Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/pZEgE4AdJcL4AZcgu-oJKwt8ULg.roa
File: pZEgE4AdJcL4AZcgu-oJKwt8ULg.roa (raw, json)
Hash identifier: Av0VIBzRaXcNSTpONtYCryfJFFmb83liGk8rs12tMSA=
Subject key identifier: A5:91:20:13:80:1D:25:C2:F8:01:97:20:BB:EA:09:2B:0B:7C:50:B8
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 018CC348CE2E77E4A4B26DA426CF4A89E796
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/pZEgE4AdJcL4AZcgu-oJKwt8ULg.roa
Signing time: Mon 01 Jan 2024 04:29:37 +0000
ROA not before: Mon 01 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44565
IP address blocks: 188.124.4.0/24 maxlen: 24
188.124.1.0/24 maxlen: 24
188.124.0.0/24 maxlen: 24
188.124.2.0/24 maxlen: 24
188.124.11.0/24 maxlen: 24
188.124.6.0/24 maxlen: 24
188.124.8.0/24 maxlen: 24
188.124.7.0/24 maxlen: 24
188.124.10.0/24 maxlen: 24
188.124.9.0/24 maxlen: 24
188.124.13.0/24 maxlen: 24
188.124.12.0/24 maxlen: 24
188.124.15.0/24 maxlen: 24
188.124.14.0/24 maxlen: 24
188.124.17.0/24 maxlen: 24
188.124.16.0/24 maxlen: 24
188.124.18.0/24 maxlen: 24
188.124.20.0/24 maxlen: 24
188.124.19.0/24 maxlen: 24
188.124.22.0/24 maxlen: 24
188.124.21.0/24 maxlen: 24
188.124.24.0/24 maxlen: 24
188.124.23.0/24 maxlen: 24
188.124.25.0/24 maxlen: 24
188.124.27.0/24 maxlen: 24
188.124.26.0/24 maxlen: 24
188.124.29.0/24 maxlen: 24
188.124.28.0/24 maxlen: 24
188.124.31.0/24 maxlen: 24
188.124.30.0/24 maxlen: 24
79.171.17.0/24 maxlen: 24
79.171.16.0/24 maxlen: 24
79.171.19.0/24 maxlen: 24
79.171.18.0/24 maxlen: 24
79.171.21.0/24 maxlen: 24
79.171.20.0/24 maxlen: 24
93.186.112.0/24 maxlen: 24
93.186.113.0/24 maxlen: 24
93.186.115.0/24 maxlen: 24
93.186.114.0/24 maxlen: 24
93.186.117.0/24 maxlen: 24
93.186.116.0/24 maxlen: 24
93.186.118.0/24 maxlen: 24
93.186.120.0/24 maxlen: 24
93.186.119.0/24 maxlen: 24
93.186.122.0/24 maxlen: 24
93.186.121.0/24 maxlen: 24
93.186.124.0/24 maxlen: 24
93.186.123.0/24 maxlen: 24
93.186.127.0/24 maxlen: 24
93.186.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ce:2e:77:e4:a4:b2:6d:a4:26:cf:4a:89:e7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Jan 1 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5912013801d25c2f8019720bbea092b0b7c50b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0e:0f:77:bb:7c:1e:5a:7f:cd:6f:08:45:68:
d3:40:9f:27:17:c4:6e:29:0c:d7:4f:14:38:61:70:
5f:e2:36:a8:12:be:d8:41:45:fd:42:17:c5:4a:58:
8c:f2:ea:b6:b2:4a:28:06:9c:80:d6:96:dd:07:cc:
72:93:32:d4:18:c2:c7:be:7b:24:3a:3c:ac:e7:fc:
80:9f:2a:bb:65:69:b9:7e:30:17:1e:66:3f:81:fa:
fb:7e:60:3e:e7:a7:c4:d8:fa:83:1e:65:95:94:44:
68:a1:d5:ac:ca:29:41:6a:78:1f:56:89:3a:ae:6c:
95:34:e5:11:88:ba:0b:66:28:58:5e:5b:cd:b1:73:
6a:32:65:73:b6:f1:98:d0:01:18:16:7e:14:bc:a0:
a3:5e:77:4a:69:73:7e:d4:f0:a3:8a:5b:f0:6c:01:
27:82:a2:cd:62:28:b8:b1:e4:df:c8:55:c5:50:c5:
5d:42:0b:c2:e4:88:e1:1a:f2:ac:de:63:e7:db:da:
9b:63:49:fc:68:b1:e6:ab:64:56:52:bd:85:19:b7:
e5:6d:20:66:b1:47:5e:81:0e:11:b9:8e:be:85:d7:
67:f8:12:79:ff:5d:b8:f7:a9:f8:dc:6a:be:86:1b:
a2:ed:da:a7:ee:d5:c5:f7:51:96:cc:8d:35:a2:59:
45:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:91:20:13:80:1D:25:C2:F8:01:97:20:BB:EA:09:2B:0B:7C:50:B8
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/pZEgE4AdJcL4AZcgu-oJKwt8ULg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.16.0-79.171.21.255
93.186.112.0-93.186.124.255
93.186.126.0/23
188.124.0.0-188.124.2.255
188.124.4.0/24
188.124.6.0-188.124.31.255
Signature Algorithm: sha256WithRSAEncryption
aa:5a:5a:3e:ca:42:77:42:e0:5a:eb:ea:31:b1:37:61:97:e1:
00:89:ec:a1:65:25:b5:70:8a:42:f7:fe:1e:bd:67:52:3c:c7:
12:76:f3:57:5f:f0:e6:e5:20:56:e2:ef:db:fe:65:57:14:6e:
47:28:a0:7a:26:2c:36:c5:1d:b8:36:25:89:b3:1c:ed:de:ee:
8f:1b:05:74:7f:bb:68:ca:9e:b6:e3:1f:22:10:d2:70:d9:eb:
7a:84:e0:98:5a:9a:9d:0b:e5:94:66:40:ee:ae:8f:96:8e:14:
ac:7b:5f:15:2d:64:25:e3:03:9c:fc:a6:51:37:21:e1:77:13:
f3:ce:c2:01:75:1c:1d:85:af:ba:d3:86:56:32:7b:65:43:02:
6d:1c:d5:73:e0:1c:5b:da:98:dd:bf:02:3e:32:6b:d7:94:61:
09:99:58:37:b7:13:77:79:ff:b2:83:f4:96:18:c0:33:2f:6c:
37:ae:15:1b:15:8d:e7:6c:3d:51:2b:e7:9b:77:2e:41:24:ae:
85:b7:fd:23:aa:49:7e:88:b8:b1:34:52:a2:7e:ca:79:41:cf:
76:e8:53:15:21:9d:39:dd:85:6c:94:d1:c2:4e:37:39:93:af:
13:ef:ac:26:ef:95:65:d3:11:cb:8b:e7:10:b1:4b:d3:f4:56:
b8:0f:7e:37
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzDSM4ud+Sksm2kJs9KieeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTkxMjAxMzgwMWQyNWMyZjgwMTk3MjBiYmVhMDkyYjBiN2M1MGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q4Pd7t8Hlp/zW8IRWjTQJ8nF8Ru
KQzXTxQ4YXBf4jaoEr7YQUX9QhfFSliM8uq2skooBpyA1pbdB8xykzLUGMLHvnsk
Ojys5/yAnyq7ZWm5fjAXHmY/gfr7fmA+56fE2PqDHmWVlERoodWsyilBangfVok6
rmyVNOURiLoLZihYXlvNsXNqMmVztvGY0AEYFn4UvKCjXndKaXN+1PCjilvwbAEn
gqLNYii4seTfyFXFUMVdQgvC5IjhGvKs3mPn29qbY0n8aLHmq2RWUr2FGbflbSBm
sUdegQ4RuY6+hddn+BJ5/12496n43Gq+hhui7dqn7tXF91GWzI01ollFxwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFKWRIBOAHSXC+AGXILvqCSsLfFC4MB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvcFpFZ0U0QWRKY0w0QVpjZ3Utb0pLd3Q4VUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAATBDMAwDBARPqxAD
BAFPqxQwDAMEBF26cAMEAF26fAMEAV26fjALAwMCvHwDBAC8fAIDBAC8fAQwDAME
Abx8BgMEBbx8ADANBgkqhkiG9w0BAQsFAAOCAQEAqlpaPspCd0LgWuvqMbE3YZfh
AInsoWUltXCKQvf+Hr1nUjzHEnbzV1/w5uUgVuLv2/5lVxRuRyigeiYsNsUduDYl
ibMc7d7ujxsFdH+7aMqetuMfIhDScNnreoTgmFqanQvllGZA7q6Plo4UrHtfFS1k
JeMDnPymUTch4XcT887CAXUcHYWvutOGVjJ7ZUMCbRzVc+AcW9qY3b8CPjJr15Rh
CZlYN7cTd3n/soP0lhjAMy9sN64VGxWN52w9USvnm3cuQSSuhbf9I6pJfoi4sTRS
on7KeUHPduhTFSGdOd2FbJTRwk43OZOvE++sJu+VZdMRy4vnELFL0/RWuA9+Nw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:52:58 2024 by rpki-client on console-fra.rpki-client.org