Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/4mhi4E9mClJ_PameyHQtgbHmOB4.roa
File: 4mhi4E9mClJ_PameyHQtgbHmOB4.roa (raw, json)
Hash identifier: loSjKahkWx5FIiHj8LGKsqR+WiJGb6qmFzmKOgcGz2A=
Subject key identifier: E2:68:62:E0:4F:66:0A:52:7F:3D:A9:9E:C8:74:2D:81:B1:E6:38:1E
Certificate issuer: /CN=845c58752f3336422ff0ee1726474591e7a41e5f
Certificate serial: 018CC7952FE2954BFB9FD584A0F41040A88E
Authority key identifier: 84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/4mhi4E9mClJ_PameyHQtgbHmOB4.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34624
IP address blocks: 89.33.16.0/24 maxlen: 24
89.35.174.0/23 maxlen: 24
89.191.64.0/19 maxlen: 24
89.40.134.0/23 maxlen: 24
185.91.24.0/22 maxlen: 24
31.170.192.0/19 maxlen: 24
86.105.240.0/24 maxlen: 24
193.238.60.0/22 maxlen: 24
86.107.191.0/24 maxlen: 24
46.253.16.0/20 maxlen: 24
89.35.2.0/24 maxlen: 24
89.35.2.0/23 maxlen: 24
93.115.33.0/24 maxlen: 24
2a00:1930::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2f:e2:95:4b:fb:9f:d5:84:a0:f4:10:40:a8:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c58752f3336422ff0ee1726474591e7a41e5f
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e26862e04f660a527f3da99ec8742d81b1e6381e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d1:9e:63:58:8e:c2:ba:78:d6:0e:f7:75:27:
4d:17:5a:55:43:84:ec:a0:2a:47:45:14:12:06:b0:
3a:b9:80:ce:c1:39:a3:f5:db:f5:6a:42:2e:d5:31:
41:b1:00:b7:5e:4a:10:9a:2f:93:de:7a:ec:2d:db:
ab:96:d3:c6:d7:c1:71:95:49:0a:87:40:f6:f2:8e:
df:1e:6d:3a:88:4d:8c:6c:3a:14:79:6e:60:28:1c:
ea:ec:f3:62:8d:4f:0e:10:8c:ae:9c:0e:fe:4f:88:
a8:76:a6:a8:74:6f:39:59:ca:3f:36:9b:f5:6a:d4:
d6:1d:01:68:95:87:49:c7:3a:ef:2e:b0:63:c8:f9:
d5:0a:4f:13:d8:6e:63:08:2c:21:c1:1d:f8:0e:e8:
56:7b:f2:d7:fc:ec:ae:8b:02:7e:45:7e:2d:fa:09:
70:3c:9a:13:39:df:d6:5c:3f:bd:9d:a1:5e:42:58:
11:32:97:ce:5e:d5:c7:7a:6d:74:71:3e:7b:c4:7b:
94:4d:d6:a0:64:05:a2:c1:91:52:fc:78:c3:a8:08:
ed:3b:f9:fc:bc:21:77:14:97:f7:71:3a:e9:a8:ef:
92:56:c7:ca:dd:b2:66:b5:dc:10:15:a7:04:30:df:
46:4b:2f:95:d6:e1:22:ee:36:e5:2b:be:77:77:bd:
b6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:68:62:E0:4F:66:0A:52:7F:3D:A9:9E:C8:74:2D:81:B1:E6:38:1E
X509v3 Authority Key Identifier:
keyid:84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/4mhi4E9mClJ_PameyHQtgbHmOB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.192.0/19
46.253.16.0/20
86.105.240.0/24
86.107.191.0/24
89.33.16.0/24
89.35.2.0/23
89.35.174.0/23
89.40.134.0/23
89.191.64.0/19
93.115.33.0/24
185.91.24.0/22
193.238.60.0/22
IPv6:
2a00:1930::/32
Signature Algorithm: sha256WithRSAEncryption
4c:53:4e:9a:91:bf:1d:f9:0f:84:0c:4f:2e:62:87:5d:68:32:
2e:b9:8d:d5:e1:81:2f:a2:91:f8:6f:46:ec:3c:3f:ee:f2:18:
76:39:0b:e1:c2:2e:8b:73:8d:47:2a:7a:30:0c:71:14:1c:9a:
6e:0d:36:4f:7b:4a:0e:52:fe:2d:6e:d6:ae:13:13:3a:b9:34:
44:21:da:48:95:45:df:cf:3c:61:c5:85:15:bd:3b:2c:71:0f:
7c:e5:12:0b:45:3c:f4:d5:68:35:10:bd:8b:b5:da:7c:47:11:
dd:df:cb:75:16:e6:1d:be:80:83:3a:5e:ec:bb:61:81:41:f2:
d0:8b:8a:87:2f:5d:32:58:85:8c:45:4a:33:c3:06:00:c3:c0:
06:12:dd:14:b3:fe:ed:3f:7b:7d:22:3a:42:46:c4:16:d9:85:
97:91:47:4e:37:1f:49:4e:e9:d4:bb:94:05:1e:10:80:b9:f4:
1f:22:9c:74:5b:56:99:92:5c:f5:93:ee:02:e9:69:f0:86:f0:
07:7c:25:9b:bd:ca:82:c3:ad:3a:ad:97:1d:51:36:93:cc:db:
1f:d1:c3:6b:ca:8e:75:f5:52:db:b1:c6:28:9a:f1:9d:8b:64:
4b:3c:55:b9:66:39:ae:10:1b:5d:76:f0:88:ca:dd:0b:d6:69:
dc:d4:ab:a3
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzHlS/ilUv7n9WEoPQQQKiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWM1ODc1MmYzMzM2NDIyZmYwZWUxNzI2NDc0NTkxZTdh
NDFlNWYwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY4NjJlMDRmNjYwYTUyN2YzZGE5OWVjODc0MmQ4MWIxZTYzODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNGeY1iOwrp41g73dSdNF1pVQ4Ts
oCpHRRQSBrA6uYDOwTmj9dv1akIu1TFBsQC3XkoQmi+T3nrsLdurltPG18FxlUkK
h0D28o7fHm06iE2MbDoUeW5gKBzq7PNijU8OEIyunA7+T4iodqaodG85Wco/Npv1
atTWHQFolYdJxzrvLrBjyPnVCk8T2G5jCCwhwR34DuhWe/LX/OyuiwJ+RX4t+glw
PJoTOd/WXD+9naFeQlgRMpfOXtXHem10cT57xHuUTdagZAWiwZFS/HjDqAjtO/n8
vCF3FJf3cTrpqO+SVsfK3bJmtdwQFacEMN9GSy+V1uEi7jblK753d722+QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFOJoYuBPZgpSfz2pnsh0LYGx5jgeMB8GA1UdIwQY
MBaAFIRcWHUvMzZCL/DuFyZHRZHnpB5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYt
ZjEzNGU1MWNjMDViLzEvNG1oaTRFOW1DbEpfUGFtZXlIUXRnYkhtT0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYtZjEzNGU1MWNjMDVi
LzEvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQFH6rAAwQE
Lv0QAwQAVmnwAwQAVmu/AwQAWSEQAwQBWSMCAwQBWSOuAwQBWSiGAwQFWb9AAwQA
XXMhAwQCuVsYAwQCwe48MA0EAgACMAcDBQAqABkwMA0GCSqGSIb3DQEBCwUAA4IB
AQBMU06akb8d+Q+EDE8uYoddaDIuuY3V4YEvopH4b0bsPD/u8hh2OQvhwi6Lc41H
KnowDHEUHJpuDTZPe0oOUv4tbtauExM6uTREIdpIlUXfzzxhxYUVvTsscQ985RIL
RTz01Wg1EL2Ltdp8RxHd38t1FuYdvoCDOl7su2GBQfLQi4qHL10yWIWMRUozwwYA
w8AGEt0Us/7tP3t9IjpCRsQW2YWXkUdONx9JTunUu5QFHhCAufQfIpx0W1aZklz1
k+4C6WnwhvAHfCWbvcqCw606rZcdUTaTzNsf0cNryo519VLbscYomvGdi2RLPFW5
ZjmuEBtddvCIyt0L1mnc1Kuj
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:48:29 2024 by rpki-client on console-fra.rpki-client.org