Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/4_uE92JJ6Wax19ykIjh69rQfyWI.roa
File: 4_uE92JJ6Wax19ykIjh69rQfyWI.roa (raw, json)
Hash identifier: hNyGvRJhv0SmBqrno/Q7DbItqDQeEfvSxlFj0P2QLcA=
Subject key identifier: E3:FB:84:F7:62:49:E9:66:B1:D7:DC:A4:22:38:7A:F6:B4:1F:C9:62
Certificate issuer: /CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Certificate serial: 018CCA2A6688106FF35E707A9FB700C8B5AE
Authority key identifier: 80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/4_uE92JJ6Wax19ykIjh69rQfyWI.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210078
IP address blocks: 91.247.125.0/24 maxlen: 24
91.247.122.0/24 maxlen: 24
91.247.120.0/23 maxlen: 23
109.200.136.0/22 maxlen: 22
109.200.140.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 11:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:66:88:10:6f:f3:5e:70:7a:9f:b7:00:c8:b5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3fb84f76249e966b1d7dca422387af6b41fc962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:11:50:3f:30:58:03:42:ad:33:5f:a7:3b:77:
31:e7:a7:81:b1:eb:64:ba:4b:d5:c5:6a:d0:f9:6e:
02:eb:73:f3:72:f1:4b:4f:91:e3:9f:35:6e:bb:ec:
84:f0:48:52:e1:a0:1a:7f:9f:77:0d:32:bc:86:7b:
37:a3:12:e3:23:04:b2:8d:89:fe:db:9c:b2:4b:27:
f8:3a:63:69:0c:4a:02:2f:e3:7d:a0:5d:a8:0a:b2:
b7:ea:45:b7:33:3c:77:8f:ed:c0:2b:c5:81:47:b9:
37:71:cf:e9:36:85:0b:d7:a0:21:56:bb:79:bc:b5:
c2:a7:e3:2b:38:c6:ef:03:8d:a9:3d:01:a0:9a:d0:
f5:ea:3c:8d:41:be:76:80:ac:0a:da:88:73:6d:f6:
16:fd:29:2d:b2:4e:57:0b:01:48:3a:34:33:dd:fa:
5d:fb:56:68:fa:0e:23:c7:55:55:fb:a0:56:1a:26:
54:5d:a1:99:02:e3:6d:0b:b9:d5:8c:31:b0:8a:7f:
9b:69:0b:50:6d:ea:cf:27:4e:74:e5:d4:10:4f:0c:
9e:5b:f2:d7:82:72:99:99:b2:1c:2d:23:ec:22:f0:
ff:35:4e:15:11:22:26:63:fb:d4:8e:03:31:7c:b0:
04:8a:06:fa:75:85:b2:fb:2a:56:e6:d1:91:12:31:
d7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FB:84:F7:62:49:E9:66:B1:D7:DC:A4:22:38:7A:F6:B4:1F:C9:62
X509v3 Authority Key Identifier:
keyid:80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/4_uE92JJ6Wax19ykIjh69rQfyWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.120.0-91.247.122.255
91.247.125.0/24
109.200.136.0-109.200.141.255
Signature Algorithm: sha256WithRSAEncryption
2d:ef:bd:54:c3:62:81:87:b1:2e:34:65:d1:79:e4:a6:cc:09:
41:d8:df:95:f3:bb:41:44:33:25:c1:d1:e6:89:e3:e0:3d:56:
28:dd:35:65:2d:c9:80:d7:24:a1:b6:86:09:51:9e:26:d7:bc:
0e:a2:9e:4e:a2:67:8d:8d:83:bc:14:7a:72:69:bb:fb:cc:48:
47:7b:fd:86:c1:f5:43:f6:0c:0c:c7:14:78:8e:86:e0:a7:5f:
59:f0:d0:0c:f7:29:39:b3:5e:60:f9:2f:bb:fc:0c:6f:05:d0:
82:0f:96:5a:07:1b:8c:ff:06:ba:a3:31:a8:d0:00:83:1a:dc:
a6:34:cb:a7:14:e8:ad:10:75:d1:c3:07:10:5e:9f:88:1d:a6:
b5:a2:8a:67:ed:c1:45:a4:5b:a8:cf:2b:ec:ca:5e:41:79:a5:
af:bc:44:88:3e:15:55:06:40:75:15:84:56:31:8d:1b:93:a3:
3f:17:ae:d8:1c:cf:73:c0:bf:3c:57:80:e6:2e:37:ed:33:43:
62:5c:9d:f6:76:a6:40:2a:e7:67:84:d5:5b:75:7c:43:59:b0:
29:b5:69:9d:5a:b2:36:2b:ab:63:34:d6:d2:c4:5a:38:5f:e6:
6d:e1:a9:5f:09:3c:89:04:65:cd:16:5b:a7:84:c1:9a:f1:5e:
1f:34:ca:7f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzKKmaIEG/zXnB6n7cAyLWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGUyMzhlMzBkY2I3NTk3NTlmYjhhMzk0ZDllMjExYTI4
YjlkODcwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZiODRmNzYyNDllOTY2YjFkN2RjYTQyMjM4N2FmNmI0MWZjOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhFQPzBYA0KtM1+nO3cx56eBsetk
ukvVxWrQ+W4C63PzcvFLT5HjnzVuu+yE8EhS4aAaf593DTK8hns3oxLjIwSyjYn+
25yySyf4OmNpDEoCL+N9oF2oCrK36kW3Mzx3j+3AK8WBR7k3cc/pNoUL16AhVrt5
vLXCp+MrOMbvA42pPQGgmtD16jyNQb52gKwK2ohzbfYW/Sktsk5XCwFIOjQz3fpd
+1Zo+g4jx1VV+6BWGiZUXaGZAuNtC7nVjDGwin+baQtQberPJ0505dQQTwyeW/LX
gnKZmbIcLSPsIvD/NU4VESImY/vUjgMxfLAEigb6dYWy+ypW5tGREjHXzwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOP7hPdiSelmsdfcpCI4eva0H8liMB8GA1UdIwQY
MBaAFICOI44w3LdZdZ+4o5TZ4hGii52HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDkt
Y2Q5NzQwNDI2NDlmLzEvNF91RTkySko2V2F4MTl5a0lqaDY5clFmeVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDktY2Q5NzQwNDI2NDlm
LzEvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBANb93gD
BABb93oDBABb930wDAMEA23IiAMEAW3IjDANBgkqhkiG9w0BAQsFAAOCAQEALe+9
VMNigYexLjRl0XnkpswJQdjflfO7QUQzJcHR5onj4D1WKN01ZS3JgNckobaGCVGe
Jte8DqKeTqJnjY2DvBR6cmm7+8xIR3v9hsH1Q/YMDMcUeI6G4KdfWfDQDPcpObNe
YPkvu/wMbwXQgg+WWgcbjP8GuqMxqNAAgxrcpjTLpxTorRB10cMHEF6fiB2mtaKK
Z+3BRaRbqM8r7MpeQXmlr7xEiD4VVQZAdRWEVjGNG5OjPxeu2BzPc8C/PFeA5i43
7TNDYlyd9namQCrnZ4TVW3V8Q1mwKbVpnVqyNiurYzTW0sRaOF/mbeGpXwk8iQRl
zRZbp4TBmvFeHzTKfw==
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:00:39 2024 by rpki-client on console-fra.rpki-client.org