Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4rlGRFfeVVH0iaTmHFWGqk9aUb4.roa
File: 4rlGRFfeVVH0iaTmHFWGqk9aUb4.roa (raw, json)
Hash identifier: /6rLmFzHivcHa1Uy/CZIN4AhiCyL4izFMKEa4tlfCZ0=
Subject key identifier: E2:B9:46:44:57:DE:55:51:F4:89:A4:E6:1C:55:86:AA:4F:5A:51:BE
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 0191D5D0E5228D7D7EFB3B24424E5F8E75A2
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4rlGRFfeVVH0iaTmHFWGqk9aUb4.roa
Signing time: Mon 09 Sep 2024 08:05:22 +0000
ROA not before: Mon 09 Sep 2024 08:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56595
IP address blocks: 46.226.0.0/21 maxlen: 21
89.32.88.0/21 maxlen: 21
91.239.46.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
185.7.230.0/23 maxlen: 23
185.8.93.0/24 maxlen: 24
185.34.8.0/22 maxlen: 22
185.73.152.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
185.122.64.0/22 maxlen: 22
185.240.200.0/22 maxlen: 22
188.241.20.0/22 maxlen: 24
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
192.124.200.0/24 maxlen: 24
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
193.33.125.0/24 maxlen: 24
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:d0:e5:22:8d:7d:7e:fb:3b:24:42:4e:5f:8e:75:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: Sep 9 08:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2b9464457de5551f489a4e61c5586aa4f5a51be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:b4:f3:a6:7e:ab:b9:21:e1:54:e1:33:a9:a6:
fd:66:d0:16:cd:fc:ab:2f:e3:12:ef:67:c5:e3:9a:
78:a6:38:73:c1:92:f4:ae:46:69:66:d9:95:be:10:
5e:be:f3:47:e5:fc:f1:ab:e3:e9:84:16:de:ed:0e:
1a:3c:3f:df:15:de:70:f3:34:ea:ee:25:70:17:3e:
73:56:ed:5a:9a:36:f0:9f:a2:06:02:4a:06:15:4c:
f0:1c:19:5b:86:57:92:63:4b:ca:c0:7e:99:6f:d4:
1c:5a:8b:ca:80:18:0e:38:86:26:47:59:2e:c0:6a:
8a:7c:a8:25:eb:6b:ad:45:ff:a0:4a:55:5b:44:43:
45:5e:b0:8e:af:fb:b0:13:d9:ec:d0:3a:4c:00:48:
49:a7:5c:39:98:34:28:ec:b8:cc:b2:52:8b:de:c3:
12:81:68:93:43:2d:e9:1c:08:29:3b:08:ff:31:b9:
c8:aa:da:39:a6:60:08:3d:65:95:99:3b:4b:7b:c8:
8f:e6:37:ea:ea:cf:4b:39:0b:cc:16:cd:2b:ab:52:
c6:53:c1:9b:29:f4:b0:f9:bf:57:1f:66:ad:f2:88:
8b:b8:cd:51:0b:50:5d:a5:87:db:22:25:0c:13:cd:
8b:7c:48:87:da:7e:4d:c0:4c:42:29:61:e8:20:92:
67:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B9:46:44:57:DE:55:51:F4:89:A4:E6:1C:55:86:AA:4F:5A:51:BE
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4rlGRFfeVVH0iaTmHFWGqk9aUb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.239.46.0/24
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.8.93.0/24
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.195.255
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
7d:89:9e:8a:30:90:fd:f6:57:0b:7e:14:51:c9:39:1d:39:cc:
7f:b4:fd:3e:c2:f8:ad:48:82:ed:bc:99:19:60:6c:21:61:e4:
78:8b:34:d5:2a:ce:2b:52:74:08:8d:fa:d0:de:b4:58:8c:f9:
90:ac:91:d1:ce:be:65:69:5b:82:e4:00:f5:ce:fd:11:fd:df:
49:09:2a:a1:b2:14:9e:9e:61:95:50:9b:f0:82:52:06:81:ae:
b8:77:85:4b:62:b6:f7:27:dc:ee:0a:70:c7:22:73:d8:65:cb:
36:82:c5:56:3b:3e:6e:5e:da:73:6c:3c:c6:89:85:7e:83:9d:
a6:6c:05:6b:e8:fd:d9:39:a7:fe:e1:d3:6d:d8:e8:50:14:b0:
9b:93:80:7a:bc:31:cc:8a:11:78:57:bf:b6:ca:c8:cf:5e:bf:
f0:12:73:c8:7b:f2:73:aa:56:ba:04:9a:17:e5:9c:70:01:58:
f4:82:ef:22:a5:a6:3b:11:1d:db:80:1d:59:6c:6b:55:d0:84:
74:c6:03:5d:4e:ba:33:cb:4c:6e:12:6d:2c:17:63:a1:f5:58:
10:56:2a:07:1b:45:73:b1:a6:47:50:ff:56:1b:09:94:5d:15:
08:5e:8f:da:88:68:8c:33:ca:c0:6b:f0:33:fb:fb:ec:c0:90:
8c:04:a2:d1
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZHV0OUijX1++zskQk5fjnWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjQwOTA5MDgwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmI5NDY0NDU3ZGU1NTUxZjQ4OWE0ZTYxYzU1ODZhYTRmNWE1MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97Tzpn6ruSHhVOEzqab9ZtAWzfyr
L+MS72fF45p4pjhzwZL0rkZpZtmVvhBevvNH5fzxq+PphBbe7Q4aPD/fFd5w8zTq
7iVwFz5zVu1amjbwn6IGAkoGFUzwHBlbhleSY0vKwH6Zb9QcWovKgBgOOIYmR1ku
wGqKfKgl62utRf+gSlVbRENFXrCOr/uwE9ns0DpMAEhJp1w5mDQo7LjMslKL3sMS
gWiTQy3pHAgpOwj/MbnIqto5pmAIPWWVmTtLe8iP5jfq6s9LOQvMFs0rq1LGU8Gb
KfSw+b9XH2at8oiLuM1RC1BdpYfbIiUME82LfEiH2n5NwExCKWHoIJJnOwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFOK5RkRX3lVR9Imk5hxVhqpPWlG+MB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvNHJsR1JGZmVWVkgwaWFUbUhGV0dxazlhVWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgDBAMu
4gADBANZIFgDBABb7y4DBABb8K4DBABf1wkDBAK5B+QDBAC5CF0DBAK5IggDBAK5
SZgDBAK5ZEQDBAK5ekADBAK58MgDBAK88RQwDAMEAMB8wQMEAsB8wDAMAwQAwHzF
AwQAwHzGAwQAwHzIAwQAwHzLAwQBwHzOAwQAwSF9AwQAw+Z7MA0EAgACMAcDBQAq
AKYAMA0GCSqGSIb3DQEBCwUAA4IBAQB9iZ6KMJD99lcLfhRRyTkdOcx/tP0+wvit
SILtvJkZYGwhYeR4izTVKs4rUnQIjfrQ3rRYjPmQrJHRzr5laVuC5AD1zv0R/d9J
CSqhshSenmGVUJvwglIGga64d4VLYrb3J9zuCnDHInPYZcs2gsVWOz5uXtpzbDzG
iYV+g52mbAVr6P3ZOaf+4dNt2OhQFLCbk4B6vDHMihF4V7+2ysjPXr/wEnPIe/Jz
qla6BJoX5ZxwAVj0gu8ipaY7ER3bgB1ZbGtV0IR0xgNdTrozy0xuEm0sF2Oh9VgQ
VioHG0VzsaZHUP9WGwmUXRUIXo/aiGiMM8rAa/Az+/vswJCMBKLR
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:25 2024 by rpki-client on console-fra.rpki-client.org