Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4gek8WFHDQvLx8OOuHNU_iY4DoA.roa
File: 4gek8WFHDQvLx8OOuHNU_iY4DoA.roa (raw, json)
Hash identifier: maLyr/jU0QEhu/Jlbmw8rogBIpvvglzKVHJYNPPoQ4s=
Subject key identifier: E2:07:A4:F1:61:47:0D:0B:CB:C7:C3:8E:B8:73:54:FE:26:38:0E:80
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E868EBC3C590C2BFA659557566FDE2178
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4gek8WFHDQvLx8OOuHNU_iY4DoA.roa
Signing time: Thu 28 Mar 2024 19:34:45 +0000
ROA not before: Thu 28 Mar 2024 19:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 21
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 17
85.254.49.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.128.0/18 maxlen: 18
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 16
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 22
217.69.112.0/20 maxlen: 20
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:8e:bc:3c:59:0c:2b:fa:65:95:57:56:6f:de:21:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 28 19:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e207a4f161470d0bcbc7c38eb87354fe26380e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:be:4d:bc:99:3e:fd:10:85:ee:71:9c:dc:
90:54:b0:9e:17:2c:6e:02:97:6c:fc:52:3c:db:d7:
c8:a9:18:e3:4d:e2:a0:6e:4b:0b:ca:2b:dc:08:e3:
3d:f5:32:3c:5b:e7:0a:d5:3b:bc:59:b4:c3:50:ff:
3b:8a:86:b1:06:a8:29:b8:d9:ee:e4:d5:27:90:f0:
28:f4:d9:b8:0f:fd:78:d5:e7:ba:a1:d4:74:a2:e8:
84:b3:cb:2d:b6:ee:a2:03:01:49:a2:9b:02:ed:ba:
6e:ef:62:b8:05:16:77:09:5c:5a:a1:7f:63:19:89:
9e:62:72:73:aa:eb:b0:9d:44:ce:96:84:91:ca:8e:
60:cd:bd:7b:98:3d:78:df:45:c1:ec:2b:e0:36:28:
83:b5:c1:ba:58:1c:19:f4:cb:29:78:c7:ce:01:93:
44:b7:9c:45:76:bc:5e:92:e6:39:36:04:c5:f4:9f:
95:38:10:1c:85:09:d7:da:64:ca:fe:b9:04:6c:a4:
39:c1:2d:8f:47:1c:26:e1:52:f2:eb:ac:96:b4:2e:
c0:e9:4a:d1:d5:d6:e0:85:8b:bd:3d:0e:b4:71:12:
6f:53:8b:a8:6e:1d:6c:52:a4:6c:8f:97:1f:7b:f0:
cb:77:c9:b7:42:89:01:a0:d6:f1:e2:97:39:ec:7b:
ed:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:07:A4:F1:61:47:0D:0B:CB:C7:C3:8E:B8:73:54:FE:26:38:0E:80
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4gek8WFHDQvLx8OOuHNU_iY4DoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
13:3d:29:63:8f:a5:cf:e4:3b:5b:51:64:38:e6:5a:3d:64:51:
01:ef:f5:dd:78:78:e4:4e:fb:4d:47:28:a6:b7:be:11:7c:06:
62:b6:79:f4:4d:95:0a:b8:f6:0b:49:39:6e:da:3c:d5:f0:97:
5e:8b:a1:89:46:1c:ea:b0:0e:b6:ad:5e:a5:69:74:4a:3e:dc:
40:5e:19:8e:0d:10:5d:04:7e:be:26:84:6c:fb:fc:65:5c:ae:
08:81:0c:01:99:64:b3:99:3d:02:17:7c:ff:a7:de:21:39:fc:
5e:ea:bc:34:9c:a6:5f:50:1f:41:01:45:52:7f:d1:84:7f:de:
07:54:7d:bd:0e:2e:34:d4:3f:1c:66:61:d0:39:ce:ac:34:4d:
d9:9e:ec:c5:50:70:c0:ef:72:a8:0a:38:74:86:f9:ea:47:cb:
4b:89:10:95:23:1a:22:73:48:6d:4e:e4:37:81:d0:dd:0b:f7:
51:56:a7:21:67:1b:53:c5:d0:ac:50:b8:87:d2:a7:14:f5:f3:
e0:f6:32:4e:dc:6e:9e:a6:b9:08:ce:73:b3:58:66:3a:c4:48:
18:29:13:9f:52:55:5e:dc:dc:36:39:23:67:75:30:b1:66:b0:
7c:1e:e9:18:c5:7d:b3:8c:2b:bc:66:27:a7:da:b9:e4:0f:ed:
fa:c2:00:14
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY6Gjrw8WQwr+mWVV1Zv3iF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI4MTkzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA3YTRmMTYxNDcwZDBiY2JjN2MzOGViODczNTRmZTI2MzgwZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWW+TbyZPv0Qhe5xnNyQVLCeFyxu
Apds/FI829fIqRjjTeKgbksLyivcCOM99TI8W+cK1Tu8WbTDUP87ioaxBqgpuNnu
5NUnkPAo9Nm4D/141ee6odR0ouiEs8sttu6iAwFJopsC7bpu72K4BRZ3CVxaoX9j
GYmeYnJzquuwnUTOloSRyo5gzb17mD1430XB7CvgNiiDtcG6WBwZ9MspeMfOAZNE
t5xFdrxekuY5NgTF9J+VOBAchQnX2mTK/rkEbKQ5wS2PRxwm4VLy66yWtC7A6UrR
1dbghYu9PQ60cRJvU4uobh1sUqRsj5cfe/DLd8m3QokBoNbx4pc57HvtfQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFOIHpPFhRw0Ly8fDjrhzVP4mOA6AMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNGdlazhXRkhEUXZMeDhPT3VITlVfaVk0RG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IBAQATPSlj
j6XP5DtbUWQ45lo9ZFEB7/XdeHjkTvtNRyimt74RfAZitnn0TZUKuPYLSTlu2jzV
8Jdei6GJRhzqsA62rV6laXRKPtxAXhmODRBdBH6+JoRs+/xlXK4IgQwBmWSzmT0C
F3z/p94hOfxe6rw0nKZfUB9BAUVSf9GEf94HVH29Di401D8cZmHQOc6sNE3ZnuzF
UHDA73KoCjh0hvnqR8tLiRCVIxoic0htTuQ3gdDdC/dRVqchZxtTxdCsULiH0qcU
9fPg9jJO3G6eprkIznOzWGY6xEgYKROfUlVe3Nw2OSNndTCxZrB8HukYxX2zjCu8
Zien2rnkD+36wgAU
-----END CERTIFICATE-----
Generated at Wed May 1 13:30:18 2024 by rpki-client on console-ams.rpki-client.org