Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/4nNLr2l31NvG5zXaD3xVdGb25s4.roa
File: 4nNLr2l31NvG5zXaD3xVdGb25s4.roa (raw, json)
Hash identifier: MBJNw02Lp4OtafhVx7x7WNtAdo6h7/ht5vM58z8AdJ0=
Subject key identifier: E2:73:4B:AF:69:77:D4:DB:C6:E7:35:DA:0F:7C:55:74:66:F6:E6:CE
Certificate issuer: /CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Certificate serial: 018FE296D87809C4614F2E8450DAD26E8BDE
Authority key identifier: BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/4nNLr2l31NvG5zXaD3xVdGb25s4.roa
Signing time: Tue 04 Jun 2024 09:31:27 +0000
ROA not before: Tue 04 Jun 2024 09:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 82.99.128.0/18 maxlen: 24
84.244.64.0/18 maxlen: 24
85.207.0.0/16 maxlen: 24
212.158.128.0/19 maxlen: 24
2a02:a40::/32 maxlen: 48
2a02:a41::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:96:d8:78:09:c4:61:4f:2e:84:50:da:d2:6e:8b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Validity
Not Before: Jun 4 09:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2734baf6977d4dbc6e735da0f7c557466f6e6ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:31:ad:a4:4f:b7:0a:6b:6d:06:48:b4:a1:6c:
ab:db:a1:64:db:73:b5:e4:dd:2f:f4:f5:f1:3e:08:
c5:72:43:c7:6e:f6:80:98:73:6e:dc:68:e7:ba:6a:
6f:8d:32:46:d2:fe:a8:3d:1a:0d:0e:44:9d:1b:24:
d9:ad:9d:7b:c2:2d:3b:f4:cc:3d:59:18:82:36:ca:
ef:51:b0:fb:eb:51:09:ac:f9:08:19:5e:aa:48:f2:
7c:ea:00:48:ca:b3:b8:d1:06:49:a1:13:95:88:53:
f0:b7:6f:ae:1f:dc:19:98:47:54:75:0d:b3:53:bf:
a5:17:af:9e:34:55:31:89:4e:d0:0f:76:4e:0c:fe:
87:02:6e:0d:c6:f9:48:fa:69:70:28:52:f9:8c:7d:
b4:36:66:c8:33:d8:1e:86:4f:f8:f3:53:4a:51:f8:
a3:92:4c:55:61:23:76:5a:de:f8:fe:73:c9:ea:1f:
04:35:78:73:79:88:c6:fd:9f:c1:fa:12:a5:23:9d:
58:89:04:ed:af:b5:9b:86:73:72:bb:0f:96:ee:a0:
d0:3d:fe:bb:13:65:2f:82:fb:7d:08:4c:5a:60:27:
23:a9:94:4b:7d:73:1e:6f:05:44:3a:fd:e8:f6:59:
d3:c7:a3:f8:1a:5f:29:af:13:d2:98:42:24:28:7e:
50:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:73:4B:AF:69:77:D4:DB:C6:E7:35:DA:0F:7C:55:74:66:F6:E6:CE
X509v3 Authority Key Identifier:
keyid:BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/4nNLr2l31NvG5zXaD3xVdGb25s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.99.128.0/18
84.244.64.0/18
85.207.0.0/16
212.158.128.0/19
IPv6:
2a02:a40::/31
Signature Algorithm: sha256WithRSAEncryption
98:9a:e9:49:09:98:7b:53:d2:14:64:88:7d:d9:cf:36:47:5e:
96:a1:61:82:5a:b6:3a:67:73:17:96:e7:d9:69:c9:01:55:69:
5f:61:9f:c8:84:67:8f:9e:08:18:66:4f:79:bc:5f:b8:1f:ad:
ac:03:29:f2:dd:1e:c9:fe:b9:4c:78:48:31:b2:25:c5:23:5a:
85:9d:78:f1:d2:c2:b4:48:54:71:93:7f:21:c1:1d:72:2e:ec:
bc:74:b2:6c:1a:f7:e1:af:da:5b:e3:6e:85:3b:64:72:d1:da:
46:fb:9b:bf:52:f5:ee:47:26:83:9e:d5:db:21:b4:c8:1c:6b:
53:24:8e:1c:31:ee:17:5b:18:b0:7f:00:d1:b4:77:02:73:96:
61:2e:2f:ba:e4:ad:da:3a:fa:47:71:f6:ed:16:55:dd:33:3f:
e9:e7:0c:b0:55:de:04:a7:ae:64:46:17:a7:66:85:5a:ae:b3:
d5:83:43:fa:a7:bf:41:35:c3:66:aa:f9:64:48:78:1a:25:f4:
72:03:17:d1:e2:9a:54:18:2f:94:e9:f3:8f:a8:b5:6f:fe:4b:
91:bf:a1:67:46:db:2f:45:32:3f:91:2c:ae:b2:f4:7b:52:fa:
d9:f1:46:8f:e7:95:aa:71:5f:c6:7e:67:43:f7:a9:fc:9f:5e:
5d:41:67:8c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY/ilth4CcRhTy6EUNrSboveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZjUyNTJjY2FjM2Y2ZGMxNDI2YjU1M2YyYzFjNzIzM2Fj
Yzg5NGIwHhcNMjQwNjA0MDkzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjczNGJhZjY5NzdkNGRiYzZlNzM1ZGEwZjdjNTU3NDY2ZjZlNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTGtpE+3CmttBki0oWyr26Fk23O1
5N0v9PXxPgjFckPHbvaAmHNu3GjnumpvjTJG0v6oPRoNDkSdGyTZrZ17wi079Mw9
WRiCNsrvUbD761EJrPkIGV6qSPJ86gBIyrO40QZJoROViFPwt2+uH9wZmEdUdQ2z
U7+lF6+eNFUxiU7QD3ZODP6HAm4NxvlI+mlwKFL5jH20NmbIM9gehk/481NKUfij
kkxVYSN2Wt74/nPJ6h8ENXhzeYjG/Z/B+hKlI51YiQTtr7WbhnNyuw+W7qDQPf67
E2Uvgvt9CExaYCcjqZRLfXMebwVEOv3o9lnTx6P4Gl8prxPSmEIkKH5QQwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOJzS69pd9Tbxuc12g98VXRm9ubOMB8GA1UdIwQY
MBaAFL71JSzKw/bcFCa1U/LBxyM6zIlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmIt
MTFlNWY2ZDEyZWYxLzEvNG5OTHIybDMxTnZHNXpYYUQzeFZkR2IyNXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmItMTFlNWY2ZDEyZWYx
LzEvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGUmOAAwQG
VPRAAwMAVc8DBAXUnoAwDQQCAAIwBwMFASoCCkAwDQYJKoZIhvcNAQELBQADggEB
AJia6UkJmHtT0hRkiH3ZzzZHXpahYYJatjpncxeW59lpyQFVaV9hn8iEZ4+eCBhm
T3m8X7gfrawDKfLdHsn+uUx4SDGyJcUjWoWdePHSwrRIVHGTfyHBHXIu7Lx0smwa
9+Gv2lvjboU7ZHLR2kb7m79S9e5HJoOe1dshtMgca1Mkjhwx7hdbGLB/ANG0dwJz
lmEuL7rkrdo6+kdx9u0WVd0zP+nnDLBV3gSnrmRGF6dmhVqus9WDQ/qnv0E1w2aq
+WRIeBol9HIDF9HimlQYL5Tp84+otW/+S5G/oWdG2y9FMj+RLK6y9HtS+tnxRo/n
lapxX8Z+Z0P3qfyfXl1BZ4w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:45 2024 by rpki-client on console-ams.rpki-client.org