Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a33f9a-9bc3-430d-bb7c-5ec794b0e69c/1/4HeGJXZKaxYnfIehfTqageiX3_o.roa
File: 4HeGJXZKaxYnfIehfTqageiX3_o.roa (raw, json)
Hash identifier: 0kWEjVhCRHuilzTpdiApQWbZjblZ/HsQQVKE/q937Lg=
Subject key identifier: E0:77:86:25:76:4A:6B:16:27:7C:87:A1:7D:3A:9A:81:E8:97:DF:FA
Certificate issuer: /CN=2f102815d27e6511746d4a3e9fd1359cd982a866
Certificate serial: 018CC80198543B4B2006697D3D1F3D642142
Authority key identifier: 2F:10:28:15:D2:7E:65:11:74:6D:4A:3E:9F:D1:35:9C:D9:82:A8:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxAoFdJ-ZRF0bUo-n9E1nNmCqGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a33f9a-9bc3-430d-bb7c-5ec794b0e69c/1/4HeGJXZKaxYnfIehfTqageiX3_o.roa
Signing time: Tue 02 Jan 2024 02:29:56 +0000
ROA not before: Tue 02 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208842
IP address blocks: 91.209.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a33f9a-9bc3-430d-bb7c-5ec794b0e69c/1/LxAoFdJ-ZRF0bUo-n9E1nNmCqGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a33f9a-9bc3-430d-bb7c-5ec794b0e69c/1/LxAoFdJ-ZRF0bUo-n9E1nNmCqGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/LxAoFdJ-ZRF0bUo-n9E1nNmCqGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:98:54:3b:4b:20:06:69:7d:3d:1f:3d:64:21:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f102815d27e6511746d4a3e9fd1359cd982a866
Validity
Not Before: Jan 2 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0778625764a6b16277c87a17d3a9a81e897dffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6d:de:7a:c3:eb:5d:cf:91:e2:45:3b:3b:7c:
13:f6:e2:3d:43:8e:1d:60:19:25:11:38:3f:fa:5e:
82:bc:9e:bd:56:a2:5a:6f:1f:23:b6:f2:bd:21:44:
c0:bf:df:75:3a:f5:57:66:c6:ae:ff:36:28:83:23:
2e:32:9d:b3:a6:80:f9:d7:b3:57:de:a7:c0:09:de:
07:f4:91:da:f2:80:6c:a1:6d:89:9a:81:0d:50:a9:
01:ac:63:fd:83:d5:ad:d0:86:f3:f4:82:d0:08:5d:
51:50:55:dd:b0:df:3c:10:e7:26:b9:36:64:0d:0a:
0c:51:f1:47:41:b7:68:46:43:2f:13:29:0f:fc:20:
4a:53:bd:77:6e:38:07:e4:4d:55:92:87:31:e8:7c:
35:4a:10:3c:a0:f8:a7:ec:47:85:03:af:77:09:74:
a2:d0:d4:9e:15:60:92:c9:fe:f6:e2:f8:a0:0d:66:
a6:0f:d5:17:ac:af:0a:00:23:6b:0d:90:b8:6b:1e:
e0:cf:19:b3:00:1b:06:cd:52:c6:22:3b:1f:a4:f2:
c1:16:60:3f:2f:9e:61:cc:88:df:38:05:ac:fd:cd:
f1:15:6d:43:ae:6c:e3:3e:31:dc:05:04:ee:58:fc:
ff:2e:db:da:29:79:a6:b4:eb:13:14:68:65:95:3f:
29:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:77:86:25:76:4A:6B:16:27:7C:87:A1:7D:3A:9A:81:E8:97:DF:FA
X509v3 Authority Key Identifier:
keyid:2F:10:28:15:D2:7E:65:11:74:6D:4A:3E:9F:D1:35:9C:D9:82:A8:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxAoFdJ-ZRF0bUo-n9E1nNmCqGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a33f9a-9bc3-430d-bb7c-5ec794b0e69c/1/4HeGJXZKaxYnfIehfTqageiX3_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a33f9a-9bc3-430d-bb7c-5ec794b0e69c/1/LxAoFdJ-ZRF0bUo-n9E1nNmCqGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.4.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:13:17:db:d4:1c:ca:bf:05:be:c8:1f:9c:3b:44:6d:a2:16:
0d:bb:be:5e:92:17:08:1e:8d:a9:a2:7f:72:f9:bf:4f:57:6c:
e0:61:68:05:fd:79:50:97:63:13:9c:73:f6:ac:a4:0c:b7:2c:
77:4b:d4:18:fc:a8:fa:f3:17:45:81:76:8b:a6:50:0e:d8:e8:
1b:10:8c:5b:d3:15:b8:7d:7d:16:49:11:c6:21:91:1d:93:28:
88:c6:f8:92:4a:97:42:94:2b:64:aa:af:7a:4d:eb:a0:92:27:
9d:a0:cc:78:41:66:27:19:56:de:fa:25:4a:a8:76:c3:fc:1d:
b0:f5:ea:54:84:32:ab:e1:d3:c2:20:78:8e:9d:c9:6e:ee:b5:
32:b7:cb:a8:1f:87:f8:14:8d:22:e1:dd:ba:03:a2:8a:c4:81:
e8:d8:7e:aa:81:7e:84:50:cc:8a:03:ef:c6:2c:c9:71:88:81:
48:91:e5:74:b6:cd:90:4b:b8:4a:1e:41:96:8c:c2:3e:44:32:
2e:6c:bf:51:76:ef:88:6e:1b:65:9c:55:dc:ce:92:0e:a4:70:
1c:49:91:ee:59:10:c0:6e:5b:12:23:a3:c6:7b:60:d8:aa:93:
06:2e:1f:d7:0c:67:71:80:5f:35:49:bd:f9:82:d5:22:d1:ca:
c1:9d:db:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAZhUO0sgBml9PR89ZCFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTAyODE1ZDI3ZTY1MTE3NDZkNGEzZTlmZDEzNTljZDk4
MmE4NjYwHhcNMjQwMTAyMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDc3ODYyNTc2NGE2YjE2Mjc3Yzg3YTE3ZDNhOWE4MWU4OTdkZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm3eesPrXc+R4kU7O3wT9uI9Q44d
YBklETg/+l6CvJ69VqJabx8jtvK9IUTAv991OvVXZsau/zYogyMuMp2zpoD517NX
3qfACd4H9JHa8oBsoW2JmoENUKkBrGP9g9Wt0Ibz9ILQCF1RUFXdsN88EOcmuTZk
DQoMUfFHQbdoRkMvEykP/CBKU713bjgH5E1Vkocx6Hw1ShA8oPin7EeFA693CXSi
0NSeFWCSyf724vigDWamD9UXrK8KACNrDZC4ax7gzxmzABsGzVLGIjsfpPLBFmA/
L55hzIjfOAWs/c3xFW1DrmzjPjHcBQTuWPz/LtvaKXmmtOsTFGhllT8pPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOB3hiV2SmsWJ3yHoX06moHol9/6MB8GA1UdIwQY
MBaAFC8QKBXSfmURdG1KPp/RNZzZgqhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhBb0ZkSi1aUkYwYlVvLW45RTFuTm1DcUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMzNmOWEtOWJjMy00MzBkLWJiN2Mt
NWVjNzk0YjBlNjljLzEvNEhlR0pYWktheFluZkllaGZUcWFnZWlYM19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMzNmOWEtOWJjMy00MzBkLWJiN2MtNWVjNzk0YjBlNjlj
LzEvTHhBb0ZkSi1aUkYwYlVvLW45RTFuTm1DcUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9EEMA0G
CSqGSIb3DQEBCwUAA4IBAQBsExfb1BzKvwW+yB+cO0RtohYNu75ekhcIHo2pon9y
+b9PV2zgYWgF/XlQl2MTnHP2rKQMtyx3S9QY/Kj68xdFgXaLplAO2OgbEIxb0xW4
fX0WSRHGIZEdkyiIxviSSpdClCtkqq96TeugkiedoMx4QWYnGVbe+iVKqHbD/B2w
9epUhDKr4dPCIHiOnclu7rUyt8uoH4f4FI0i4d26A6KKxIHo2H6qgX6EUMyKA+/G
LMlxiIFIkeV0ts2QS7hKHkGWjMI+RDIubL9Rdu+IbhtlnFXczpIOpHAcSZHuWRDA
blsSI6PGe2DYqpMGLh/XDGdxgF81Sb35gtUi0crBndsH
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:22 2024 by rpki-client on console-ams.rpki-client.org