Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/ru4RKqxJKavzEDtf0Zso79y9uVQ.roa
File: ru4RKqxJKavzEDtf0Zso79y9uVQ.roa (raw, json)
Hash identifier: 3oBkCRM2AvjUsBRGO7S4e26qmz7viUz5qLFAH5VsCik=
Subject key identifier: AE:EE:11:2A:AC:49:29:AB:F3:10:3B:5F:D1:9B:28:EF:DC:BD:B9:54
Certificate issuer: /CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Certificate serial: 018CC56EF555BC6D30C126F44EA451F3C6C6
Authority key identifier: 58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/ru4RKqxJKavzEDtf0Zso79y9uVQ.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208208
IP address blocks: 185.240.243.0/24 maxlen: 24
185.240.242.0/24 maxlen: 24
185.240.241.0/24 maxlen: 24
84.252.121.0/24 maxlen: 24
84.252.120.0/24 maxlen: 24
84.252.123.0/24 maxlen: 24
84.252.122.0/24 maxlen: 24
185.230.162.0/24 maxlen: 24
185.230.161.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
185.230.163.0/24 maxlen: 24
2a0c:2500::/32 maxlen: 32
2a09:6302::/32 maxlen: 32
2a09:6301::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f5:55:bc:6d:30:c1:26:f4:4e:a4:51:f3:c6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aeee112aac4929abf3103b5fd19b28efdcbdb954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:04:1f:15:d3:2a:6b:06:ef:c0:a1:f6:60:8f:
46:f6:41:87:63:e4:30:7c:57:b4:99:3d:0b:58:da:
31:9e:7c:13:90:d9:dd:bc:00:4c:9a:71:09:bf:45:
c1:13:9e:d4:9e:21:99:9c:d0:11:19:ac:0e:31:7f:
ba:f4:65:c8:c8:6e:52:3f:36:46:6b:05:29:1b:36:
38:a6:d6:67:9f:f8:52:3e:d6:0a:19:d9:f2:d4:d6:
83:aa:ad:a8:cb:2b:36:1a:36:76:19:64:d9:66:83:
1d:03:1e:05:61:44:32:60:61:f0:b6:b4:0a:e7:0c:
b2:fb:82:af:9c:a3:3f:a8:15:7a:96:72:fc:04:70:
e9:63:de:9f:46:e3:37:99:0b:59:33:e1:31:81:f9:
31:61:ca:c0:34:31:49:df:62:5c:b9:55:df:66:16:
ad:6a:b8:9b:8e:f9:f1:7a:71:4d:fa:d2:4d:ff:d8:
89:9d:f5:06:b7:ca:01:f9:5d:fb:ab:f3:88:0d:74:
72:f5:a5:6a:76:2a:76:bf:0d:24:50:36:c5:1e:6c:
6b:9b:08:b7:86:09:ca:99:0e:0c:3b:48:70:7f:a5:
cc:93:87:17:06:1e:4f:5c:1c:9c:ce:0f:08:59:a7:
c2:b1:30:87:93:5d:86:d7:e2:a2:52:c0:4e:6b:87:
88:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EE:11:2A:AC:49:29:AB:F3:10:3B:5F:D1:9B:28:EF:DC:BD:B9:54
X509v3 Authority Key Identifier:
keyid:58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/ru4RKqxJKavzEDtf0Zso79y9uVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.120.0/22
185.230.160.0/22
185.240.241.0-185.240.243.255
IPv6:
2a09:6301::-2a09:6302:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:2500::/32
Signature Algorithm: sha256WithRSAEncryption
8d:2e:ea:3e:47:79:40:64:bf:a3:cf:13:0a:fe:cc:37:c1:7a:
d5:e7:68:6f:aa:ea:21:7a:95:01:f7:65:07:1e:79:b0:bd:08:
9a:82:6d:bd:dd:2d:bb:01:58:17:23:24:f3:6a:75:14:1d:b3:
da:e9:37:c6:cd:1f:10:3b:76:ac:61:cd:31:83:c7:78:a3:77:
e7:f0:63:65:d9:2d:6a:09:c7:7d:91:22:29:98:41:62:af:da:
a9:d8:8d:a6:da:83:e1:3f:e9:35:d9:b0:09:a4:5a:53:3e:80:
6d:f2:a0:6a:8b:cc:32:a5:2c:b5:f1:64:fd:c9:51:1b:b2:c8:
32:15:22:ae:d3:df:b2:cd:70:d9:65:0f:80:0a:d8:91:17:5c:
61:c1:9f:18:3c:01:37:1b:3c:4e:b7:9a:a7:48:ab:d9:e5:bc:
21:66:ab:4a:9a:6e:fe:d2:9f:d7:2e:8e:de:a9:bb:cc:f6:96:
e8:cd:a6:36:41:af:40:7f:cc:17:8f:a7:1c:9d:fb:ce:2f:15:
74:52:6c:d9:d0:14:81:31:4f:c4:0d:b3:07:c0:e1:29:4a:dd:
42:b2:cd:df:b5:f5:2b:0e:41:cd:f6:b5:45:77:f9:ae:ca:1a:
4e:5a:83:07:a6:29:77:5b:87:d1:48:3b:d5:85:5a:43:6a:22:
4e:76:82:4e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFbvVVvG0wwSb0TqRR88bGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGIxMDI0ZWEwNTZlNWVkNDk4ZjZlOWRkYzIwNjMyYmRm
NmM5YzUwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWVlMTEyYWFjNDkyOWFiZjMxMDNiNWZkMTliMjhlZmRjYmRiOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwQfFdMqawbvwKH2YI9G9kGHY+Qw
fFe0mT0LWNoxnnwTkNndvABMmnEJv0XBE57UniGZnNARGawOMX+69GXIyG5SPzZG
awUpGzY4ptZnn/hSPtYKGdny1NaDqq2oyys2GjZ2GWTZZoMdAx4FYUQyYGHwtrQK
5wyy+4KvnKM/qBV6lnL8BHDpY96fRuM3mQtZM+ExgfkxYcrANDFJ32JcuVXfZhat
aribjvnxenFN+tJN/9iJnfUGt8oB+V37q/OIDXRy9aVqdip2vw0kUDbFHmxrmwi3
hgnKmQ4MO0hwf6XMk4cXBh5PXByczg8IWafCsTCHk12G1+KiUsBOa4eIfwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFK7uESqsSSmr8xA7X9GbKO/cvblUMB8GA1UdIwQY
MBaAFFiLECTqBW5e1Jj26d3CBjK99snFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2Qt
NTY2MjhhNDZkZjQwLzEvcnU0UktxeEpLYXZ6RUR0ZjBac283OXk5dVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2QtNTY2MjhhNDZkZjQw
LzEvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAgBAIAATAaAwQCVPx4AwQC
ueagMAwDBAC58PEDBAK58PAwHQQCAAIwFzAOAwUAKgljAQMFACoJYwIDBQAqDCUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNLuo+R3lAZL+jzxMK/sw3wXrV52hvquohepUB
92UHHnmwvQiagm293S27AVgXIyTzanUUHbPa6TfGzR8QO3asYc0xg8d4o3fn8GNl
2S1qCcd9kSIpmEFir9qp2I2m2oPhP+k12bAJpFpTPoBt8qBqi8wypSy18WT9yVEb
ssgyFSKu09+yzXDZZQ+ACtiRF1xhwZ8YPAE3GzxOt5qnSKvZ5bwhZqtKmm7+0p/X
Lo7eqbvM9pbozaY2Qa9Af8wXj6ccnfvOLxV0UmzZ0BSBMU/EDbMHwOEpSt1Css3f
tfUrDkHN9rVFd/muyhpOWoMHpil3W4fRSDvVhVpDaiJOdoJO
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:37:38 2024 by rpki-client on console-ams.rpki-client.org