Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/4MwzghqfdaR7yFIU59306dBgKFk.roa
File: 4MwzghqfdaR7yFIU59306dBgKFk.roa (raw, json)
Hash identifier: CxJ6QpEua0lM57V4/Hkgs3U8k6NjKEftOGPKBHYbXs8=
Subject key identifier: E0:CC:33:82:1A:9F:75:A4:7B:C8:52:14:E7:DD:F4:E9:D0:60:28:59
Certificate issuer: /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial: 018CC8015D81973243F837F942311C8761F4
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/4MwzghqfdaR7yFIU59306dBgKFk.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202087
IP address blocks: 185.83.148.0/23 maxlen: 23
185.83.150.0/23 maxlen: 23
94.26.98.0/23 maxlen: 23
94.26.97.0/24 maxlen: 24
94.26.95.0/24 maxlen: 24
94.26.93.0/24 maxlen: 24
94.26.101.0/24 maxlen: 24
94.26.103.0/24 maxlen: 24
94.26.109.0/24 maxlen: 24
104.255.128.0/21 maxlen: 21
185.75.80.0/22 maxlen: 22
185.49.216.0/22 maxlen: 22
153.94.56.0/21 maxlen: 21
185.94.78.0/23 maxlen: 23
185.94.76.0/23 maxlen: 23
45.94.8.0/22 maxlen: 24
185.9.212.0/22 maxlen: 22
192.190.168.0/22 maxlen: 22
94.190.197.0/24 maxlen: 24
94.190.196.0/22 maxlen: 22
94.190.196.0/24 maxlen: 24
94.190.199.0/24 maxlen: 24
94.190.198.0/24 maxlen: 24
45.89.212.0/22 maxlen: 22
2a03:50c0:1000::/36 maxlen: 36
2a03:50c0:3300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.mft
rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5d:81:97:32:43:f8:37:f9:42:31:1c:87:61:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0cc33821a9f75a47bc85214e7ddf4e9d0602859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dc:a4:78:2c:19:52:e9:08:af:91:b0:b1:e6:
52:6f:b1:5b:a1:04:4a:94:50:b6:56:99:9b:b2:dc:
64:9f:d2:d1:75:f6:6d:24:b6:d8:42:8a:2f:3e:e6:
6f:fe:b7:cd:16:0e:88:5c:37:d1:c3:b8:7b:4e:95:
54:48:52:e8:fc:72:a8:23:8c:9e:35:74:3c:a0:06:
df:49:a6:c4:aa:c4:48:79:5f:af:e7:75:46:94:b0:
dd:87:62:65:16:b9:b9:1b:05:1d:a6:74:46:1e:20:
ff:3d:e7:c6:9d:f7:7e:7c:64:78:ca:f8:4f:62:c6:
7e:59:65:f9:3b:b9:68:f0:1b:8f:d4:57:62:06:f6:
be:f0:4d:22:5f:2b:cb:73:75:b3:9c:4c:d9:59:e1:
a6:fc:7f:ce:7a:7a:e2:32:66:63:18:96:ff:c3:b4:
af:83:a4:af:34:ed:48:c9:8c:04:02:e4:41:2b:14:
8d:a4:5d:e2:1e:ad:8b:64:3a:5e:54:11:30:96:3b:
1a:20:39:a8:e7:41:5f:02:48:bd:a5:21:8b:b3:ad:
63:96:f1:3d:d2:48:2a:a0:1d:91:38:0f:5e:66:47:
25:27:36:26:e1:41:f4:a4:a2:86:5f:62:df:9a:59:
0e:21:33:6d:98:7a:b0:74:f8:19:ff:29:b8:20:68:
0f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CC:33:82:1A:9F:75:A4:7B:C8:52:14:E7:DD:F4:E9:D0:60:28:59
X509v3 Authority Key Identifier:
keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/4MwzghqfdaR7yFIU59306dBgKFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.212.0/22
45.94.8.0/22
94.26.93.0/24
94.26.95.0/24
94.26.97.0-94.26.99.255
94.26.101.0/24
94.26.103.0/24
94.26.109.0/24
94.190.196.0/22
104.255.128.0/21
153.94.56.0/21
185.9.212.0/22
185.49.216.0/22
185.75.80.0/22
185.83.148.0/22
185.94.76.0/22
192.190.168.0/22
IPv6:
2a03:50c0:1000::/36
2a03:50c0:3300::/40
Signature Algorithm: sha256WithRSAEncryption
22:21:63:71:bf:d3:a4:05:48:4f:5b:9a:c0:fd:dc:d3:10:de:
c9:6d:97:58:e4:21:b6:cb:06:7e:d7:24:d7:69:6d:4d:bc:95:
46:cc:00:89:fb:32:eb:d1:fb:f9:ee:bb:d1:0f:47:dd:64:1c:
c5:e0:5c:e2:a7:bc:b0:7a:f8:63:86:df:94:b0:e4:e9:81:31:
74:4a:2f:44:68:d4:d4:ad:c7:a6:6e:07:48:07:9b:6a:6d:51:
60:00:79:9a:63:dd:c3:b9:3a:84:62:3d:97:17:ed:b2:85:bb:
23:bc:00:e8:46:25:f0:6a:2b:f3:d5:97:c9:28:fb:fe:74:bb:
39:e1:1c:93:93:37:d2:a8:e4:76:12:1e:cd:a2:37:51:5d:39:
32:97:f6:2e:49:41:d1:93:c4:6f:f3:58:bb:ad:85:5c:95:b1:
79:70:df:75:a9:05:fa:c8:54:f5:79:84:a3:88:51:98:d1:51:
ea:93:09:a0:e5:56:2e:4e:0e:40:66:86:e2:04:03:ad:d7:dc:
57:50:56:af:32:43:89:ca:47:ff:a8:e9:78:e4:67:0b:52:1f:
33:1a:ea:75:32:73:84:45:63:13:40:97:ec:43:6a:4c:06:d7:
a4:f7:a1:ae:11:e3:2f:a7:f9:aa:ed:16:c9:a5:7b:0d:7f:af:
54:17:fd:c2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzIAV2BlzJD+Df5QjEch2H0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNjMzM4MjFhOWY3NWE0N2JjODUyMTRlN2RkZjRlOWQwNjAyODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtykeCwZUukIr5GwseZSb7FboQRK
lFC2Vpmbstxkn9LRdfZtJLbYQoovPuZv/rfNFg6IXDfRw7h7TpVUSFLo/HKoI4ye
NXQ8oAbfSabEqsRIeV+v53VGlLDdh2JlFrm5GwUdpnRGHiD/PefGnfd+fGR4yvhP
YsZ+WWX5O7lo8BuP1FdiBva+8E0iXyvLc3WznEzZWeGm/H/OenriMmZjGJb/w7Sv
g6SvNO1IyYwEAuRBKxSNpF3iHq2LZDpeVBEwljsaIDmo50FfAki9pSGLs61jlvE9
0kgqoB2ROA9eZkclJzYm4UH0pKKGX2LfmlkOITNtmHqwdPgZ/ym4IGgPAwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFODMM4Ian3Wke8hSFOfd9OnQYChZMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvNE13emdocWZkYVI3eUZJVTU5MzA2ZEJnS0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB0BAIAATBuAwQCLVnU
AwQCLV4IAwQAXhpdAwQAXhpfMAwDBABeGmEDBAJeGmADBABeGmUDBABeGmcDBABe
Gm0DBAJevsQDBANo/4ADBAOZXjgDBAK5CdQDBAK5MdgDBAK5S1ADBAK5U5QDBAK5
XkwDBALAvqgwFgQCAAIwEAMGBCoDUMAQAwYAKgNQwDMwDQYJKoZIhvcNAQELBQAD
ggEBACIhY3G/06QFSE9bmsD93NMQ3sltl1jkIbbLBn7XJNdpbU28lUbMAIn7MuvR
+/nuu9EPR91kHMXgXOKnvLB6+GOG35Sw5OmBMXRKL0Ro1NStx6ZuB0gHm2ptUWAA
eZpj3cO5OoRiPZcX7bKFuyO8AOhGJfBqK/PVl8ko+/50uznhHJOTN9Ko5HYSHs2i
N1FdOTKX9i5JQdGTxG/zWLuthVyVsXlw33WpBfrIVPV5hKOIUZjRUeqTCaDlVi5O
DkBmhuIEA63X3FdQVq8yQ4nKR/+o6XjkZwtSHzMa6nUyc4RFYxNAl+xDakwG16T3
oa4R4y+n+artFsmlew1/r1QX/cI=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:15:40 2024 by rpki-client on console-ams.rpki-client.org