Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/4M3Mq_p4W20Jt9OI3Y2z9F7PHyM.roa
File: 4M3Mq_p4W20Jt9OI3Y2z9F7PHyM.roa (raw, json)
Hash identifier: xGZfJCA1d4I6T6tUmWxP2npYJI5g3kfyDyK4m0Qfpps=
Subject key identifier: E0:CD:CC:AB:FA:78:5B:6D:09:B7:D3:88:DD:8D:B3:F4:5E:CF:1F:23
Certificate issuer: /CN=4d16240897b01305681c9425fe523f58fab27415
Certificate serial: 018CC94DCE85683D4006BD10F2C0BDCEB0AB
Authority key identifier: 4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/4M3Mq_p4W20Jt9OI3Y2z9F7PHyM.roa
Signing time: Tue 02 Jan 2024 08:32:48 +0000
ROA not before: Tue 02 Jan 2024 08:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20963
IP address blocks: 81.25.176.0/20 maxlen: 20
80.77.128.0/20 maxlen: 20
185.88.228.0/22 maxlen: 22
46.227.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ce:85:68:3d:40:06:bd:10:f2:c0:bd:ce:b0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d16240897b01305681c9425fe523f58fab27415
Validity
Not Before: Jan 2 08:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0cdccabfa785b6d09b7d388dd8db3f45ecf1f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:86:11:41:b6:3e:cd:b1:11:70:8e:24:86:8a:
54:b3:85:0b:43:bb:6b:d7:c7:dc:0b:e9:d8:01:91:
c9:20:69:08:72:41:3e:57:69:3a:40:68:95:66:c4:
1f:19:16:a9:1d:c6:a1:a3:e4:ab:04:24:82:20:ef:
0d:a4:78:60:68:ef:dc:28:4e:ca:18:e8:be:96:1b:
14:82:f1:36:d7:aa:cc:ba:3b:e8:0a:0a:23:af:59:
a9:a5:2b:06:c6:26:10:bd:d5:2a:4f:7e:7c:d6:7b:
f5:a3:76:c2:a4:50:a9:f2:f9:b5:7b:c3:a4:a6:4e:
cf:ed:95:cb:97:e6:00:e4:e0:f8:e1:f8:6a:11:e9:
92:96:d4:7a:28:ab:66:cb:6c:65:37:2b:7a:30:9c:
0e:48:a6:92:54:d6:bf:f9:74:20:fc:83:1f:52:b0:
90:e5:f3:cd:e0:b6:d2:62:83:d6:03:5c:f4:09:89:
5d:d2:20:4a:d8:3c:51:5f:84:91:69:17:7a:1e:eb:
c9:aa:0e:4e:86:6f:a9:ec:f8:40:28:57:48:81:1a:
c9:f6:56:cf:d2:3b:0a:b8:d7:11:39:76:ec:16:9a:
f6:1d:fe:91:ce:52:1d:63:cc:ac:98:f4:29:27:33:
a7:31:a3:03:59:43:0d:35:39:e4:fa:4d:94:7f:d4:
b5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CD:CC:AB:FA:78:5B:6D:09:B7:D3:88:DD:8D:B3:F4:5E:CF:1F:23
X509v3 Authority Key Identifier:
keyid:4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/4M3Mq_p4W20Jt9OI3Y2z9F7PHyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.112.0/21
80.77.128.0/20
81.25.176.0/20
185.88.228.0/22
Signature Algorithm: sha256WithRSAEncryption
74:1c:c9:f5:eb:30:20:10:70:5b:18:d2:ce:3b:19:e0:12:69:
fb:85:89:c1:d2:93:cd:aa:5d:7f:65:35:91:22:2b:58:39:ef:
dd:a8:97:cf:ca:cc:3a:aa:67:fa:06:a0:d4:81:a0:50:12:aa:
80:86:62:31:96:b0:18:59:bd:49:a5:9d:12:2c:a9:24:cd:d2:
92:43:86:eb:76:31:9e:90:bd:71:9e:29:f9:7e:b6:02:62:17:
cd:18:4e:a9:d1:0e:67:ae:0b:e0:cc:97:07:04:f3:8a:b5:e1:
c0:c5:92:36:ee:25:49:83:53:9a:ad:c5:8e:8a:a0:7c:83:77:
80:b3:32:6a:b4:65:7b:f8:e6:a8:db:af:61:cd:a1:c4:bc:24:
10:d5:7a:2c:a7:f4:0a:6e:64:08:d9:c3:0b:b7:34:1c:ca:f6:
30:b1:47:c2:c5:0a:9a:27:e0:13:26:40:81:bc:a3:a9:d3:66:
ce:be:32:2c:d1:24:c4:0a:b9:39:82:1e:89:4a:98:b4:3d:1e:
5d:15:2f:b9:a5:c2:26:e9:33:69:60:1d:51:97:60:84:e6:64:
20:a3:e2:ce:a2:47:4f:9b:91:18:f1:2e:06:63:c6:be:a7:3b:
35:5d:f6:f7:a4:cd:17:47:63:4e:63:e0:8d:15:5b:2c:6d:0b:
d5:e7:d3:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTc6FaD1ABr0Q8sC9zrCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTYyNDA4OTdiMDEzMDU2ODFjOTQyNWZlNTIzZjU4ZmFi
Mjc0MTUwHhcNMjQwMTAyMDgzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNkY2NhYmZhNzg1YjZkMDliN2QzODhkZDhkYjNmNDVlY2YxZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYYRQbY+zbERcI4khopUs4ULQ7tr
18fcC+nYAZHJIGkIckE+V2k6QGiVZsQfGRapHcaho+SrBCSCIO8NpHhgaO/cKE7K
GOi+lhsUgvE216rMujvoCgojr1mppSsGxiYQvdUqT3581nv1o3bCpFCp8vm1e8Ok
pk7P7ZXLl+YA5OD44fhqEemSltR6KKtmy2xlNyt6MJwOSKaSVNa/+XQg/IMfUrCQ
5fPN4LbSYoPWA1z0CYld0iBK2DxRX4SRaRd6HuvJqg5Ohm+p7PhAKFdIgRrJ9lbP
0jsKuNcROXbsFpr2Hf6RzlIdY8ysmPQpJzOnMaMDWUMNNTnk+k2Uf9S1FwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFODNzKv6eFttCbfTiN2Ns/Rezx8jMB8GA1UdIwQY
MBaAFE0WJAiXsBMFaByUJf5SP1j6snQVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJZa0NKZXdFd1ZvSEpRbF9sSV9XUHF5ZEJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mYzQ4MWEtYWIwMS00ZjgyLTllNmUt
ZWIwMmYzZDNmNDBjLzEvNE0zTXFfcDRXMjBKdDlPSTNZMno5RjdQSHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9mYzQ4MWEtYWIwMS00ZjgyLTllNmUtZWIwMmYzZDNmNDBj
LzEvVFJZa0NKZXdFd1ZvSEpRbF9sSV9XUHF5ZEJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLuNwAwQE
UE2AAwQEURmwAwQCuVjkMA0GCSqGSIb3DQEBCwUAA4IBAQB0HMn16zAgEHBbGNLO
OxngEmn7hYnB0pPNql1/ZTWRIitYOe/dqJfPysw6qmf6BqDUgaBQEqqAhmIxlrAY
Wb1JpZ0SLKkkzdKSQ4brdjGekL1xnin5frYCYhfNGE6p0Q5nrgvgzJcHBPOKteHA
xZI27iVJg1OarcWOiqB8g3eAszJqtGV7+Oao269hzaHEvCQQ1Xosp/QKbmQI2cML
tzQcyvYwsUfCxQqaJ+ATJkCBvKOp02bOvjIs0STECrk5gh6JSpi0PR5dFS+5pcIm
6TNpYB1Rl2CE5mQgo+LOokdPm5EY8S4GY8a+pzs1Xfb3pM0XR2NOY+CNFVssbQvV
59Nn
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:21:02 2024 by rpki-client on console-ams.rpki-client.org