bd:27:e2:a9:
46:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:88:77:16:7A:A0:DC:97:7A:20:0E:51:6B:8A:00:16:E3:DF:92:0E
X509v3 Authority Key Identifier:
keyid:0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.116.128.0/18
85.236.32.0/19
185.91.244.0/22
IPv6:
2001:4178::/29
Signature Algorithm: sha256WithRSAEncryption
8f:0b:1c:96:b5:fe:92:d0:19:8e:2c:bf:5c:c9:56:39:ff:5e:
02:fa:65:18:f4:a0:e6:72:b6:f9:8c:41:ff:63:27:92:db:38:
1b:f8:b2:1a:60:a7:05:60:6a:89:6f:fe:a1:5c:ff:e4:ea:58:
65:50:64:a6:fd:50:a7:ab:8e:18:62:7d:a6:74:3d:2b:e9:18:
ae:2c:ca:66:97:d0:98:0a:c5:17:68:3c:4a:05:55:49:eb:89:
c1:ce:27:be:b5:46:07:ee:3c:25:79:42:74:6e:86:35:a6:ba:
2b:18:d1:14:0b:93:c4:5a:77:df:eb:d1:97:4c:89:f3:86:d3:
de:a5:55:1a:6b:e9:0a:de:63:eb:da:28:ff:16:50:58:6a:f8:
f7:94:93:10:8b:cb:b3:3a:89:75:b8:b4:49:bc:2b:be:90:cd:
1f:31:96:d3:2f:95:3b:9a:82:c4:cf:8e:30:00:0b:b6:60:6e:
d7:ed:02:51:76:11:86:a5:be:b4:2b:33:8c:ec:fd:82:c7:d6:
8e:b2:1a:78:da:de:74:16:c7:3c:3f:44:ef:8d:db:ac:c1:bf:
70:6d:ef:3c:5f:7b:a0:37:27:7d:3c:8b:80:20:26:af:2a:dc:
c5:2a:89:88:80:54:59:bb:46:53:5c:98:cd:19:86:ee:f8:c9:
1d:62:10:a3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSu9yGr1isC7GHkB+KmsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWJlNjA1NmViMGMzNjUwYjhmZTIxZTJkNzI2YzFiODNl
YzgyYjMwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg4NzcxNjdhYTBkYzk3N2EyMDBlNTE2YjhhMDAxNmUzZGY5MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq5STZXXzp4QPf1gzuvW61zOEFGB
mwXSwOMR05kSyGyiqlJHztnPAAL3KNFXh9lN4HSvN7MhHAf++EsvQVBz0my7JoV5
3JOjY2Gm8y2/Eb+DcqUh7y2h3K7j39Roz8b7fpGkWpNUFcKjNAmiB/rJ0MvCzFIW
zJnnQHiZrwX5Jzv0bCwHJWNn5VeEfkr04xPRSe/tPnwxSk2rfPEdmyQnZ5Jzc79b
EhS3YvlpS8pLvSMYAMHd2RLkv9ijJsBLMWAnCsBWt7PYU55XeyNavxa/m4xlHBrz
Coy/mJlUC/vIQwQv34JW4U/xSxrBaMCc7DmkLBJuGXdyPMAOML0n4qlG1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJuIdxZ6oNyXeiAOUWuKABbj35IOMB8GA1UdIwQY
MBaAFAxb5gVusMNlC4/iHi1ybBuD7IKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQt
ZmZjN2YyYTMxOThjLzEvbTRoM0ZucWczSmQ2SUE1UmE0b0FGdVBma2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQtZmZjN2YyYTMxOThj
LzEvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPnSAAwQF
VewgAwQCuVv0MA0EAgACMAcDBQMgAUF4MA0GCSqGSIb3DQEBCwUAA4IBAQCPCxyW
tf6S0BmOLL9cyVY5/14C+mUY9KDmcrb5jEH/YyeS2zgb+LIaYKcFYGqJb/6hXP/k
6lhlUGSm/VCnq44YYn2mdD0r6RiuLMpml9CYCsUXaDxKBVVJ64nBzie+tUYH7jwl
eUJ0boY1prorGNEUC5PEWnff69GXTInzhtPepVUaa+kK3mPr2ij/FlBYavj3lJMQ
i8uzOol1uLRJvCu+kM0fMZbTL5U7moLEz44wAAu2YG7X7QJRdhGGpb60KzOM7P2C
x9aOshp42t50Fsc8P0Tvjduswb9wbe88X3ugNyd9PIuAICavKtzFKomIgFRZu0ZT
XJjNGYbu+MkdYhCj
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:32:53 2024 by rpki-client on console-fra.rpki-client.org