Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/T4H58eF8LQ6NI03og6y5mFtke4k.roa
File: T4H58eF8LQ6NI03og6y5mFtke4k.roa (raw, json)
Hash identifier: wfGQLfUA9TZ6/QAJmtUMhku+8vaAKSeU5WzYp4PWh7g=
Subject key identifier: 4F:81:F9:F1:E1:7C:2D:0E:8D:23:4D:E8:83:AC:B9:98:5B:64:7B:89
Certificate issuer: /CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Certificate serial: 019076B1711A1B9FEA7E7FD49933EEF7BBFA
Authority key identifier: 67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/T4H58eF8LQ6NI03og6y5mFtke4k.roa
Signing time: Wed 03 Jul 2024 03:44:18 +0000
ROA not before: Wed 03 Jul 2024 03:44:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5384
IP address blocks: 185.78.244.0/24 maxlen: 24
185.78.245.0/24 maxlen: 24
185.78.246.0/24 maxlen: 24
185.78.247.0/24 maxlen: 24
213.42.48.0/24 maxlen: 24
213.42.49.0/24 maxlen: 24
213.42.50.0/24 maxlen: 24
213.42.51.0/24 maxlen: 24
213.42.52.0/24 maxlen: 24
213.42.53.0/24 maxlen: 24
213.42.54.0/24 maxlen: 24
213.42.55.0/24 maxlen: 24
213.42.56.0/24 maxlen: 24
213.42.84.0/24 maxlen: 24
213.42.85.0/24 maxlen: 24
213.42.86.0/24 maxlen: 24
213.42.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/Zw5gd5881NA9XlB4QPX6KjGmq40.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/Zw5gd5881NA9XlB4QPX6KjGmq40.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:76:b1:71:1a:1b:9f:ea:7e:7f:d4:99:33:ee:f7:bb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Validity
Not Before: Jul 3 03:44:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f81f9f1e17c2d0e8d234de883acb9985b647b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:fd:63:a3:33:73:2f:46:5a:2b:dc:75:66:
45:37:d0:db:b7:1d:1c:7f:74:5b:58:21:3a:29:16:
b5:38:87:7f:8f:d9:2a:9a:0e:78:54:63:76:24:72:
b8:8a:42:55:99:ba:f8:fd:a7:6f:9a:b4:3f:15:96:
29:ef:d6:ed:d1:29:8e:c2:9d:37:ea:37:ca:72:a3:
17:b1:0e:90:b4:95:7f:aa:67:9b:1f:a2:82:41:c3:
6b:c0:87:1b:47:5f:08:68:15:0d:60:01:95:12:f9:
2c:b8:a9:50:d6:60:2a:3e:d4:98:01:5b:71:18:39:
b9:65:a9:29:5a:02:c3:2f:7c:18:cf:f1:fd:d9:50:
0b:a8:be:49:5d:50:74:ad:e3:b8:17:7e:17:4e:4a:
ca:f2:f8:08:88:0f:20:9c:19:be:f3:50:d7:ca:d9:
fb:ed:0d:48:4c:c0:d3:22:95:54:7b:f0:68:30:8c:
bd:b2:b7:c6:fb:a2:3b:24:f1:95:ba:b4:23:03:81:
ed:91:69:80:9e:d2:3d:64:26:9a:91:55:68:1a:7d:
c3:ab:4a:c7:d4:ad:2b:cc:a8:70:17:8c:28:7e:ed:
f1:dd:8c:28:35:0a:40:4d:91:45:f8:90:d8:a7:b5:
6a:8b:ed:cc:e2:18:9a:e2:05:2b:df:82:09:3c:8c:
62:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:81:F9:F1:E1:7C:2D:0E:8D:23:4D:E8:83:AC:B9:98:5B:64:7B:89
X509v3 Authority Key Identifier:
keyid:67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/T4H58eF8LQ6NI03og6y5mFtke4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/Zw5gd5881NA9XlB4QPX6KjGmq40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.244.0/22
213.42.48.0-213.42.56.255
213.42.84.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:06:de:a1:93:03:7d:e6:f9:12:d5:21:fd:c3:65:d2:e7:ef:
1b:ed:65:23:66:61:35:7c:1c:91:54:06:46:8e:67:ed:69:7f:
e7:62:10:e7:30:9f:08:da:18:77:7d:f4:99:e8:2e:c3:ae:17:
52:3b:2b:ec:3c:1a:be:88:87:99:a1:50:20:79:92:7b:4b:55:
e5:69:78:1f:2e:14:b8:53:e4:9b:8b:c2:02:29:43:7c:31:50:
86:99:c6:97:3d:27:d8:db:56:5d:f1:82:e0:14:af:44:b8:92:
18:45:d8:66:d9:63:e5:16:29:9c:2f:1e:22:df:3e:57:e5:d8:
62:cf:10:b1:82:5d:97:cf:2e:f6:18:9e:aa:ed:5c:3a:d9:c9:
68:79:45:01:9c:35:a5:aa:99:0f:f6:ee:48:0b:23:67:9a:72:
b8:e6:be:ad:83:b3:c8:1b:ea:dd:9c:38:20:bd:04:c1:3c:42:
f8:1c:48:19:16:d6:da:a4:d4:87:ae:e8:5e:88:95:15:f5:45:
30:3b:f0:05:46:39:de:e7:91:dd:95:d4:8f:81:73:b4:14:d5:
54:44:fd:6f:b7:37:c3:46:10:f0:50:17:90:5c:10:eb:bf:76:
5d:54:45:13:33:a8:f0:7a:cf:db:06:e3:1a:e0:4b:c6:35:87:
c4:b8:d1:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZB2sXEaG5/qfn/UmTPu97v6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MGU2MDc3OWYzY2Q0ZDAzZDVlNTA3ODQwZjVmYTJhMzFh
NmFiOGQwHhcNMjQwNzAzMDM0NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjgxZjlmMWUxN2MyZDBlOGQyMzRkZTg4M2FjYjk5ODViNjQ3Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTz9Y6Mzcy9GWivcdWZFN9Dbtx0c
f3RbWCE6KRa1OId/j9kqmg54VGN2JHK4ikJVmbr4/advmrQ/FZYp79bt0SmOwp03
6jfKcqMXsQ6QtJV/qmebH6KCQcNrwIcbR18IaBUNYAGVEvksuKlQ1mAqPtSYAVtx
GDm5ZakpWgLDL3wYz/H92VALqL5JXVB0reO4F34XTkrK8vgIiA8gnBm+81DXytn7
7Q1ITMDTIpVUe/BoMIy9srfG+6I7JPGVurQjA4HtkWmAntI9ZCaakVVoGn3Dq0rH
1K0rzKhwF4wofu3x3YwoNQpATZFF+JDYp7Vqi+3M4hia4gUr34IJPIxiPwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE+B+fHhfC0OjSNN6IOsuZhbZHuJMB8GA1UdIwQY
MBaAFGcOYHefPNTQPV5QeED1+ioxpquNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUt
MzUwMDRhNjcxZWIzLzEvVDRINThlRjhMUTZOSTAzb2c2eTVtRnRrZTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUtMzUwMDRhNjcxZWIz
LzEvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuU70MAwD
BATVKjADBADVKjgDBALVKlQwDQYJKoZIhvcNAQELBQADggEBAE0G3qGTA33m+RLV
If3DZdLn7xvtZSNmYTV8HJFUBkaOZ+1pf+diEOcwnwjaGHd99JnoLsOuF1I7K+w8
Gr6Ih5mhUCB5kntLVeVpeB8uFLhT5JuLwgIpQ3wxUIaZxpc9J9jbVl3xguAUr0S4
khhF2GbZY+UWKZwvHiLfPlfl2GLPELGCXZfPLvYYnqrtXDrZyWh5RQGcNaWqmQ/2
7kgLI2eacrjmvq2Ds8gb6t2cOCC9BME8QvgcSBkW1tqk1Ieu6F6IlRX1RTA78AVG
Od7nkd2V1I+Bc7QU1VRE/W+3N8NGEPBQF5BcEOu/dl1URRMzqPB6z9sG4xrgS8Y1
h8S40ZA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:14:17 2024 by rpki-client on console-fra.rpki-client.org