Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/aecab1-1de9-4bdf-9a10-23af55e0190d/1/T49QIqnNNcKeOxbYnONDdm1zDv0.roa
File: T49QIqnNNcKeOxbYnONDdm1zDv0.roa (raw, json)
Hash identifier: CjLdhyWpEYBH2noAwFgyhvfuISWLEiqE2Pw8t/NekmI=
Subject key identifier: 4F:8F:50:22:A9:CD:35:C2:9E:3B:16:D8:9C:E3:43:76:6D:73:0E:FD
Certificate issuer: /CN=02fbd8d72bffbbcd77076a6a6cc994d364284916
Certificate serial: 018CC94E1B84223B2252A7675A0A32C3E867
Authority key identifier: 02:FB:D8:D7:2B:FF:BB:CD:77:07:6A:6A:6C:C9:94:D3:64:28:49:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvvY1yv_u813B2pqbMmU02QoSRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/aecab1-1de9-4bdf-9a10-23af55e0190d/1/T49QIqnNNcKeOxbYnONDdm1zDv0.roa
Signing time: Tue 02 Jan 2024 08:33:08 +0000
ROA not before: Tue 02 Jan 2024 08:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206124
IP address blocks: 185.194.48.0/24 maxlen: 24
185.194.51.0/24 maxlen: 24
185.194.49.0/24 maxlen: 24
185.194.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/aecab1-1de9-4bdf-9a10-23af55e0190d/1/AvvY1yv_u813B2pqbMmU02QoSRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/aecab1-1de9-4bdf-9a10-23af55e0190d/1/AvvY1yv_u813B2pqbMmU02QoSRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AvvY1yv_u813B2pqbMmU02QoSRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:1b:84:22:3b:22:52:a7:67:5a:0a:32:c3:e8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02fbd8d72bffbbcd77076a6a6cc994d364284916
Validity
Not Before: Jan 2 08:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8f5022a9cd35c29e3b16d89ce343766d730efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b2:9a:52:b0:1b:e7:5a:c4:86:00:0e:97:32:
c8:ed:ea:79:26:90:3e:e5:ab:17:14:ff:84:6b:66:
2d:43:b5:18:51:8a:7e:0e:7e:17:70:5c:95:00:72:
b6:37:70:02:6a:9e:6e:d7:37:b5:4c:ca:21:94:5d:
49:be:47:33:9f:ba:2d:4d:91:97:1a:1d:1e:24:f3:
ab:5d:33:b3:36:21:f3:ac:4d:66:6b:94:51:32:58:
29:da:55:aa:4b:c6:89:eb:52:da:6c:12:b5:b3:f1:
dd:2b:83:99:bf:5f:21:3e:bd:57:c0:02:0c:93:32:
37:73:66:6f:a5:d0:b2:bd:99:4c:f9:89:51:41:33:
1a:d7:bb:db:bf:de:19:d3:4d:0a:3a:27:80:11:6a:
60:68:1d:e6:83:50:76:27:b5:4c:df:03:7a:0d:5c:
dc:c4:ec:61:33:fa:d4:a3:77:09:ee:fe:21:4e:58:
91:77:84:50:52:82:82:d5:fa:79:ce:05:0d:2c:32:
26:1d:48:91:9c:21:4d:4d:be:de:70:b0:a7:5e:87:
b3:6d:b7:53:a2:58:8b:7c:77:06:c8:13:34:ba:c0:
05:e4:99:3b:89:49:be:f7:7b:99:0e:76:fd:db:19:
33:d5:18:77:fa:30:bf:3d:d6:1a:80:d3:23:26:eb:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8F:50:22:A9:CD:35:C2:9E:3B:16:D8:9C:E3:43:76:6D:73:0E:FD
X509v3 Authority Key Identifier:
keyid:02:FB:D8:D7:2B:FF:BB:CD:77:07:6A:6A:6C:C9:94:D3:64:28:49:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvvY1yv_u813B2pqbMmU02QoSRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/aecab1-1de9-4bdf-9a10-23af55e0190d/1/T49QIqnNNcKeOxbYnONDdm1zDv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/aecab1-1de9-4bdf-9a10-23af55e0190d/1/AvvY1yv_u813B2pqbMmU02QoSRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:7d:41:36:cc:d2:bd:15:37:ff:e0:3e:09:4f:f5:ee:05:43:
08:8f:c9:5a:92:7d:47:53:6b:8c:8e:e1:13:5d:5c:d4:04:00:
8a:1b:53:40:a2:03:20:17:b7:9c:3c:7b:42:f1:90:50:48:ac:
52:77:2a:ea:1e:44:81:df:17:79:8b:79:f0:ca:41:38:67:47:
2a:dc:c7:73:da:4a:1d:81:5d:85:7a:f1:c2:e4:81:22:16:92:
9d:3a:93:f7:43:d5:14:db:3e:07:2a:27:f0:1f:b3:ab:1e:e5:
01:1c:2d:5f:fd:4a:24:d0:31:ba:7f:c5:e4:a5:90:05:03:43:
eb:42:7e:e3:e1:6b:02:ab:91:b5:c0:65:ea:d8:8c:93:f5:fa:
0f:8b:9f:f9:47:fe:cb:52:5a:5e:1d:ed:0b:92:ba:88:1d:31:
f0:4d:93:df:06:f2:c7:44:24:7c:e6:4c:d0:02:7f:e9:e1:fa:
03:d9:bc:d6:34:e6:ac:4c:38:80:e1:b3:93:5f:e3:c5:72:9f:
ad:e7:28:b4:6b:b4:5e:f9:be:c8:05:68:d5:82:15:b0:16:06:
47:b5:64:0f:82:9c:f7:26:dc:5a:1d:09:32:5e:cf:69:e2:32:
bd:ff:01:32:93:50:26:ca:56:16:d4:fa:a9:11:d3:9f:2c:ca:
6b:bd:5c:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJThuEIjsiUqdnWgoyw+hnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZmJkOGQ3MmJmZmJiY2Q3NzA3NmE2YTZjYzk5NGQzNjQy
ODQ5MTYwHhcNMjQwMTAyMDgzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhmNTAyMmE5Y2QzNWMyOWUzYjE2ZDg5Y2UzNDM3NjZkNzMwZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLKaUrAb51rEhgAOlzLI7ep5JpA+
5asXFP+Ea2YtQ7UYUYp+Dn4XcFyVAHK2N3ACap5u1ze1TMohlF1Jvkczn7otTZGX
Gh0eJPOrXTOzNiHzrE1ma5RRMlgp2lWqS8aJ61LabBK1s/HdK4OZv18hPr1XwAIM
kzI3c2ZvpdCyvZlM+YlRQTMa17vbv94Z000KOieAEWpgaB3mg1B2J7VM3wN6DVzc
xOxhM/rUo3cJ7v4hTliRd4RQUoKC1fp5zgUNLDImHUiRnCFNTb7ecLCnXoezbbdT
oliLfHcGyBM0usAF5Jk7iUm+93uZDnb92xkz1Rh3+jC/PdYagNMjJusfQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+PUCKpzTXCnjsW2JzjQ3Ztcw79MB8GA1UdIwQY
MBaAFAL72Ncr/7vNdwdqamzJlNNkKEkWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZ2WTF5dl91ODEzQjJwcWJNbVUwMlFvU1JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hZWNhYjEtMWRlOS00YmRmLTlhMTAt
MjNhZjU1ZTAxOTBkLzEvVDQ5UUlxbk5OY0tlT3hiWW5PTkRkbTF6RHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hZWNhYjEtMWRlOS00YmRmLTlhMTAtMjNhZjU1ZTAxOTBk
LzEvQXZ2WTF5dl91ODEzQjJwcWJNbVUwMlFvU1JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucIwMA0G
CSqGSIb3DQEBCwUAA4IBAQCLfUE2zNK9FTf/4D4JT/XuBUMIj8lakn1HU2uMjuET
XVzUBACKG1NAogMgF7ecPHtC8ZBQSKxSdyrqHkSB3xd5i3nwykE4Z0cq3Mdz2kod
gV2FevHC5IEiFpKdOpP3Q9UU2z4HKifwH7OrHuUBHC1f/Uok0DG6f8XkpZAFA0Pr
Qn7j4WsCq5G1wGXq2IyT9foPi5/5R/7LUlpeHe0LkrqIHTHwTZPfBvLHRCR85kzQ
An/p4foD2bzWNOasTDiA4bOTX+PFcp+t5yi0a7Re+b7IBWjVghWwFgZHtWQPgpz3
JtxaHQkyXs9p4jK9/wEyk1AmylYW1PqpEdOfLMprvVyI
-----END CERTIFICATE-----
Generated at Thu May 30 09:56:29 2024 by rpki-client on console-ams.rpki-client.org