Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/beazcw82HhSksIHh2UMVX0ns6vM.roa
File: beazcw82HhSksIHh2UMVX0ns6vM.roa (raw, json)
Hash identifier: EZemvcxQHRb7CBg2BPba/+E+9X6acTrnpUHLKTfTDso=
Subject key identifier: 6D:E6:B3:73:0F:36:1E:14:A4:B0:81:E1:D9:43:15:5F:49:EC:EA:F3
Certificate issuer: /CN=4a88f3ab94a07587220e3d716f7b717df1d9e6d6
Certificate serial: 018CC500234DE2FD2FDA789940019A3393DF
Authority key identifier: 4A:88:F3:AB:94:A0:75:87:22:0E:3D:71:6F:7B:71:7D:F1:D9:E6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sojzq5SgdYciDj1xb3txffHZ5tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/beazcw82HhSksIHh2UMVX0ns6vM.roa
Signing time: Mon 01 Jan 2024 12:29:29 +0000
ROA not before: Mon 01 Jan 2024 12:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49567
IP address blocks: 84.252.108.0/22 maxlen: 22
185.76.224.0/22 maxlen: 22
31.217.240.0/21 maxlen: 21
45.154.100.0/22 maxlen: 22
185.213.132.0/22 maxlen: 22
45.155.24.0/22 maxlen: 22
94.198.120.0/21 maxlen: 21
2a03:7100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/Sojzq5SgdYciDj1xb3txffHZ5tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/Sojzq5SgdYciDj1xb3txffHZ5tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sojzq5SgdYciDj1xb3txffHZ5tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:23:4d:e2:fd:2f:da:78:99:40:01:9a:33:93:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a88f3ab94a07587220e3d716f7b717df1d9e6d6
Validity
Not Before: Jan 1 12:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6de6b3730f361e14a4b081e1d943155f49eceaf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:99:d2:4d:e2:1b:88:3c:88:d5:67:9e:c9:3c:
bd:69:dc:94:8a:c2:d5:11:6e:9a:68:34:d6:02:52:
07:3b:71:9b:24:af:c3:50:23:c0:c6:8d:55:0f:57:
6f:bd:5c:fc:7c:64:0a:4c:6e:1e:e9:19:c6:c8:8c:
81:c5:81:75:5a:33:f3:cd:92:05:70:18:dc:9c:ee:
a6:1b:0e:15:71:01:17:be:52:e9:1d:d5:59:cb:a2:
c3:b3:51:da:fc:61:24:d3:9e:47:26:fa:60:d8:9a:
8f:9e:83:02:15:5e:3c:4e:fe:be:3f:f5:02:33:33:
5e:9b:df:53:98:d4:dc:3b:e3:d6:d2:24:85:c7:6c:
41:c1:c6:cb:de:34:bf:9d:03:3f:d5:d2:2a:9f:72:
49:84:30:ee:5f:cc:eb:d2:d2:26:8a:30:1e:e3:ff:
c7:05:37:21:75:d4:a0:2c:19:e1:16:75:90:d7:13:
e2:9a:ad:88:71:f2:6a:a5:20:a6:1a:0c:c8:09:b6:
03:7c:6e:7b:54:ca:6f:99:a5:ae:0b:0c:eb:ff:e8:
a2:23:7f:9d:35:12:f2:27:ed:89:e2:23:68:ab:18:
ab:31:9c:fb:50:f2:b3:64:b0:9e:88:6d:2d:ae:7a:
25:63:7b:87:ef:f7:e3:59:cd:9c:d6:85:d6:b0:a7:
f5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E6:B3:73:0F:36:1E:14:A4:B0:81:E1:D9:43:15:5F:49:EC:EA:F3
X509v3 Authority Key Identifier:
keyid:4A:88:F3:AB:94:A0:75:87:22:0E:3D:71:6F:7B:71:7D:F1:D9:E6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sojzq5SgdYciDj1xb3txffHZ5tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/beazcw82HhSksIHh2UMVX0ns6vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/Sojzq5SgdYciDj1xb3txffHZ5tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.240.0/21
45.154.100.0/22
45.155.24.0/22
84.252.108.0/22
94.198.120.0/21
185.76.224.0/22
185.213.132.0/22
IPv6:
2a03:7100::/29
Signature Algorithm: sha256WithRSAEncryption
26:a0:f0:3b:cf:82:e2:01:da:d3:e5:47:55:99:91:f6:06:da:
e2:8f:a4:77:81:11:3a:f4:f2:4e:06:84:bf:c1:b5:3c:ee:78:
08:62:f6:48:a7:dd:d5:68:e6:20:53:35:6c:14:7d:ae:4f:a6:
3c:3e:4e:94:f7:6c:74:20:f7:49:2f:4c:5b:df:6e:2e:5a:8f:
4f:d5:e7:63:be:50:67:fa:7c:b4:6e:c6:03:47:c1:c3:05:23:
d1:75:13:7b:9f:63:84:c0:14:cf:9c:db:67:38:f5:53:2a:07:
73:c4:b9:5d:2e:bf:3c:93:ba:74:ac:a1:14:e3:cd:cf:5c:7d:
1e:25:2e:9e:cc:a4:ee:83:98:ec:3d:22:83:06:da:b4:2f:b1:
76:52:b9:4b:b3:c5:10:e6:3e:84:07:af:2b:f9:af:72:3c:62:
1a:f1:59:32:09:e3:9b:4c:a6:c6:64:c2:79:e7:b0:6e:d8:20:
4f:75:48:5c:c3:c5:71:78:d5:36:dc:9b:fb:f3:8b:c7:6e:81:
41:18:28:04:9d:5a:7a:ce:c6:80:e4:97:36:0c:1d:68:65:0a:
7c:0b:b4:1b:3e:b6:79:a0:bb:06:8c:0c:46:50:da:76:d6:a8:
35:d8:20:3c:1f:b6:f4:10:1c:fe:67:e2:7a:c3:06:b0:a5:c9:
82:84:99:8e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFACNN4v0v2niZQAGaM5PfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhODhmM2FiOTRhMDc1ODcyMjBlM2Q3MTZmN2I3MTdkZjFk
OWU2ZDYwHhcNMjQwMTAxMTIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU2YjM3MzBmMzYxZTE0YTRiMDgxZTFkOTQzMTU1ZjQ5ZWNlYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JnSTeIbiDyI1WeeyTy9adyUisLV
EW6aaDTWAlIHO3GbJK/DUCPAxo1VD1dvvVz8fGQKTG4e6RnGyIyBxYF1WjPzzZIF
cBjcnO6mGw4VcQEXvlLpHdVZy6LDs1Ha/GEk055HJvpg2JqPnoMCFV48Tv6+P/UC
MzNem99TmNTcO+PW0iSFx2xBwcbL3jS/nQM/1dIqn3JJhDDuX8zr0tImijAe4//H
BTchddSgLBnhFnWQ1xPimq2IcfJqpSCmGgzICbYDfG57VMpvmaWuCwzr/+iiI3+d
NRLyJ+2J4iNoqxirMZz7UPKzZLCeiG0trnolY3uH7/fjWc2c1oXWsKf17QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFG3ms3MPNh4UpLCB4dlDFV9J7OrzMB8GA1UdIwQY
MBaAFEqI86uUoHWHIg49cW97cX3x2ebWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29qenE1U2dkWWNpRGoxeGIzdHhmZkhaNXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85MzZkZDItMGM5YS00OGU5LWFhNzEt
ZDQ1MTljNTM5YzlhLzEvYmVhemN3ODJIaFNrc0lIaDJVTVZYMG5zNnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85MzZkZDItMGM5YS00OGU5LWFhNzEtZDQ1MTljNTM5Yzlh
LzEvU29qenE1U2dkWWNpRGoxeGIzdHhmZkhaNXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDH9nwAwQC
LZpkAwQCLZsYAwQCVPxsAwQDXsZ4AwQCuUzgAwQCudWEMA0EAgACMAcDBQMqA3EA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmoPA7z4LiAdrT5UdVmZH2Btrij6R3gRE69PJO
BoS/wbU87ngIYvZIp93VaOYgUzVsFH2uT6Y8Pk6U92x0IPdJL0xb324uWo9P1edj
vlBn+ny0bsYDR8HDBSPRdRN7n2OEwBTPnNtnOPVTKgdzxLldLr88k7p0rKEU483P
XH0eJS6ezKTug5jsPSKDBtq0L7F2UrlLs8UQ5j6EB68r+a9yPGIa8VkyCeObTKbG
ZMJ557Bu2CBPdUhcw8VxeNU23Jv784vHboFBGCgEnVp6zsaA5Jc2DB1oZQp8C7Qb
PrZ5oLsGjAxGUNp21qg12CA8H7b0EBz+Z+J6wwawpcmChJmO
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:45:12 2024 by rpki-client on console-ams.rpki-client.org