Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/4TLNiOrIHMl0ANqtD_GqBc06xVk.roa
File: 4TLNiOrIHMl0ANqtD_GqBc06xVk.roa (raw, json)
Hash identifier: J64QFUJx9U6GczEyXNu+akR2Jn8sHp4bh26NO7KoF4E=
Subject key identifier: E1:32:CD:88:EA:C8:1C:C9:74:00:DA:AD:0F:F1:AA:05:CD:3A:C5:59
Certificate issuer: /CN=edc3988a84f9fbb4185ea4ac5b721845ca28037e
Certificate serial: 018CC80183D669E1A62F40079C0EA1491531
Authority key identifier: ED:C3:98:8A:84:F9:FB:B4:18:5E:A4:AC:5B:72:18:45:CA:28:03:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/4TLNiOrIHMl0ANqtD_GqBc06xVk.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198398
IP address blocks: 95.156.216.0/22 maxlen: 22
194.110.155.0/24 maxlen: 24
185.184.22.0/23 maxlen: 23
185.184.20.0/23 maxlen: 23
185.184.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.mft
rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 01:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:83:d6:69:e1:a6:2f:40:07:9c:0e:a1:49:15:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc3988a84f9fbb4185ea4ac5b721845ca28037e
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e132cd88eac81cc97400daad0ff1aa05cd3ac559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3e:bf:84:49:d3:77:b4:05:c7:8e:3d:40:7c:
83:6c:66:b2:53:c5:dc:c1:20:6f:cf:f4:65:87:d6:
a2:4f:3c:44:cc:b0:f0:9e:67:5b:68:78:7a:f4:90:
8f:a5:74:a5:1b:0a:a8:f9:3c:ed:66:8d:df:b7:11:
28:43:ef:ad:f9:6f:b5:c3:a7:e9:d0:05:a7:ec:f1:
5a:ef:06:34:e9:d7:e5:7f:4f:b7:04:60:9d:b4:d5:
e2:98:f7:e8:03:83:cf:59:95:f0:36:fb:c7:ff:0c:
8e:96:b6:25:b1:36:be:f4:47:58:7e:6c:d1:82:39:
47:c8:14:dd:af:de:ed:db:ec:53:7a:8d:3c:5b:4f:
aa:00:6a:c5:6d:4c:19:63:03:35:ff:44:c2:a1:3e:
cc:01:31:03:c7:5e:86:84:cf:65:a7:d0:91:9d:8f:
be:79:16:92:ed:44:29:53:87:0c:36:11:37:d1:cd:
57:07:d2:58:0a:e4:43:36:d8:68:92:09:a9:70:d8:
57:07:42:97:4f:27:30:86:ae:3d:14:93:a2:4e:66:
f0:b8:87:22:11:f2:81:82:c4:39:f7:e9:a9:f7:25:
e9:82:c1:69:f6:d5:d7:6e:15:32:2e:80:ce:76:39:
d0:cc:6d:92:b5:be:f0:43:17:9f:4d:b9:b4:df:fc:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:32:CD:88:EA:C8:1C:C9:74:00:DA:AD:0F:F1:AA:05:CD:3A:C5:59
X509v3 Authority Key Identifier:
keyid:ED:C3:98:8A:84:F9:FB:B4:18:5E:A4:AC:5B:72:18:45:CA:28:03:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/4TLNiOrIHMl0ANqtD_GqBc06xVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.216.0/22
185.184.20.0/22
194.110.155.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:7f:19:16:18:80:5b:02:3f:12:14:77:b6:33:fa:c2:17:ba:
b3:c1:3f:df:7a:87:e6:2e:50:b8:17:57:b2:90:5c:46:7c:13:
87:99:bd:7f:4f:a6:b5:3c:a5:a3:79:1e:ce:57:fc:68:47:74:
a9:d0:78:16:9c:df:0c:0a:ec:d6:23:3a:d8:5f:73:fb:35:dc:
38:f3:8f:a3:91:d8:ec:d5:ea:65:fd:b8:28:81:59:b7:55:d4:
8d:e4:97:e2:c2:2e:50:5d:bd:89:e1:a3:f1:b3:1f:50:9f:de:
5c:28:3f:72:75:de:95:02:0e:5f:29:84:b9:ea:9b:9c:4e:37:
71:03:e2:3f:bf:47:78:53:e2:fc:20:79:e1:92:85:2a:bd:36:
2c:fa:f4:80:af:d0:f0:40:57:00:66:9e:ff:aa:fd:d6:4d:c6:
da:3a:3a:37:0d:e4:85:77:0d:8c:2f:7b:d5:69:c4:8b:b3:76:
26:b3:21:b5:b7:7e:43:b4:00:47:ad:2a:b5:d9:0a:42:08:6e:
05:16:f0:81:b7:4d:3f:ae:7d:47:b7:4c:48:de:fe:c7:39:2a:
f6:ee:de:e2:0d:11:5f:a3:7f:5c:8d:0c:e0:bc:c6:2e:ff:5b:
0d:7e:43:07:82:8b:91:23:28:b9:01:d6:81:06:df:56:17:ad:
33:dd:4b:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAYPWaeGmL0AHnA6hSRUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzM5ODhhODRmOWZiYjQxODVlYTRhYzViNzIxODQ1Y2Ey
ODAzN2UwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMyY2Q4OGVhYzgxY2M5NzQwMGRhYWQwZmYxYWEwNWNkM2FjNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT6/hEnTd7QFx449QHyDbGayU8Xc
wSBvz/Rlh9aiTzxEzLDwnmdbaHh69JCPpXSlGwqo+TztZo3ftxEoQ++t+W+1w6fp
0AWn7PFa7wY06dflf0+3BGCdtNXimPfoA4PPWZXwNvvH/wyOlrYlsTa+9EdYfmzR
gjlHyBTdr97t2+xTeo08W0+qAGrFbUwZYwM1/0TCoT7MATEDx16GhM9lp9CRnY++
eRaS7UQpU4cMNhE30c1XB9JYCuRDNthokgmpcNhXB0KXTycwhq49FJOiTmbwuIci
EfKBgsQ59+mp9yXpgsFp9tXXbhUyLoDOdjnQzG2Stb7wQxefTbm03/wwowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOEyzYjqyBzJdADarQ/xqgXNOsVZMB8GA1UdIwQY
MBaAFO3DmIqE+fu0GF6krFtyGEXKKAN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NPWWlvVDUtN1FZWHFTc1czSVlSY29vQTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hN2M4MTEtZGU1NS00NDE3LWJiMzEt
MTBmY2VkNWZkNGVlLzEvNFRMTmlPcklITWwwQU5xdERfR3FCYzA2eFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hN2M4MTEtZGU1NS00NDE3LWJiMzEtMTBmY2VkNWZkNGVl
LzEvN2NPWWlvVDUtN1FZWHFTc1czSVlSY29vQTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCX5zYAwQC
ubgUAwQAwm6bMA0GCSqGSIb3DQEBCwUAA4IBAQCcfxkWGIBbAj8SFHe2M/rCF7qz
wT/feofmLlC4F1eykFxGfBOHmb1/T6a1PKWjeR7OV/xoR3Sp0HgWnN8MCuzWIzrY
X3P7Ndw484+jkdjs1epl/bgogVm3VdSN5Jfiwi5QXb2J4aPxsx9Qn95cKD9ydd6V
Ag5fKYS56pucTjdxA+I/v0d4U+L8IHnhkoUqvTYs+vSAr9DwQFcAZp7/qv3WTcba
Ojo3DeSFdw2ML3vVacSLs3YmsyG1t35DtABHrSq12QpCCG4FFvCBt00/rn1Ht0xI
3v7HOSr27t7iDRFfo39cjQzgvMYu/1sNfkMHgouRIyi5AdaBBt9WF60z3UtZ
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:46:43 2024 by rpki-client on console-fra.rpki-client.org