Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pM79jX7MgzNCkD5dTQIgl-fmiNc.roa
File: pM79jX7MgzNCkD5dTQIgl-fmiNc.roa (raw, json)
Hash identifier: DnDlxhaVYncpRAL+eWsQ/U02d/RWeLrTaQdWIXscakE=
Subject key identifier: A4:CE:FD:8D:7E:CC:83:33:42:90:3E:5D:4D:02:20:97:E7:E6:88:D7
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EC7F5013045C1FC317AF4D970444F3AEF
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pM79jX7MgzNCkD5dTQIgl-fmiNc.roa
Signing time: Wed 10 Apr 2024 12:21:46 +0000
ROA not before: Wed 10 Apr 2024 12:21:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21487
IP address blocks: 46.48.128.0/20 maxlen: 20
80.73.64.0/19 maxlen: 19
80.73.64.0/20 maxlen: 20
80.73.80.0/20 maxlen: 20
91.185.224.0/19 maxlen: 19
91.185.240.0/20 maxlen: 20
94.245.128.0/18 maxlen: 18
94.245.128.0/19 maxlen: 19
94.245.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 01:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:f5:01:30:45:c1:fc:31:7a:f4:d9:70:44:4f:3a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 10 12:21:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4cefd8d7ecc833342903e5d4d022097e7e688d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:88:d1:29:0d:04:ce:f4:83:10:71:15:4c:00:
97:75:28:9b:10:b9:88:13:bb:2f:b5:b2:5a:09:ab:
6b:d6:51:7e:45:68:49:e3:97:1b:ac:fd:b3:eb:7d:
04:8a:a8:17:96:8a:33:52:ca:a3:db:57:e5:42:52:
e0:48:29:f6:96:52:7d:fd:39:86:9e:c6:e9:73:dc:
49:72:1c:73:dc:28:66:e0:5d:15:d4:4a:69:97:e9:
27:60:4e:09:8d:14:b1:c8:d6:3a:15:00:2e:cd:f6:
5a:1e:7d:65:ee:65:b9:62:39:ac:07:5e:bb:62:b3:
72:c7:34:05:49:b7:73:f0:da:6a:9c:a2:fe:15:bf:
57:62:cf:3d:75:57:ff:6f:ff:4c:22:aa:2d:63:50:
63:19:f9:52:24:f4:a3:06:50:19:fd:fb:10:2f:74:
51:eb:1d:51:53:48:b1:56:e1:31:c9:d8:cb:65:12:
19:4e:59:3e:0f:f0:3b:6a:f5:55:09:f2:c5:9c:01:
7e:4c:c0:f1:3e:71:72:08:b9:7a:10:36:9c:8a:8c:
93:65:14:63:65:16:93:44:73:23:c7:d5:ee:ff:35:
30:6c:8b:85:cc:f3:b7:95:18:76:79:76:78:6a:b0:
6e:b1:82:2f:77:76:2f:9e:68:c0:83:dc:d1:ff:2b:
bb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CE:FD:8D:7E:CC:83:33:42:90:3E:5D:4D:02:20:97:E7:E6:88:D7
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pM79jX7MgzNCkD5dTQIgl-fmiNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.48.128.0/20
80.73.64.0/19
91.185.224.0/19
94.245.128.0/18
Signature Algorithm: sha256WithRSAEncryption
93:e4:f4:f9:38:36:a0:a7:ed:bb:32:10:9d:31:52:66:d1:9f:
11:70:fb:06:8f:5f:f6:79:b9:59:50:ea:3c:ff:36:13:d7:1f:
3a:3b:84:d6:6c:fe:40:01:d5:19:33:b2:3b:23:14:c7:cd:ea:
67:4e:60:43:fb:3c:07:38:c6:d3:c8:f1:56:a4:01:b8:73:d4:
33:8e:d6:d1:f3:34:dc:3e:df:96:20:c0:62:04:18:ed:95:45:
b5:37:50:11:a8:d2:b5:d4:ad:d6:15:00:97:55:cb:19:e8:3c:
c7:80:cf:c8:3a:8a:f3:11:12:62:2a:9d:fa:d6:37:22:80:4b:
06:b2:94:b6:22:2d:02:41:6a:30:e2:3c:77:fc:92:b6:6a:3d:
36:f0:83:d4:a1:3a:25:67:e1:8d:9b:81:5f:4f:a3:f5:8d:57:
a4:29:df:7a:bf:f5:3a:a2:ff:60:69:d9:b2:19:1e:3c:be:ad:
d9:fa:a6:b2:09:77:6e:38:e9:bb:3c:c6:56:c9:9b:f3:c3:b3:
2d:21:21:15:ec:d3:87:f0:4f:ba:84:0d:e3:9f:e2:7f:ad:96:
3b:74:be:26:f1:ff:9c:7e:3a:6b:8f:f8:86:b1:4c:86:70:df:
1b:b6:a0:ca:85:3f:64:3b:ef:66:85:c5:5a:0a:0e:ee:4e:01:
a7:70:06:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7H9QEwRcH8MXr02XBETzrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDEwMTIyMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNlZmQ4ZDdlY2M4MzMzNDI5MDNlNWQ0ZDAyMjA5N2U3ZTY4OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIjRKQ0EzvSDEHEVTACXdSibELmI
E7svtbJaCatr1lF+RWhJ45cbrP2z630EiqgXloozUsqj21flQlLgSCn2llJ9/TmG
nsbpc9xJchxz3Chm4F0V1Eppl+knYE4JjRSxyNY6FQAuzfZaHn1l7mW5YjmsB167
YrNyxzQFSbdz8NpqnKL+Fb9XYs89dVf/b/9MIqotY1BjGflSJPSjBlAZ/fsQL3RR
6x1RU0ixVuExydjLZRIZTlk+D/A7avVVCfLFnAF+TMDxPnFyCLl6EDacioyTZRRj
ZRaTRHMjx9Xu/zUwbIuFzPO3lRh2eXZ4arBusYIvd3YvnmjAg9zR/yu7bwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKTO/Y1+zIMzQpA+XU0CIJfn5ojXMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcE03OWpYN01nek5Da0Q1ZFRRSWdsLWZtaU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQELjCAAwQF
UElAAwQFW7ngAwQGXvWAMA0GCSqGSIb3DQEBCwUAA4IBAQCT5PT5ODagp+27MhCd
MVJm0Z8RcPsGj1/2eblZUOo8/zYT1x86O4TWbP5AAdUZM7I7IxTHzepnTmBD+zwH
OMbTyPFWpAG4c9QzjtbR8zTcPt+WIMBiBBjtlUW1N1ARqNK11K3WFQCXVcsZ6DzH
gM/IOorzERJiKp361jcigEsGspS2Ii0CQWow4jx3/JK2aj028IPUoTolZ+GNm4Ff
T6P1jVekKd96v/U6ov9gadmyGR48vq3Z+qayCXduOOm7PMZWyZvzw7MtISEV7NOH
8E+6hA3jn+J/rZY7dL4m8f+cfjprj/iGsUyGcN8btqDKhT9kO+9mhcVaCg7uTgGn
cAZb
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:06:26 2024 by rpki-client on console-ams.rpki-client.org