Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4yHKKSdCdHcjjl34WAMJd4XI6CA.roa
File: 4yHKKSdCdHcjjl34WAMJd4XI6CA.roa (raw, json)
Hash identifier: P2f2D4teLMQ1PWAOcuJhU7Kb3iV++thMsB7FcygAVBU=
Subject key identifier: E3:21:CA:29:27:42:74:77:23:8E:5D:F8:58:03:09:77:85:C8:E8:20
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192B8BDC3D490B67DEFE4735BAC5E5AF16D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4yHKKSdCdHcjjl34WAMJd4XI6CA.roa
Signing time: Wed 23 Oct 2024 09:38:17 +0000
ROA not before: Wed 23 Oct 2024 09:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 37.97.112.0/22 maxlen: 24
46.173.252.0/23 maxlen: 23
81.161.52.0/22 maxlen: 24
91.237.92.0/23 maxlen: 23
91.246.200.0/23 maxlen: 23
94.232.100.0/22 maxlen: 24
109.197.236.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
193.36.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:bd:c3:d4:90:b6:7d:ef:e4:73:5b:ac:5e:5a:f1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 23 09:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e321ca2927427477238e5df85803097785c8e820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:77:1f:98:4a:fa:3d:73:5f:6b:8e:2b:97:
fc:a0:f3:22:73:8d:11:9a:85:50:bc:40:b2:b0:0a:
62:6f:9f:c4:e5:f9:71:47:74:10:91:0e:de:29:fe:
52:59:03:87:8b:d4:83:1f:59:43:ba:a5:8d:95:2a:
2b:ad:0b:60:ea:6d:d3:ad:5d:56:86:8c:21:88:a3:
8a:f4:ad:30:d5:e1:16:20:0d:e3:41:bf:16:9f:7a:
ae:31:9b:29:9e:98:57:73:d5:bb:99:fa:48:bd:98:
15:c2:87:69:30:09:b7:55:f4:7a:1c:6c:58:19:ae:
9a:ba:2d:b4:14:02:17:2f:72:75:39:6b:02:64:1c:
90:76:86:0f:d5:46:c4:15:c7:c5:d7:00:6c:53:69:
ce:ad:fa:e3:fe:1a:5c:c0:f3:14:e1:11:24:48:77:
c5:4b:de:dd:c5:f5:a9:89:75:21:ad:11:ab:d9:ea:
50:fe:2b:38:18:7c:65:9a:94:60:39:c4:0c:0f:da:
c8:15:51:8d:96:54:14:7e:64:39:60:fe:1e:0d:39:
e4:3c:42:c3:87:cc:ec:ef:4d:9f:f8:f2:0d:df:e0:
d2:da:d9:af:19:48:d0:e2:39:0f:ae:71:10:f9:46:
33:f7:39:c5:9a:ad:aa:d6:2e:46:42:7a:1f:55:6d:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:21:CA:29:27:42:74:77:23:8E:5D:F8:58:03:09:77:85:C8:E8:20
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4yHKKSdCdHcjjl34WAMJd4XI6CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.112.0/22
46.173.252.0/23
81.161.52.0/22
91.237.92.0/23
91.246.200.0/23
94.232.100.0/22
109.197.236.0/22
176.96.88.0/22
176.110.216.0/22
193.36.220.0/23
Signature Algorithm: sha256WithRSAEncryption
64:0e:0a:af:a0:06:79:ab:39:27:bb:b6:e2:23:2c:07:b1:dd:
d1:25:dd:7a:fa:28:89:70:03:8f:e0:98:bc:e5:1b:81:a7:d4:
fb:df:85:84:60:37:a0:ed:5f:06:e3:43:85:b3:73:49:4d:e4:
60:ee:fe:11:19:bc:a4:3d:63:49:05:aa:2b:45:08:bc:35:7f:
61:c1:de:44:4c:ac:ea:e5:6b:91:02:22:b1:e9:ea:65:9c:14:
2a:ef:39:38:eb:8f:56:61:63:9a:5a:24:dc:80:74:43:8a:51:
5a:00:23:35:5b:b1:e7:a4:55:b9:96:fa:08:04:7b:a6:e1:2e:
9a:d8:42:60:a4:bb:4b:69:a7:19:72:f8:5c:fe:b8:17:95:1d:
30:ac:13:8d:14:b7:4a:0a:e9:3c:a8:3c:3b:9c:71:4c:c0:f7:
c6:fe:2f:e2:c0:c9:4a:c3:24:d1:63:d4:4a:c8:0e:9e:1c:2a:
59:dc:de:e4:d2:f8:45:b0:eb:69:40:ea:49:3e:2f:b4:e7:16:
9c:ce:ab:af:23:ac:9b:da:6e:c3:e2:35:f4:f3:b6:fa:82:f1:
15:23:eb:91:0c:a7:11:c0:9f:88:58:e0:4c:b0:f0:d8:6d:bb:
74:bd:75:e0:da:31:2d:51:3b:54:48:72:4d:d3:f5:2e:01:4a:
25:ed:20:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZK4vcPUkLZ97+RzW6xeWvFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDIzMDkzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIxY2EyOTI3NDI3NDc3MjM4ZTVkZjg1ODAzMDk3Nzg1YzhlODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lt3H5hK+j1zX2uOK5f8oPMic40R
moVQvECysApib5/E5flxR3QQkQ7eKf5SWQOHi9SDH1lDuqWNlSorrQtg6m3TrV1W
howhiKOK9K0w1eEWIA3jQb8Wn3quMZspnphXc9W7mfpIvZgVwodpMAm3VfR6HGxY
Ga6aui20FAIXL3J1OWsCZByQdoYP1UbEFcfF1wBsU2nOrfrj/hpcwPMU4REkSHfF
S97dxfWpiXUhrRGr2epQ/is4GHxlmpRgOcQMD9rIFVGNllQUfmQ5YP4eDTnkPELD
h8zs702f+PIN3+DS2tmvGUjQ4jkPrnEQ+UYz9znFmq2q1i5GQnofVW3rYQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOMhyiknQnR3I45d+FgDCXeFyOggMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNHlIS0tTZENkSGNqamwzNFdBTUpkNFhJNkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCJWFwAwQB
Lq38AwQCUaE0AwQBW+1cAwQBW/bIAwQCXuhkAwQCbcXsAwQCsGBYAwQCsG7YAwQB
wSTcMA0GCSqGSIb3DQEBCwUAA4IBAQBkDgqvoAZ5qzknu7biIywHsd3RJd16+iiJ
cAOP4Ji85RuBp9T734WEYDeg7V8G40OFs3NJTeRg7v4RGbykPWNJBaorRQi8NX9h
wd5ETKzq5WuRAiKx6eplnBQq7zk4649WYWOaWiTcgHRDilFaACM1W7HnpFW5lvoI
BHum4S6a2EJgpLtLaacZcvhc/rgXlR0wrBONFLdKCuk8qDw7nHFMwPfG/i/iwMlK
wyTRY9RKyA6eHCpZ3N7k0vhFsOtpQOpJPi+05xaczquvI6yb2m7D4jX087b6gvEV
I+uRDKcRwJ+IWOBMsPDYbbt0vXXg2jEtUTtUSHJN0/UuAUol7SDB
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:25 2024 by rpki-client on console-ams.rpki-client.org