Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/4yLxbkpxh95B0t-XvufTS2R4SYA.roa
File: 4yLxbkpxh95B0t-XvufTS2R4SYA.roa (raw, json)
Hash identifier: 1ApKWh+3R1n9/zb9ob11d4Ry5Glud1cmJUf7g2GfZUM=
Subject key identifier: E3:22:F1:6E:4A:71:87:DE:41:D2:DF:97:BE:E7:D3:4B:64:78:49:80
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018CC9BA94FAD17C76667656C87A941EC172
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/4yLxbkpxh95B0t-XvufTS2R4SYA.roa
Signing time: Tue 02 Jan 2024 10:31:37 +0000
ROA not before: Tue 02 Jan 2024 10:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 94.241.175.0/24 maxlen: 24
94.241.173.0/24 maxlen: 24
94.241.174.0/24 maxlen: 24
91.186.198.0/24 maxlen: 24
91.186.199.0/24 maxlen: 24
91.186.196.0/24 maxlen: 24
91.186.197.0/24 maxlen: 24
83.147.244.0/24 maxlen: 24
83.147.245.0/24 maxlen: 24
83.147.246.0/24 maxlen: 24
83.147.247.0/24 maxlen: 24
94.241.138.0/24 maxlen: 24
94.241.139.0/24 maxlen: 24
94.241.141.0/24 maxlen: 24
94.241.142.0/24 maxlen: 24
94.241.143.0/24 maxlen: 24
94.241.140.0/24 maxlen: 24
94.241.172.0/24 maxlen: 24
94.241.168.0/24 maxlen: 24
94.241.169.0/24 maxlen: 24
94.241.170.0/24 maxlen: 24
94.241.171.0/24 maxlen: 24
178.253.22.0/24 maxlen: 24
178.253.23.0/24 maxlen: 24
178.253.40.0/24 maxlen: 24
178.253.41.0/24 maxlen: 24
178.253.42.0/24 maxlen: 24
178.253.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:94:fa:d1:7c:76:66:76:56:c8:7a:94:1e:c1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 10:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e322f16e4a7187de41d2df97bee7d34b64784980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:96:3b:89:cc:73:93:db:db:db:f3:9e:30:
7a:43:15:62:d9:72:9b:4d:de:13:80:ee:ad:96:22:
6e:f7:e4:5e:15:1e:84:21:2d:f1:0f:e4:59:68:36:
aa:63:e8:4a:4f:a1:cc:54:8d:7a:f2:ec:16:a3:2c:
28:ff:a4:ab:64:f3:55:09:1b:c2:60:25:b4:e5:39:
5c:0d:1d:0e:6f:de:f2:3a:a9:b0:74:b6:e5:ee:a6:
b4:6c:55:1e:02:5b:3d:53:e1:2c:e8:2e:aa:ce:0b:
10:30:d7:08:7c:f5:dd:4b:c1:57:dd:01:01:ec:e6:
43:ab:82:75:3a:17:88:73:5e:84:fb:89:bc:00:95:
85:7b:6c:3f:81:41:73:2a:6f:b3:7b:29:38:f5:69:
fd:ee:e5:79:5d:29:64:d8:af:72:3a:7d:ab:cb:9a:
e5:c1:a9:e7:81:bd:c1:c9:f6:9c:10:48:12:39:41:
f5:02:f2:fe:46:f3:e5:ef:04:8d:c5:1d:27:a8:98:
a2:6a:dd:fd:16:55:13:45:f8:55:c1:f3:79:9f:8a:
4c:50:f5:7f:c6:5b:ea:51:c8:29:8b:21:d8:29:9a:
97:3d:df:b3:2a:78:40:e9:63:de:e0:d8:c2:42:64:
48:3f:07:94:70:da:83:37:a3:d8:1e:4d:c3:ad:46:
7a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:22:F1:6E:4A:71:87:DE:41:D2:DF:97:BE:E7:D3:4B:64:78:49:80
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/4yLxbkpxh95B0t-XvufTS2R4SYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.196.0/22
94.241.138.0-94.241.143.255
94.241.168.0/21
178.253.22.0/23
178.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
78:6b:ef:0a:46:05:50:52:6a:42:86:40:4d:0d:03:39:69:52:
65:16:c7:79:58:28:2b:c9:b7:6a:a0:23:24:95:42:42:ae:05:
73:75:cf:46:91:08:0d:39:e2:02:39:d4:51:68:ae:ec:d5:11:
0a:69:ed:ab:8b:74:e4:40:0b:fb:4e:25:ff:cd:ae:72:0c:1a:
d7:d1:18:8c:9e:e5:1a:b2:74:b2:a6:22:c1:e3:b5:53:10:6c:
21:d1:1e:68:bf:b8:cb:d0:51:15:4f:51:4f:17:89:e0:66:aa:
e4:a8:6e:d3:c1:ea:7c:08:5d:c8:29:a2:97:36:5b:4a:c2:9f:
6d:47:9e:a0:d1:1a:4a:1a:a5:d9:b6:c3:0a:79:d8:78:57:2b:
78:eb:6e:e1:2a:a6:fa:47:a8:08:38:48:20:37:62:bd:a0:65:
f5:3f:91:27:a1:0a:c2:90:b3:d9:5a:c0:a1:9f:f1:e7:b5:3e:
1f:23:cc:56:4d:7a:ea:9f:6e:29:4f:19:d2:e4:1e:11:29:05:
90:2f:5d:ff:36:20:d2:5c:db:79:53:09:92:3e:e2:c7:2a:dc:
5f:37:d5:b4:69:74:cc:ad:d6:8b:35:78:82:76:b3:2d:b3:76:
dd:a3:12:15:ba:04:b7:d2:98:f0:c0:4c:22:99:a7:0d:45:f8:
09:c2:43:8a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJupT60Xx2ZnZWyHqUHsFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTAyMTAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIyZjE2ZTRhNzE4N2RlNDFkMmRmOTdiZWU3ZDM0YjY0Nzg0OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2CWO4nMc5Pb29vznjB6QxVi2XKb
Td4TgO6tliJu9+ReFR6EIS3xD+RZaDaqY+hKT6HMVI168uwWoywo/6SrZPNVCRvC
YCW05TlcDR0Ob97yOqmwdLbl7qa0bFUeAls9U+Es6C6qzgsQMNcIfPXdS8FX3QEB
7OZDq4J1OheIc16E+4m8AJWFe2w/gUFzKm+zeyk49Wn97uV5XSlk2K9yOn2ry5rl
wanngb3ByfacEEgSOUH1AvL+RvPl7wSNxR0nqJiiat39FlUTRfhVwfN5n4pMUPV/
xlvqUcgpiyHYKZqXPd+zKnhA6WPe4NjCQmRIPweUcNqDN6PYHk3DrUZ6qwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOMi8W5KcYfeQdLfl77n00tkeEmAMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNHlMeGJrcHhoOTVCMHQtWHZ1ZlRTMlI0U1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU5P0AwQC
W7rEMAwDBAFe8YoDBARe8YADBANe8agDBAGy/RYDBAKy/SgwDQYJKoZIhvcNAQEL
BQADggEBAHhr7wpGBVBSakKGQE0NAzlpUmUWx3lYKCvJt2qgIySVQkKuBXN1z0aR
CA054gI51FForuzVEQpp7auLdORAC/tOJf/NrnIMGtfRGIye5RqydLKmIsHjtVMQ
bCHRHmi/uMvQURVPUU8XieBmquSobtPB6nwIXcgpopc2W0rCn21HnqDRGkoapdm2
wwp52HhXK3jrbuEqpvpHqAg4SCA3Yr2gZfU/kSehCsKQs9lawKGf8ee1Ph8jzFZN
euqfbilPGdLkHhEpBZAvXf82INJc23lTCZI+4scq3F831bRpdMyt1os1eIJ2sy2z
dt2jEhW6BLfSmPDATCKZpw1F+AnCQ4o=
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:45:52 2024 by rpki-client on console-ams.rpki-client.org