Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/4sI-G6Kgj9R2kDTR61RODi2b-JA.roa
File: 4sI-G6Kgj9R2kDTR61RODi2b-JA.roa (raw, json)
Hash identifier: 5dgWtit5QSkQUgZaj0N5mA92wjGEeyib1Trc9ASghUs=
Subject key identifier: E2:C2:3E:1B:A2:A0:8F:D4:76:90:34:D1:EB:54:4E:0E:2D:9B:F8:90
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC79457E44E517C7D2ED1258B205B1292
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/4sI-G6Kgj9R2kDTR61RODi2b-JA.roa
Signing time: Tue 02 Jan 2024 00:30:36 +0000
ROA not before: Tue 02 Jan 2024 00:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204393
IP address blocks: 2.188.238.0/24 maxlen: 24
2.188.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:57:e4:4e:51:7c:7d:2e:d1:25:8b:20:5b:12:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c23e1ba2a08fd4769034d1eb544e0e2d9bf890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:8f:8a:3d:06:04:d9:41:cc:71:30:62:e6:
8d:a0:e3:b4:ab:08:7d:03:fe:4c:22:36:39:af:70:
33:ec:a9:92:23:98:61:e4:31:d3:65:1a:6e:46:52:
5d:df:2b:c2:b4:f8:25:17:a9:a6:9c:c6:f9:2a:f0:
cd:2e:60:6f:ef:c3:de:86:b0:39:05:0d:6b:64:23:
3b:0d:36:5d:ec:a9:6b:ea:ca:9d:34:4f:3a:0e:ef:
6f:12:a0:da:fa:0a:d1:dc:70:fe:26:f7:a4:b6:62:
23:c9:02:42:5f:c2:e0:2a:f7:13:cc:f5:b9:5c:76:
38:9c:9a:48:9e:13:0e:30:6c:af:be:d2:dc:21:01:
a5:6d:13:04:02:ce:ec:db:12:81:48:95:36:d6:7c:
9f:ec:6c:c4:72:d4:24:3c:35:c9:1c:ba:9b:3b:0e:
bf:85:2a:34:f0:ee:a0:75:2d:d6:3a:42:58:65:dc:
aa:bb:03:a4:cb:1d:a0:ff:3f:ed:39:79:77:f2:78:
8f:96:04:fd:db:f5:c1:f1:af:24:04:7f:dd:a0:8d:
77:74:53:3d:98:5d:98:73:f0:f8:c9:1b:d3:d4:88:
87:89:12:58:3d:09:71:7f:ef:69:07:cd:10:a0:84:
66:01:bd:b8:e2:d1:83:4a:d2:74:69:f8:9f:06:38:
8e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C2:3E:1B:A2:A0:8F:D4:76:90:34:D1:EB:54:4E:0E:2D:9B:F8:90
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/4sI-G6Kgj9R2kDTR61RODi2b-JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.234.0/24
2.188.238.0/24
Signature Algorithm: sha256WithRSAEncryption
95:4a:0b:4d:b7:e0:98:ea:4f:2b:e7:54:bb:9e:59:09:ab:b7:
1c:bc:c2:db:20:77:9e:46:6d:58:10:84:f3:f6:13:2b:6d:6d:
3e:0a:b0:df:c3:27:09:06:3e:dd:8d:d0:7d:12:aa:a2:13:31:
9f:65:5a:5d:8d:6b:ca:e8:6e:46:50:0e:c1:e8:9a:18:1b:21:
f6:ff:b7:e3:93:11:80:b4:7b:0e:48:30:9f:ba:51:06:14:7f:
5e:a5:df:6a:9e:23:bd:0f:d8:87:fb:34:bf:a0:25:10:6e:c3:
a9:57:fb:63:a1:35:5c:04:8e:9f:0a:7d:24:21:29:14:83:62:
ee:c1:8a:7a:27:e6:93:8a:d2:6b:f4:f7:01:cc:8c:ac:d9:72:
d8:87:d7:d7:c2:ab:c6:66:b0:43:55:c4:13:f6:ac:85:43:6e:
19:a6:06:7d:fb:de:90:f3:14:4a:53:31:71:25:ad:0e:a7:13:
a7:6d:fc:89:3b:5d:d7:bf:c9:ec:05:35:f6:04:06:16:7f:21:
bb:2a:9f:a8:87:b4:78:46:f5:f0:ec:81:06:66:88:b0:51:ec:
c8:d1:88:23:71:0c:7f:46:8c:f8:a4:22:98:78:ad:1b:5d:ac:
48:4b:29:10:7e:f2:6b:13:30:72:3a:28:05:d1:de:8e:e0:33:
b1:77:9f:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlFfkTlF8fS7RJYsgWxKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMyM2UxYmEyYTA4ZmQ0NzY5MDM0ZDFlYjU0NGUwZTJkOWJmODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR6Pij0GBNlBzHEwYuaNoOO0qwh9
A/5MIjY5r3Az7KmSI5hh5DHTZRpuRlJd3yvCtPglF6mmnMb5KvDNLmBv78PehrA5
BQ1rZCM7DTZd7Klr6sqdNE86Du9vEqDa+grR3HD+JvektmIjyQJCX8LgKvcTzPW5
XHY4nJpInhMOMGyvvtLcIQGlbRMEAs7s2xKBSJU21nyf7GzEctQkPDXJHLqbOw6/
hSo08O6gdS3WOkJYZdyquwOkyx2g/z/tOXl38niPlgT92/XB8a8kBH/doI13dFM9
mF2Yc/D4yRvT1IiHiRJYPQlxf+9pB80QoIRmAb244tGDStJ0afifBjiO8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOLCPhuioI/UdpA00etUTg4tm/iQMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvNHNJLUc2S2dqOVIya0RUUjYxUk9EaTJiLUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAArzqAwQA
ArzuMA0GCSqGSIb3DQEBCwUAA4IBAQCVSgtNt+CY6k8r51S7nlkJq7ccvMLbIHee
Rm1YEITz9hMrbW0+CrDfwycJBj7djdB9EqqiEzGfZVpdjWvK6G5GUA7B6JoYGyH2
/7fjkxGAtHsOSDCfulEGFH9epd9qniO9D9iH+zS/oCUQbsOpV/tjoTVcBI6fCn0k
ISkUg2LuwYp6J+aTitJr9PcBzIys2XLYh9fXwqvGZrBDVcQT9qyFQ24ZpgZ9+96Q
8xRKUzFxJa0OpxOnbfyJO13Xv8nsBTX2BAYWfyG7Kp+oh7R4RvXw7IEGZoiwUezI
0YgjcQx/Roz4pCKYeK0bXaxISykQfvJrEzByOigF0d6O4DOxd594
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:48:27 2024 by rpki-client on console-ams.rpki-client.org