Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/4wlDChlgzrgFapvpBy46MAFlefc.roa
File: 4wlDChlgzrgFapvpBy46MAFlefc.roa (raw, json)
Hash identifier: EYqlVV6MH4EbjLdFRd/br9sG35MzdZTRrWmN3sTJ6/Y=
Subject key identifier: E3:09:43:0A:19:60:CE:B8:05:6A:9B:E9:07:2E:3A:30:01:65:79:F7
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 019420D64E3EF0CE6CE1D8FAD81BE38DA7BB
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/4wlDChlgzrgFapvpBy46MAFlefc.roa
Signing time: Wed 01 Jan 2025 07:48:23 +0000
ROA not before: Wed 01 Jan 2025 07:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56566
IP address blocks: 89.190.52.0/23 maxlen: 23
89.190.55.0/24 maxlen: 24
212.4.142.0/23 maxlen: 23
212.96.185.0/24 maxlen: 24
213.211.37.0/24 maxlen: 24
213.211.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4e:3e:f0:ce:6c:e1:d8:fa:d8:1b:e3:8d:a7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jan 1 07:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e309430a1960ceb8056a9be9072e3a30016579f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:18:ac:76:d0:eb:ff:77:a0:98:10:28:8f:54:
c6:1a:a9:54:f8:0e:40:76:7e:59:02:7b:a3:54:56:
38:1d:1c:f6:8a:ea:36:bd:ca:85:04:93:f4:d2:e0:
65:18:d0:44:e7:e8:6d:95:09:61:46:ca:21:3c:cd:
e4:a8:c1:ef:9b:f6:bd:15:b3:7a:17:6f:97:f5:ad:
98:a5:bf:9c:42:10:ee:72:e6:4f:17:62:f0:a0:97:
3e:8f:e7:e4:06:0a:ab:cc:c9:d0:8d:9d:6d:52:73:
f1:75:65:4e:b8:9a:96:e1:fd:76:af:88:20:81:9f:
11:a4:cf:98:2b:92:ac:4c:a1:c6:29:26:8a:81:7b:
d5:1e:b3:ec:2d:6f:cd:17:d7:9d:a6:b6:09:b2:2e:
ad:b4:a2:39:48:9a:5c:e2:e5:64:d1:99:ae:22:b9:
27:70:d7:b5:d5:ef:b3:28:a4:09:58:b0:f3:6d:a4:
4e:ba:12:08:f1:52:34:9a:8e:dc:81:e6:6b:37:92:
89:6b:ca:c4:d4:68:a2:81:1a:0a:1d:a0:af:62:4a:
63:fb:2a:5a:81:a3:1b:15:c0:72:20:c5:c9:c2:70:
bc:64:ea:b6:28:85:de:a8:e3:74:98:05:39:1c:5e:
ab:d7:b8:43:28:16:d1:95:b1:c2:1f:5d:c2:d2:a1:
3f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:09:43:0A:19:60:CE:B8:05:6A:9B:E9:07:2E:3A:30:01:65:79:F7
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/4wlDChlgzrgFapvpBy46MAFlefc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.52.0/23
89.190.55.0/24
212.4.142.0/23
212.96.185.0/24
213.211.37.0/24
213.211.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:a7:49:92:30:bb:6b:67:2b:2f:56:b4:ca:60:f6:84:fa:95:
d8:27:6e:9f:fc:3e:0c:6d:1f:61:e5:d8:6e:09:df:5c:0c:a5:
6e:a2:34:c2:f1:0c:d9:f6:05:18:e3:63:91:65:f9:6f:96:ee:
7d:11:fd:66:19:06:c6:8a:7f:75:4c:18:5b:af:51:0f:41:3c:
8d:89:00:85:58:c1:12:ae:e0:0a:5a:69:fc:ff:54:b5:53:e9:
b2:84:30:be:43:ba:af:23:c7:8b:9c:e9:8f:76:63:10:a2:fb:
5b:88:ea:1f:a5:d7:f7:ca:81:b5:c9:30:1e:93:f2:58:7f:01:
fe:da:fe:68:73:d8:b5:f1:f3:0c:00:f6:c0:56:44:9a:0e:9c:
28:47:96:ed:e1:85:87:4d:30:ae:e2:72:cf:6b:ec:7d:ad:5f:
18:ed:80:43:3b:4a:c0:47:4a:cd:c8:bb:3b:d2:14:0b:ed:e2:
c3:98:d2:ba:26:35:31:39:e4:66:f3:c2:58:a8:d1:5f:50:af:
57:39:98:c2:6f:7a:47:83:e2:0f:e1:c4:61:ea:4f:7e:40:5e:
83:74:ae:57:13:8d:8f:ef:3f:4c:ff:4d:01:e5:b7:e3:63:ca:
96:58:1c:82:6a:98:4a:c5:04:50:d7:09:23:b5:36:59:bc:86:
b7:59:2e:5e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQg1k4+8M5s4dj62Bvjjae7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwMTAxMDc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA5NDMwYTE5NjBjZWI4MDU2YTliZTkwNzJlM2EzMDAxNjU3OWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBisdtDr/3egmBAoj1TGGqlU+A5A
dn5ZAnujVFY4HRz2iuo2vcqFBJP00uBlGNBE5+htlQlhRsohPM3kqMHvm/a9FbN6
F2+X9a2Ypb+cQhDucuZPF2LwoJc+j+fkBgqrzMnQjZ1tUnPxdWVOuJqW4f12r4gg
gZ8RpM+YK5KsTKHGKSaKgXvVHrPsLW/NF9edprYJsi6ttKI5SJpc4uVk0ZmuIrkn
cNe11e+zKKQJWLDzbaROuhII8VI0mo7cgeZrN5KJa8rE1GiigRoKHaCvYkpj+ypa
gaMbFcByIMXJwnC8ZOq2KIXeqON0mAU5HF6r17hDKBbRlbHCH13C0qE/VQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOMJQwoZYM64BWqb6QcuOjABZXn3MB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvNHdsRENobGd6cmdGYXB2cEJ5NDZNQUZsZWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBWb40AwQA
Wb43AwQB1ASOAwQA1GC5AwQA1dMlAwQC1dMsMA0GCSqGSIb3DQEBCwUAA4IBAQAt
p0mSMLtrZysvVrTKYPaE+pXYJ26f/D4MbR9h5dhuCd9cDKVuojTC8QzZ9gUY42OR
Zflvlu59Ef1mGQbGin91TBhbr1EPQTyNiQCFWMESruAKWmn8/1S1U+myhDC+Q7qv
I8eLnOmPdmMQovtbiOofpdf3yoG1yTAek/JYfwH+2v5oc9i18fMMAPbAVkSaDpwo
R5bt4YWHTTCu4nLPa+x9rV8Y7YBDO0rAR0rNyLs70hQL7eLDmNK6JjUxOeRm88JY
qNFfUK9XOZjCb3pHg+IP4cRh6k9+QF6DdK5XE42P7z9M/00B5bfjY8qWWByCaphK
xQRQ1wkjtTZZvIa3WS5e
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:19 2025 by rpki-client