Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/41Pif-TKczBdJYZUIX5PwT40VHY.roa
File: 41Pif-TKczBdJYZUIX5PwT40VHY.roa (raw, json)
Hash identifier: Gha/tM/uot0nP+BbzFnPS4LnvHBFim1hcx5ujKHhQZ4=
Subject key identifier: E3:53:E2:7F:E4:CA:73:30:5D:25:86:54:21:7E:4F:C1:3E:34:54:76
Certificate issuer: /CN=ff70868f0c2c218765fa6b53ab9af065ff339f06
Certificate serial: 018CC94E321B2F18135BC43F0042A6BAAB14
Authority key identifier: FF:70:86:8F:0C:2C:21:87:65:FA:6B:53:AB:9A:F0:65:FF:33:9F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3CGjwwsIYdl-mtTq5rwZf8znwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/41Pif-TKczBdJYZUIX5PwT40VHY.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207872
IP address blocks: 185.213.44.0/24 maxlen: 24
178.236.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/_3CGjwwsIYdl-mtTq5rwZf8znwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/_3CGjwwsIYdl-mtTq5rwZf8znwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_3CGjwwsIYdl-mtTq5rwZf8znwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:32:1b:2f:18:13:5b:c4:3f:00:42:a6:ba:ab:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff70868f0c2c218765fa6b53ab9af065ff339f06
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e353e27fe4ca73305d258654217e4fc13e345476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bc:09:cf:e7:0e:26:37:60:43:b7:4d:73:11:
7b:2f:0e:9a:2c:02:81:7a:2f:c2:dc:e6:cc:f2:07:
20:35:73:a7:1f:d8:8b:54:72:50:ca:a9:a3:77:ea:
13:2f:0b:17:02:f3:b7:96:53:5f:18:02:91:82:97:
9e:c7:2a:a1:47:ea:0d:2d:52:11:46:16:86:f3:46:
c0:bb:be:71:95:f6:1e:49:83:4d:c8:79:0d:61:7d:
e3:05:75:20:39:7f:ec:0d:2c:e9:e7:1c:62:1d:6c:
11:62:d9:a4:d7:a9:d7:a3:09:a8:90:81:13:db:55:
59:6b:2d:0b:bb:53:24:c3:42:ba:83:4e:f3:4f:dd:
2e:0e:67:57:c8:1d:08:ed:f0:3e:b2:21:13:ae:fc:
6e:c8:65:cd:89:4f:66:e4:72:ba:7a:63:64:11:25:
d7:29:10:95:54:4f:0a:11:af:c4:35:5a:a1:d0:55:
d6:c8:78:e8:68:29:c4:b8:7f:b9:01:39:5f:48:83:
0c:b7:0d:86:74:66:6e:e0:df:52:da:ae:1d:2e:bd:
6f:e7:2b:d6:2a:5f:73:54:1c:04:f7:f3:0a:71:21:
a6:4d:cd:60:e7:59:29:e8:eb:af:b1:d8:cb:cf:b0:
4f:60:43:da:a0:6a:cf:f7:0e:8c:25:54:da:7a:ab:
b5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:53:E2:7F:E4:CA:73:30:5D:25:86:54:21:7E:4F:C1:3E:34:54:76
X509v3 Authority Key Identifier:
keyid:FF:70:86:8F:0C:2C:21:87:65:FA:6B:53:AB:9A:F0:65:FF:33:9F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3CGjwwsIYdl-mtTq5rwZf8znwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/41Pif-TKczBdJYZUIX5PwT40VHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/_3CGjwwsIYdl-mtTq5rwZf8znwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.203.0/24
185.213.44.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:59:b5:9f:ab:54:8b:7e:5f:bb:dd:c8:73:f2:b2:a2:a2:f8:
64:4e:61:b8:d9:14:72:90:43:df:b4:b0:18:2f:ef:b7:f8:d7:
f6:79:7d:b9:2c:98:1c:e2:2d:01:67:b0:a5:30:d1:9b:e4:20:
43:da:91:10:66:fd:53:b1:dc:1c:1a:d3:c8:01:a4:c8:d1:e3:
e2:a5:cf:4c:bc:8a:f9:e8:f5:2d:64:d1:c1:42:fc:36:48:d3:
d2:9a:6d:04:a6:67:a9:79:02:de:e2:f5:0f:bb:57:9d:56:1f:
2c:63:db:51:a4:4e:8f:1e:2d:73:7f:c9:e0:d3:70:31:55:36:
fe:b1:eb:05:de:41:cd:8b:da:56:3b:56:26:75:e0:93:94:04:
bc:18:f7:24:d0:6c:24:dc:56:0e:f3:16:a0:91:29:44:de:ae:
e5:1e:6d:42:fd:cc:3f:d1:94:8c:fb:4e:55:63:e8:ee:4e:a0:
1d:30:75:17:74:fb:b7:13:4e:02:72:e6:1b:be:0d:c6:2b:ce:
9a:13:eb:fd:77:c0:1a:ad:76:fd:5c:a1:04:4a:9a:1a:e8:14:
62:15:af:c1:e9:5b:c2:a8:95:49:41:7f:7e:a8:9e:a9:73:f0:
7c:59:f3:bc:71:5c:20:3d:57:6d:4d:db:8c:0b:bb:43:c9:a8:
48:a8:79:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTjIbLxgTW8Q/AEKmuqsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzA4NjhmMGMyYzIxODc2NWZhNmI1M2FiOWFmMDY1ZmYz
MzlmMDYwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUzZTI3ZmU0Y2E3MzMwNWQyNTg2NTQyMTdlNGZjMTNlMzQ1NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLwJz+cOJjdgQ7dNcxF7Lw6aLAKB
ei/C3ObM8gcgNXOnH9iLVHJQyqmjd+oTLwsXAvO3llNfGAKRgpeexyqhR+oNLVIR
RhaG80bAu75xlfYeSYNNyHkNYX3jBXUgOX/sDSzp5xxiHWwRYtmk16nXowmokIET
21VZay0Lu1Mkw0K6g07zT90uDmdXyB0I7fA+siETrvxuyGXNiU9m5HK6emNkESXX
KRCVVE8KEa/ENVqh0FXWyHjoaCnEuH+5ATlfSIMMtw2GdGZu4N9S2q4dLr1v5yvW
Kl9zVBwE9/MKcSGmTc1g51kp6OuvsdjLz7BPYEPaoGrP9w6MJVTaequ1zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFONT4n/kynMwXSWGVCF+T8E+NFR2MB8GA1UdIwQY
MBaAFP9who8MLCGHZfprU6ua8GX/M58GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNDR2p3d3NJWWRsLW10VHE1cndaZjh6bndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNTRiM2ItNWQ3Ni00OWQ1LWE1NmMt
MDA3YzRlNTg1MjdlLzEvNDFQaWYtVEtjekJkSllaVUlYNVB3VDQwVkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNTRiM2ItNWQ3Ni00OWQ1LWE1NmMtMDA3YzRlNTg1Mjdl
LzEvXzNDR2p3d3NJWWRsLW10VHE1cndaZjh6bndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsuzLAwQA
udUsMA0GCSqGSIb3DQEBCwUAA4IBAQCqWbWfq1SLfl+73chz8rKiovhkTmG42RRy
kEPftLAYL++3+Nf2eX25LJgc4i0BZ7ClMNGb5CBD2pEQZv1TsdwcGtPIAaTI0ePi
pc9MvIr56PUtZNHBQvw2SNPSmm0EpmepeQLe4vUPu1edVh8sY9tRpE6PHi1zf8ng
03AxVTb+sesF3kHNi9pWO1YmdeCTlAS8GPck0Gwk3FYO8xagkSlE3q7lHm1C/cw/
0ZSM+05VY+juTqAdMHUXdPu3E04CcuYbvg3GK86aE+v9d8AarXb9XKEESpoa6BRi
Fa/B6VvCqJVJQX9+qJ6pc/B8WfO8cVwgPVdtTduMC7tDyahIqHlW
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:03:28 2024 by rpki-client on console-fra.rpki-client.org