Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/4sGhbSlh1D5Xw0_g_iMtDNiIJu0.roa
File: 4sGhbSlh1D5Xw0_g_iMtDNiIJu0.roa (raw, json)
Hash identifier: GOPouLleaQUyIRqlbgyKR66gnu7TtJod9i3znjbEOfM=
Subject key identifier: E2:C1:A1:6D:29:61:D4:3E:57:C3:4F:E0:FE:23:2D:0C:D8:88:26:ED
Certificate issuer: /CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Certificate serial: 018CC726EBA09A23573632DEA21F53447FF1
Authority key identifier: C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/4sGhbSlh1D5Xw0_g_iMtDNiIJu0.roa
Signing time: Mon 01 Jan 2024 22:31:05 +0000
ROA not before: Mon 01 Jan 2024 22:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59497
IP address blocks: 194.44.90.0/24 maxlen: 24
194.44.97.0/24 maxlen: 24
194.44.96.0/24 maxlen: 24
194.44.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.mft
rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:eb:a0:9a:23:57:36:32:de:a2:1f:53:44:7f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Validity
Not Before: Jan 1 22:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c1a16d2961d43e57c34fe0fe232d0cd88826ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4e:33:ef:be:09:99:77:97:32:53:81:21:b4:
36:39:74:09:72:88:3e:b7:d6:a8:78:0f:bb:10:21:
9f:a2:fe:c8:51:a3:fc:3f:69:86:83:39:ff:0f:85:
98:3d:11:01:72:8b:ae:39:7b:6a:db:7c:5a:d3:7b:
58:17:62:99:98:d8:7a:64:2d:0e:c7:19:fa:80:b2:
fc:77:38:bd:9d:54:f2:00:a4:e8:b6:69:f3:38:c4:
8e:68:c4:d9:26:4f:45:f9:f3:19:4c:2f:78:00:1b:
e3:db:20:9d:c1:ca:99:80:17:80:1a:4d:fe:4d:9e:
72:97:68:a6:76:18:8d:ac:55:2a:aa:f0:dc:57:d1:
9d:88:9e:79:4a:c9:86:0c:a4:b8:4d:fb:7a:0c:91:
ea:56:7c:cc:cb:75:90:d0:a6:a6:ab:24:52:0e:84:
31:b0:8a:79:1f:87:c0:ef:0a:a2:0f:66:07:14:df:
82:e0:55:1b:3d:dd:1d:1b:57:bd:a6:fd:06:38:ec:
a0:be:da:4c:47:7e:a1:f4:a6:3b:a3:b5:fd:df:4e:
0b:7d:99:03:29:f7:48:cf:fa:83:81:82:ea:eb:4d:
7b:f9:84:1d:17:fa:ff:b5:a9:5c:bb:7e:95:60:5a:
ed:d7:6d:c7:15:e5:72:d9:84:7f:db:fe:82:19:94:
da:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C1:A1:6D:29:61:D4:3E:57:C3:4F:E0:FE:23:2D:0C:D8:88:26:ED
X509v3 Authority Key Identifier:
keyid:C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/4sGhbSlh1D5Xw0_g_iMtDNiIJu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.44.90.0/24
194.44.96.0/23
194.44.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:8c:c9:6f:2f:38:92:0d:14:de:97:70:89:97:f8:8e:41:bc:
cb:cc:8d:3a:fc:2f:ae:38:18:b5:27:2d:cd:71:a7:79:38:ed:
a8:fe:8b:5c:54:7f:4a:0d:9a:f9:8d:24:0b:0f:d1:43:6b:4f:
61:63:77:56:9d:63:8a:88:f6:0a:4f:5b:61:e1:a4:26:b3:b9:
03:7a:1d:85:6a:44:bc:28:16:c3:2d:bb:1b:2e:b9:a8:8f:1b:
2c:54:9d:57:be:e6:10:fa:5b:dc:fc:34:40:79:9b:e6:06:f0:
cb:4a:77:2e:e3:69:9b:3d:6c:5e:c4:01:2b:10:8f:65:7e:1e:
3d:99:23:57:a2:71:2a:11:75:33:08:33:ef:8b:8d:d2:0b:1d:
4e:e5:fe:fb:90:0a:c7:ac:c5:11:ea:6f:73:be:e6:d7:88:25:
d5:27:8e:06:c2:85:bc:75:01:f4:13:53:1f:13:93:af:1d:4f:
34:c6:7b:0a:f0:8b:9a:20:29:d7:35:85:11:13:90:ea:60:2f:
22:6e:0b:64:a3:23:14:e4:57:f7:da:6c:51:69:8e:7e:18:4b:
70:3e:59:3a:84:29:54:6a:12:b6:f0:a0:06:7f:67:2d:97:16:
ff:ff:e2:ab:1c:e5:1f:e3:39:4f:2e:65:d3:68:1f:ca:1b:9f:
09:6b:04:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJuugmiNXNjLeoh9TRH/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmI0MDNhMjQxODgzZTU4ZmNlZDUyZDM5ZDgwZWFiZDUy
YmIzNmYwHhcNMjQwMTAxMjIzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMxYTE2ZDI5NjFkNDNlNTdjMzRmZTBmZTIzMmQwY2Q4ODgyNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA204z774JmXeXMlOBIbQ2OXQJcog+
t9aoeA+7ECGfov7IUaP8P2mGgzn/D4WYPREBcouuOXtq23xa03tYF2KZmNh6ZC0O
xxn6gLL8dzi9nVTyAKTotmnzOMSOaMTZJk9F+fMZTC94ABvj2yCdwcqZgBeAGk3+
TZ5yl2imdhiNrFUqqvDcV9GdiJ55SsmGDKS4Tft6DJHqVnzMy3WQ0KamqyRSDoQx
sIp5H4fA7wqiD2YHFN+C4FUbPd0dG1e9pv0GOOygvtpMR36h9KY7o7X9304LfZkD
KfdIz/qDgYLq6017+YQdF/r/talcu36VYFrt123HFeVy2YR/2/6CGZTaGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOLBoW0pYdQ+V8NP4P4jLQzYiCbtMB8GA1UdIwQY
MBaAFMP7QDokGIPlj87VLTnYDqvVK7NvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUt
YTlhNzc5MDI2ZjBhLzEvNHNHaGJTbGgxRDVYdzBfZ19pTXRETmlJSnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUtYTlhNzc5MDI2ZjBh
LzEvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwixaAwQB
wixgAwQAwixjMA0GCSqGSIb3DQEBCwUAA4IBAQCKjMlvLziSDRTel3CJl/iOQbzL
zI06/C+uOBi1Jy3Ncad5OO2o/otcVH9KDZr5jSQLD9FDa09hY3dWnWOKiPYKT1th
4aQms7kDeh2FakS8KBbDLbsbLrmojxssVJ1XvuYQ+lvc/DRAeZvmBvDLSncu42mb
PWxexAErEI9lfh49mSNXonEqEXUzCDPvi43SCx1O5f77kArHrMUR6m9zvubXiCXV
J44GwoW8dQH0E1MfE5OvHU80xnsK8IuaICnXNYURE5DqYC8ibgtkoyMU5Ff32mxR
aY5+GEtwPlk6hClUahK28KAGf2ctlxb//+KrHOUf4zlPLmXTaB/KG58JawQ0
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:01 2024 by rpki-client on console-ams.rpki-client.org