Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/4FtcKfOwgrZS2mu4yCh3RikvDNI.roa
File: 4FtcKfOwgrZS2mu4yCh3RikvDNI.roa (raw, json)
Hash identifier: l7rc1x5MpkS4W5juvf6J1vIp1MAA+Miq56iIzWG3hWg=
Subject key identifier: E0:5B:5C:29:F3:B0:82:B6:52:DA:6B:B8:C8:28:77:46:29:2F:0C:D2
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B815D89DDF1EB3C44BBF5C36CD723F
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/4FtcKfOwgrZS2mu4yCh3RikvDNI.roa
Signing time: Mon 01 Jan 2024 20:30:02 +0000
ROA not before: Mon 01 Jan 2024 20:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39811
IP address blocks: 85.140.40.0/24 maxlen: 24
85.140.41.0/24 maxlen: 24
85.140.42.0/24 maxlen: 24
213.87.246.0/24 maxlen: 24
213.87.96.0/24 maxlen: 24
213.87.97.0/24 maxlen: 24
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.101.0/24 maxlen: 24
213.87.102.0/24 maxlen: 24
213.87.103.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
85.140.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:15:d8:9d:df:1e:b3:c4:4b:bf:5c:36:cd:72:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e05b5c29f3b082b652da6bb8c8287746292f0cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:eb:d8:2b:66:aa:5d:4d:ce:2b:b4:6b:49:
e0:26:53:b4:84:b8:a7:a4:75:94:69:74:be:77:bc:
44:a4:3f:4d:2c:ca:46:29:c6:39:04:8f:b2:b2:2c:
3f:26:78:60:80:b2:66:83:8d:2d:2d:aa:b4:e5:2f:
03:40:95:f2:15:78:98:b3:5b:69:1d:3c:54:b0:83:
e9:83:9e:53:aa:cc:11:67:3e:9d:db:8a:72:a9:7a:
b0:2c:f0:fc:f3:a5:53:13:cb:ca:33:31:f5:92:56:
bf:b7:95:3a:aa:83:6e:c6:4c:b2:98:de:2d:e5:4f:
33:41:09:7d:d2:22:70:d4:fc:2d:50:57:af:e6:95:
c2:68:d9:19:ff:4b:5a:10:cb:bd:93:0b:fb:1f:65:
b8:3d:0b:2b:ca:db:62:41:86:64:ca:3e:7c:fb:1b:
5b:90:4e:ae:28:4f:8b:a9:1d:11:86:cb:8e:27:0e:
38:65:b8:4e:2d:06:c2:55:ec:a9:aa:a4:fd:cc:49:
9f:cc:eb:b7:23:78:42:26:ef:61:0b:78:85:ad:99:
c4:43:a0:d9:9b:99:c1:66:05:3b:07:50:54:ad:e8:
7f:73:a0:99:d6:27:9b:8e:63:c3:a0:c2:d9:bb:56:
0d:da:0f:41:43:84:d2:ca:15:b5:d7:4b:32:a4:87:
5e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5B:5C:29:F3:B0:82:B6:52:DA:6B:B8:C8:28:77:46:29:2F:0C:D2
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/4FtcKfOwgrZS2mu4yCh3RikvDNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.40.0-85.140.42.255
85.140.127.0/24
213.87.96.0-213.87.107.255
213.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
73:1e:0c:1e:5c:84:5b:7f:15:50:91:2c:72:96:81:7c:96:14:
44:c0:ca:94:31:b5:d5:56:8b:3b:e1:89:e7:4d:e3:93:c7:65:
c3:72:44:c6:2d:e2:f5:af:f1:53:f0:16:ff:c2:d3:42:07:03:
f2:7a:43:dd:21:67:cc:28:86:c4:bb:8b:1a:20:61:fa:d2:4a:
95:53:9c:9f:30:c7:b2:6b:41:77:21:38:30:a7:fe:b6:60:23:
dd:ea:44:46:d7:f9:f6:4c:05:53:a9:8a:dc:6a:32:78:ad:f7:
eb:f7:a1:f8:9a:0b:e6:55:3b:1a:e2:7a:2a:18:81:75:9d:12:
53:47:1d:e1:5e:0b:0a:60:43:44:56:15:18:6d:9c:f9:71:d7:
29:dd:56:c9:81:46:e7:cd:09:c3:2f:43:84:aa:62:ef:b2:5a:
e8:08:73:0b:d8:cc:43:ab:ed:41:c2:b1:c1:e0:b5:c1:47:07:
7c:17:51:17:2a:ff:80:6d:60:c5:a2:f1:4b:18:8c:26:70:4e:
6a:cb:4f:1f:9b:b0:16:23:dc:11:dd:32:07:64:eb:25:36:99:
98:9d:40:58:58:39:2d:0d:97:04:59:28:a0:7c:12:5c:1d:38:
3f:79:41:80:f5:69:28:9a:a1:fd:54:38:f5:87:ff:d8:10:c5:
df:36:2e:8f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGuBXYnd8es8RLv1w2zXI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDViNWMyOWYzYjA4MmI2NTJkYTZiYjhjODI4Nzc0NjI5MmYwY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtHr2Ctmql1Nziu0a0ngJlO0hLin
pHWUaXS+d7xEpD9NLMpGKcY5BI+ysiw/JnhggLJmg40tLaq05S8DQJXyFXiYs1tp
HTxUsIPpg55TqswRZz6d24pyqXqwLPD886VTE8vKMzH1kla/t5U6qoNuxkyymN4t
5U8zQQl90iJw1PwtUFev5pXCaNkZ/0taEMu9kwv7H2W4PQsryttiQYZkyj58+xtb
kE6uKE+LqR0RhsuOJw44ZbhOLQbCVeypqqT9zEmfzOu3I3hCJu9hC3iFrZnEQ6DZ
m5nBZgU7B1BUreh/c6CZ1iebjmPDoMLZu1YN2g9BQ4TSyhW110sypIde9wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOBbXCnzsIK2UtpruMgod0YpLwzSMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvNEZ0Y0tmT3dnclpTMm11NHlDaDNSaWt2RE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBANVjCgD
BABVjCoDBABVjH8wDAMEBdVXYAMEAtVXaAMEANVX9jANBgkqhkiG9w0BAQsFAAOC
AQEAcx4MHlyEW38VUJEscpaBfJYURMDKlDG11VaLO+GJ503jk8dlw3JExi3i9a/x
U/AW/8LTQgcD8npD3SFnzCiGxLuLGiBh+tJKlVOcnzDHsmtBdyE4MKf+tmAj3epE
Rtf59kwFU6mK3GoyeK336/eh+JoL5lU7GuJ6KhiBdZ0SU0cd4V4LCmBDRFYVGG2c
+XHXKd1WyYFG580Jwy9DhKpi77Ja6AhzC9jMQ6vtQcKxweC1wUcHfBdRFyr/gG1g
xaLxSxiMJnBOastPH5uwFiPcEd0yB2TrJTaZmJ1AWFg5LQ2XBFkooHwSXB04P3lB
gPVpKJqh/VQ49Yf/2BDF3zYujw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:18:53 2024 by rpki-client on console-fra.rpki-client.org