Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/0MMlTOafsvjPnJ0Nr7utQ-m_SC8.roa
File: 0MMlTOafsvjPnJ0Nr7utQ-m_SC8.roa (raw, json)
Hash identifier: rpzJggMk77mvxmDb/Et6ioDxHiflNIsEH1g2ICBD3wA=
Subject key identifier: D0:C3:25:4C:E6:9F:B2:F8:CF:9C:9D:0D:AF:BB:AD:43:E9:BF:48:2F
Certificate issuer: /CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Certificate serial: 018CC348B5193D52F79065A919704655D66B
Authority key identifier: CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/0MMlTOafsvjPnJ0Nr7utQ-m_SC8.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15533
IP address blocks: 185.4.4.0/24 maxlen: 24
185.4.4.0/22 maxlen: 24
185.4.5.0/24 maxlen: 24
185.4.7.0/24 maxlen: 24
185.4.6.0/24 maxlen: 24
2a02:5e40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b5:19:3d:52:f7:90:65:a9:19:70:46:55:d6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0c3254ce69fb2f8cf9c9d0dafbbad43e9bf482f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ae:13:be:4b:de:17:0f:9b:12:3f:d5:1f:90:
0c:3a:41:94:5b:af:be:f3:e4:04:a0:ce:57:21:95:
49:47:e2:00:b8:bf:0e:b7:63:f5:b0:89:f2:a0:2b:
37:70:5d:f9:ba:86:3d:5d:6b:4d:84:d7:a7:43:a7:
4c:94:0f:4b:39:f9:a1:4d:cd:2a:27:a2:34:ea:f6:
d6:b3:9b:fa:58:e8:1b:0c:38:96:ad:33:aa:f7:58:
af:a8:83:ac:0b:ab:53:29:7e:28:f6:aa:53:b7:69:
81:b6:08:be:a0:85:85:c9:89:d6:07:9f:d3:a4:b6:
61:c3:78:85:81:88:f5:68:2f:cc:52:9c:d7:cd:3b:
a2:6c:21:7d:4c:38:05:6a:34:b3:97:21:67:21:1c:
71:2b:80:c2:4c:0a:20:ca:71:90:35:69:8f:62:45:
d1:d2:74:5f:c9:19:f3:8e:da:fd:f4:4a:97:78:8a:
d8:0c:41:35:1a:77:95:6d:56:a4:ab:69:36:eb:cb:
4e:de:0f:dc:b4:03:e3:39:12:58:19:b9:6c:9a:9e:
84:6d:92:a0:6e:3c:54:92:12:e9:55:98:a4:f7:29:
7c:fe:fc:81:35:69:1e:64:7f:c4:9c:47:7a:52:42:
63:e7:62:74:0b:24:35:fd:35:8b:2d:da:3a:84:a0:
ce:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C3:25:4C:E6:9F:B2:F8:CF:9C:9D:0D:AF:BB:AD:43:E9:BF:48:2F
X509v3 Authority Key Identifier:
keyid:CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/0MMlTOafsvjPnJ0Nr7utQ-m_SC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.4.0/22
IPv6:
2a02:5e40::/32
Signature Algorithm: sha256WithRSAEncryption
45:84:ce:56:31:8b:0d:0d:7c:ac:52:25:23:6a:6e:0d:25:ba:
0b:08:b8:cf:90:33:d1:5d:34:13:4c:a2:be:58:28:03:ea:35:
4b:c4:7c:6e:21:34:41:fb:33:58:4f:c8:d9:85:1d:51:75:a0:
90:9c:ab:b1:64:64:9b:5a:da:55:fb:7e:5d:76:6f:11:41:ce:
80:9e:3c:6e:d3:f1:ef:e4:3c:8f:7d:6c:95:20:14:fc:cf:38:
5c:31:79:fd:40:6a:60:a0:ce:7b:cb:0a:ec:2d:8e:b5:2d:e6:
d3:89:dd:d4:55:b2:47:da:d3:85:b4:91:d7:4c:27:61:a3:04:
68:f9:83:c3:ed:53:7c:18:a1:33:82:98:b0:7a:fb:2c:7f:72:
c1:53:85:7f:f3:c7:f7:39:d8:58:8e:78:e8:32:03:3b:a2:38:
b4:33:c6:63:1f:60:2e:56:98:b8:d1:64:fd:7e:17:46:3e:5f:
23:d7:d2:e1:ab:11:fe:4b:05:81:de:da:d0:db:54:a5:cb:b2:
97:ef:ba:c3:39:b7:be:76:bb:9f:a5:c6:9f:36:68:26:4a:0a:
5e:a3:d1:64:c5:e1:c0:56:c3:83:d4:50:f9:b3:79:3a:b3:28:
0b:23:d0:35:03:96:cc:19:70:ad:49:6d:e4:dc:0b:fa:31:d3:
c4:47:64:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSLUZPVL3kGWpGXBGVdZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMGMyZGFjYWZkZmE1Mzk5N2VkM2IwYTcwZGZiYzI3MGE5
MzNiZjQwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGMzMjU0Y2U2OWZiMmY4Y2Y5YzlkMGRhZmJiYWQ0M2U5YmY0ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3a4TvkveFw+bEj/VH5AMOkGUW6++
8+QEoM5XIZVJR+IAuL8Ot2P1sInyoCs3cF35uoY9XWtNhNenQ6dMlA9LOfmhTc0q
J6I06vbWs5v6WOgbDDiWrTOq91ivqIOsC6tTKX4o9qpTt2mBtgi+oIWFyYnWB5/T
pLZhw3iFgYj1aC/MUpzXzTuibCF9TDgFajSzlyFnIRxxK4DCTAogynGQNWmPYkXR
0nRfyRnzjtr99EqXeIrYDEE1GneVbVakq2k268tO3g/ctAPjORJYGblsmp6EbZKg
bjxUkhLpVZik9yl8/vyBNWkeZH/EnEd6UkJj52J0CyQ1/TWLLdo6hKDOHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNDDJUzmn7L4z5ydDa+7rUPpv0gvMB8GA1UdIwQY
MBaAFMoMLayv36U5l+07CnDfvCcKkzv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWd3dHJLX2ZwVG1YN1RzS2NOLThKd3FUT19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83MzM1OTgtNzRlOC00N2FhLThjOGUt
OTllYzg4YzQ3NzYwLzEvME1NbFRPYWZzdmpQbkowTnI3dXRRLW1fU0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83MzM1OTgtNzRlOC00N2FhLThjOGUtOTllYzg4YzQ3NzYw
LzEveWd3dHJLX2ZwVG1YN1RzS2NOLThKd3FUT19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQQEMA0E
AgACMAcDBQAqAl5AMA0GCSqGSIb3DQEBCwUAA4IBAQBFhM5WMYsNDXysUiUjam4N
JboLCLjPkDPRXTQTTKK+WCgD6jVLxHxuITRB+zNYT8jZhR1RdaCQnKuxZGSbWtpV
+35ddm8RQc6Anjxu0/Hv5DyPfWyVIBT8zzhcMXn9QGpgoM57ywrsLY61LebTid3U
VbJH2tOFtJHXTCdhowRo+YPD7VN8GKEzgpiwevssf3LBU4V/88f3OdhYjnjoMgM7
oji0M8ZjH2AuVpi40WT9fhdGPl8j19LhqxH+SwWB3trQ21Sly7KX77rDObe+druf
pcafNmgmSgpeo9FkxeHAVsOD1FD5s3k6sygLI9A1A5bMGXCtSW3k3Av6MdPER2RH
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:03:12 2024 by rpki-client on console-fra.rpki-client.org