Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/4AS-0AOLUx__wmNhCGTeWPEnAQo.roa
File: 4AS-0AOLUx__wmNhCGTeWPEnAQo.roa (raw, json)
Hash identifier: 1yOTh34TCVsaX9HiMqqafQzrMBKAhMm9U+yl1SEcoNw=
Subject key identifier: E0:04:BE:D0:03:8B:53:1F:FF:C2:63:61:08:64:DE:58:F1:27:01:0A
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA497F736DE6FAED45BB31A769C834
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/4AS-0AOLUx__wmNhCGTeWPEnAQo.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34624
IP address blocks: 62.80.124.0/24 maxlen: 24
62.80.125.0/24 maxlen: 24
62.80.126.0/24 maxlen: 24
62.80.127.0/24 maxlen: 24
62.93.200.0/24 maxlen: 24
62.93.216.0/23 maxlen: 23
82.98.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:49:7f:73:6d:e6:fa:ed:45:bb:31:a7:69:c8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e004bed0038b531fffc263610864de58f127010a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5b:c8:42:84:7c:c0:8d:75:08:71:eb:45:94:
ef:ab:68:75:2e:9c:53:bd:91:12:96:e4:e9:fa:16:
bc:4b:aa:08:14:b9:d3:b1:c1:11:eb:6f:18:37:16:
ef:42:61:89:0f:77:ff:82:69:4c:6a:e7:b6:ff:13:
3f:a3:8f:cb:91:2d:21:8f:35:60:7b:8c:ed:69:2e:
dd:82:a6:7d:2e:ce:ea:5c:bd:68:8a:2f:54:9a:ac:
10:42:93:65:4d:94:83:57:d4:96:34:a2:bb:a6:74:
7d:48:7a:a2:43:00:78:11:83:52:7f:3f:fe:fd:bc:
eb:94:6d:db:8a:1d:03:11:b7:ca:e4:f8:fd:8a:60:
9a:b7:b5:e3:40:3e:57:52:e7:a1:3b:f1:c8:e7:3f:
56:87:03:97:ca:4f:e4:ab:61:5f:bc:b9:6b:3f:01:
5e:3b:3e:b6:2c:5a:ca:ca:50:8d:69:aa:5e:65:b2:
56:e9:fb:8c:a1:b4:5e:76:bb:8d:06:8b:24:5a:8a:
37:f5:4f:b1:4d:19:e3:df:cc:7d:bd:84:13:7e:b2:
51:e9:fc:6f:f5:56:07:8d:4f:ea:bd:38:66:e8:ca:
b5:47:3f:9c:df:5b:a0:cf:9b:40:b1:7d:2b:0c:a6:
87:70:ce:40:5c:f8:5a:80:a6:b2:38:f6:5c:21:fc:
78:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:04:BE:D0:03:8B:53:1F:FF:C2:63:61:08:64:DE:58:F1:27:01:0A
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/4AS-0AOLUx__wmNhCGTeWPEnAQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.80.124.0/22
62.93.200.0/24
62.93.216.0/23
82.98.201.0/24
Signature Algorithm: sha256WithRSAEncryption
41:48:64:5c:fc:d6:cb:20:f2:1d:60:4b:4c:06:98:ab:e7:32:
8b:8b:be:2f:ef:d2:e3:68:a2:d1:f3:c3:82:92:80:1e:09:e5:
06:a1:de:fd:af:7a:d0:6f:08:8d:46:90:2d:ab:24:3c:c9:f6:
c9:82:20:95:3f:56:ae:db:1d:83:13:b5:8b:50:58:3d:08:e8:
af:af:50:e9:42:6e:cc:d1:79:f6:9e:2b:46:b0:45:3e:f6:94:
5e:c7:3e:71:af:d3:30:71:8c:b8:c7:96:43:4e:58:8e:92:be:
76:70:16:98:1f:49:c5:4d:59:69:a2:ba:57:0d:68:8a:96:6a:
be:3a:25:a3:65:7b:96:de:52:eb:37:e2:f0:c9:bb:4a:43:09:
52:8a:e8:bd:81:84:9f:45:8d:1b:0d:d8:10:c6:20:03:20:bd:
b7:25:8c:2e:c7:e8:79:3a:4d:b1:d9:5f:0b:15:0e:3f:5a:3c:
2a:f4:e7:88:7c:6c:b0:b4:2d:15:9f:a3:01:fb:7d:6d:36:d5:
ac:f0:de:4e:ec:ce:21:a5:cb:b7:64:45:07:c4:3f:e5:31:c3:
12:ee:70:82:40:67:11:ae:03:23:a9:47:c6:05:f3:0c:0a:36:
1e:7e:25:ab:bd:65:8c:4a:97:24:55:5c:cd:a3:c3:1d:e6:8d:
d9:0b:97:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+kl/c23m+u1FuzGnacg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA0YmVkMDAzOGI1MzFmZmZjMjYzNjEwODY0ZGU1OGYxMjcwMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vIQoR8wI11CHHrRZTvq2h1LpxT
vZESluTp+ha8S6oIFLnTscER628YNxbvQmGJD3f/gmlMaue2/xM/o4/LkS0hjzVg
e4ztaS7dgqZ9Ls7qXL1oii9UmqwQQpNlTZSDV9SWNKK7pnR9SHqiQwB4EYNSfz/+
/bzrlG3bih0DEbfK5Pj9imCat7XjQD5XUuehO/HI5z9WhwOXyk/kq2FfvLlrPwFe
Oz62LFrKylCNaapeZbJW6fuMobRedruNBoskWoo39U+xTRnj38x9vYQTfrJR6fxv
9VYHjU/qvThm6Mq1Rz+c31ugz5tAsX0rDKaHcM5AXPhagKayOPZcIfx4owIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOAEvtADi1Mf/8JjYQhk3ljxJwEKMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvNEFTLTBBT0xVeF9fd21OaENHVGVXUEVuQVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPlB8AwQA
Pl3IAwQBPl3YAwQAUmLJMA0GCSqGSIb3DQEBCwUAA4IBAQBBSGRc/NbLIPIdYEtM
Bpir5zKLi74v79LjaKLR88OCkoAeCeUGod79r3rQbwiNRpAtqyQ8yfbJgiCVP1au
2x2DE7WLUFg9COivr1DpQm7M0Xn2nitGsEU+9pRexz5xr9MwcYy4x5ZDTliOkr52
cBaYH0nFTVlporpXDWiKlmq+OiWjZXuW3lLrN+LwybtKQwlSiui9gYSfRY0bDdgQ
xiADIL23JYwux+h5Ok2x2V8LFQ4/Wjwq9OeIfGywtC0Vn6MB+31tNtWs8N5O7M4h
pcu3ZEUHxD/lMcMS7nCCQGcRrgMjqUfGBfMMCjYefiWrvWWMSpckVVzNo8Md5o3Z
C5fw
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:02:54 2025 by rpki-client