Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/RDu6oWvcquVZQbdeUPeQbL6S48g.roa
File: RDu6oWvcquVZQbdeUPeQbL6S48g.roa (raw, json)
Hash identifier: +PLe74DeKjO6TwwgD3maWGmV/0vHr3TxtSIcpPvR118=
Subject key identifier: 44:3B:BA:A1:6B:DC:AA:E5:59:41:B7:5E:50:F7:90:6C:BE:92:E3:C8
Certificate issuer: /CN=f4a5b042fe48eeb123be56dbf9e8dda20c1ea11d
Certificate serial: 018CC6B7790DE76FFEDDE6FE75221067F9FA
Authority key identifier: F4:A5:B0:42:FE:48:EE:B1:23:BE:56:DB:F9:E8:DD:A2:0C:1E:A1:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/RDu6oWvcquVZQbdeUPeQbL6S48g.roa
Signing time: Mon 01 Jan 2024 20:29:21 +0000
ROA not before: Mon 01 Jan 2024 20:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8304
IP address blocks: 213.182.32.0/19 maxlen: 24
81.91.64.0/20 maxlen: 24
195.200.96.0/19 maxlen: 24
46.227.80.0/21 maxlen: 24
213.218.128.0/19 maxlen: 24
91.188.64.0/19 maxlen: 24
5.144.136.0/21 maxlen: 24
128.204.208.0/21 maxlen: 24
185.91.36.0/22 maxlen: 24
2a00:e00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/9KWwQv5I7rEjvlbb-ejdogweoR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/9KWwQv5I7rEjvlbb-ejdogweoR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:79:0d:e7:6f:fe:dd:e6:fe:75:22:10:67:f9:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4a5b042fe48eeb123be56dbf9e8dda20c1ea11d
Validity
Not Before: Jan 1 20:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=443bbaa16bdcaae55941b75e50f7906cbe92e3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b4:7c:fc:b6:8f:9e:01:f0:f8:ba:91:ce:e0:
bf:45:1c:57:97:a3:f7:83:16:b0:7a:44:4a:07:6b:
6c:c6:25:b4:df:bf:53:73:06:f4:33:6c:75:b4:d5:
42:71:0f:92:f1:25:8c:0d:d3:dc:71:eb:69:86:af:
76:42:ec:9c:3e:10:bb:73:53:cd:ac:4f:fd:38:a1:
79:8c:70:1b:2a:1d:55:57:8d:35:be:7a:31:23:a3:
2a:fd:b3:e4:53:49:3c:2c:3c:fe:59:b7:97:24:7d:
ac:ac:e1:1c:5e:2d:8a:3e:71:64:81:49:93:b9:4a:
ce:3a:a5:8f:13:24:c3:0d:bb:20:76:7b:72:7b:68:
84:ca:b3:ee:cf:4e:00:88:0b:79:e4:ba:84:f2:07:
fd:aa:4b:6d:a5:45:5a:e9:2f:86:fe:71:61:13:60:
24:03:5d:b4:0e:27:b9:5c:39:12:f1:44:3d:f0:3a:
99:d7:59:30:ea:55:12:84:e4:f7:98:73:12:b1:90:
7b:90:2f:6b:d8:b0:73:70:4a:81:be:a8:71:16:8a:
26:37:d1:4a:98:ba:46:2d:3c:7b:c5:59:6f:10:0d:
c0:2f:46:a6:93:ab:a6:24:24:94:14:49:24:98:73:
c2:7c:c5:8f:3e:5b:7c:44:09:85:d3:7f:6d:42:16:
c3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3B:BA:A1:6B:DC:AA:E5:59:41:B7:5E:50:F7:90:6C:BE:92:E3:C8
X509v3 Authority Key Identifier:
keyid:F4:A5:B0:42:FE:48:EE:B1:23:BE:56:DB:F9:E8:DD:A2:0C:1E:A1:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9KWwQv5I7rEjvlbb-ejdogweoR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/RDu6oWvcquVZQbdeUPeQbL6S48g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/389231-2b5f-4c9e-941d-b4b28437fe6c/1/9KWwQv5I7rEjvlbb-ejdogweoR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.136.0/21
46.227.80.0/21
81.91.64.0/20
91.188.64.0/19
128.204.208.0/21
185.91.36.0/22
195.200.96.0/19
213.182.32.0/19
213.218.128.0/19
IPv6:
2a00:e00::/32
Signature Algorithm: sha256WithRSAEncryption
01:91:e5:b6:07:4a:33:69:0b:e2:65:b0:6c:6f:ff:75:6a:27:
59:c3:ed:6d:c0:09:f2:3d:14:db:23:36:8c:2c:74:5e:d7:a4:
15:91:6e:ff:1b:b4:07:02:86:97:d5:69:7c:ac:af:7f:fc:be:
f4:5b:bd:65:c0:c1:f2:71:8d:23:23:0f:09:bd:19:46:4f:6c:
1a:15:03:82:cd:7c:30:77:a5:06:3c:83:34:9c:02:60:6a:2e:
39:24:21:f9:81:fe:f5:eb:02:5a:cc:f1:bf:f2:5a:d0:6b:a4:
18:33:b8:29:5f:d4:0b:c1:2c:13:b6:2f:e3:cc:e6:e9:48:de:
1a:ef:6d:4a:28:3b:f2:34:95:48:b4:ad:01:33:46:c7:b0:2b:
54:77:32:99:78:e4:79:42:ad:1e:dd:f6:87:6a:7c:bc:ef:85:
98:1d:36:fe:ea:fc:7c:28:94:d1:c0:cb:d2:ce:39:09:4b:87:
c7:27:48:fe:ce:d2:76:e4:64:c9:16:93:12:93:d1:cd:18:e4:
a0:b1:c5:53:3c:a7:d0:24:8c:5d:68:b9:52:b3:57:b0:ad:0d:
99:d8:3a:24:eb:47:c3:8f:c9:19:0d:26:71:cb:01:80:7f:9a:
13:f3:2a:32:67:e8:76:d3:0e:0c:5f:aa:0f:af:1a:b8:e1:84:
e3:f6:53:ba
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzGt3kN52/+3eb+dSIQZ/n6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YTViMDQyZmU0OGVlYjEyM2JlNTZkYmY5ZThkZGEyMGMx
ZWExMWQwHhcNMjQwMTAxMjAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDNiYmFhMTZiZGNhYWU1NTk0MWI3NWU1MGY3OTA2Y2JlOTJlM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17R8/LaPngHw+LqRzuC/RRxXl6P3
gxawekRKB2tsxiW0379Tcwb0M2x1tNVCcQ+S8SWMDdPccetphq92QuycPhC7c1PN
rE/9OKF5jHAbKh1VV401vnoxI6Mq/bPkU0k8LDz+WbeXJH2srOEcXi2KPnFkgUmT
uUrOOqWPEyTDDbsgdntye2iEyrPuz04AiAt55LqE8gf9qkttpUVa6S+G/nFhE2Ak
A120Die5XDkS8UQ98DqZ11kw6lUShOT3mHMSsZB7kC9r2LBzcEqBvqhxFoomN9FK
mLpGLTx7xVlvEA3AL0amk6umJCSUFEkkmHPCfMWPPlt8RAmF039tQhbDzwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEQ7uqFr3KrlWUG3XlD3kGy+kuPIMB8GA1UdIwQY
MBaAFPSlsEL+SO6xI75W2/no3aIMHqEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUtXd1F2NUk3ckVqdmxiYi1lamRvZ3dlb1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zODkyMzEtMmI1Zi00YzllLTk0MWQt
YjRiMjg0MzdmZTZjLzEvUkR1Nm9XdmNxdVZaUWJkZVVQZVFiTDZTNDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zODkyMzEtMmI1Zi00YzllLTk0MWQtYjRiMjg0MzdmZTZj
LzEvOUtXd1F2NUk3ckVqdmxiYi1lamRvZ3dlb1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDBZCIAwQD
LuNQAwQEUVtAAwQFW7xAAwQDgMzQAwQCuVskAwQFw8hgAwQF1bYgAwQF1dqAMA0E
AgACMAcDBQAqAA4AMA0GCSqGSIb3DQEBCwUAA4IBAQABkeW2B0ozaQviZbBsb/91
aidZw+1twAnyPRTbIzaMLHRe16QVkW7/G7QHAoaX1Wl8rK9//L70W71lwMHycY0j
Iw8JvRlGT2waFQOCzXwwd6UGPIM0nAJgai45JCH5gf716wJazPG/8lrQa6QYM7gp
X9QLwSwTti/jzObpSN4a721KKDvyNJVItK0BM0bHsCtUdzKZeOR5Qq0e3faHany8
74WYHTb+6vx8KJTRwMvSzjkJS4fHJ0j+ztJ25GTJFpMSk9HNGOSgscVTPKfQJIxd
aLlSs1ewrQ2Z2Dok60fDj8kZDSZxywGAf5oT8yoyZ+h20w4MX6oPrxq44YTj9lO6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:37 2024 by rpki-client on console-ams.rpki-client.org