Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/4rZyYY8-P4q6pHCxhPr4m2Hkldc.roa
File: 4rZyYY8-P4q6pHCxhPr4m2Hkldc.roa (raw, json)
Hash identifier: uiF7oWN8lQqMtjQWB7XI7iANSSF2xj5NgI1wBPfBJjo=
Subject key identifier: E2:B6:72:61:8F:3E:3F:8A:BA:A4:70:B1:84:FA:F8:9B:61:E4:95:D7
Certificate issuer: /CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Certificate serial: 019223C8B3F5DC932CF9DBC88261B2495F6E
Authority key identifier: 6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/4rZyYY8-P4q6pHCxhPr4m2Hkldc.roa
Signing time: Tue 24 Sep 2024 11:26:48 +0000
ROA not before: Tue 24 Sep 2024 11:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215601
IP address blocks: 185.15.208.0/24 maxlen: 24
194.242.38.0/24 maxlen: 24
2a03:afc0:4::/48 maxlen: 48
2a03:afc0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.mft
rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:23:c8:b3:f5:dc:93:2c:f9:db:c8:82:61:b2:49:5f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Validity
Not Before: Sep 24 11:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2b672618f3e3f8abaa470b184faf89b61e495d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:a0:41:3f:f9:c1:28:0d:48:66:8d:bc:82:
c3:01:c2:91:30:89:7d:c0:cd:5c:fc:3e:15:ad:40:
f2:6e:ff:39:72:16:3d:d8:5f:bd:58:c7:0c:1d:36:
ec:a7:63:c7:e8:e9:7b:f6:6c:f3:32:ce:fd:87:5f:
2e:dc:47:60:56:43:d4:1f:a2:a3:99:1c:32:b2:23:
0e:aa:35:56:69:3f:ab:90:b7:34:07:10:c1:75:5f:
bf:0b:7a:fa:2b:bc:76:30:77:ea:9e:6c:64:a3:5a:
d2:31:69:8b:33:8a:1c:33:7e:ea:d9:c8:f9:37:c7:
2e:d0:30:4f:81:a9:42:75:6c:cf:09:d0:21:9a:be:
ca:af:22:35:7b:2a:50:b9:01:34:5d:ac:a4:ba:61:
40:47:47:be:8a:a4:76:df:a2:ec:21:24:27:4a:ec:
ee:db:e7:9e:b7:fe:12:c7:26:99:ef:63:42:71:01:
1a:8e:89:91:4c:b6:be:70:67:98:76:bc:45:ad:aa:
d6:f7:59:86:8f:2c:50:90:72:87:5d:e5:5e:76:5c:
11:89:06:09:0b:a7:e3:72:10:e5:fd:ec:49:34:51:
28:26:a7:8a:89:cb:0a:be:9c:0c:44:b9:20:1c:6e:
70:a4:46:2c:99:eb:f8:bc:88:ff:9b:38:a1:0b:e4:
7e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B6:72:61:8F:3E:3F:8A:BA:A4:70:B1:84:FA:F8:9B:61:E4:95:D7
X509v3 Authority Key Identifier:
keyid:6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/4rZyYY8-P4q6pHCxhPr4m2Hkldc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.208.0/24
194.242.38.0/24
IPv6:
2a03:afc0:4::/48
2a03:afc0:7::/48
Signature Algorithm: sha256WithRSAEncryption
a8:3a:aa:89:9d:a4:b6:1a:67:c3:fd:a4:56:5b:7e:94:b2:cc:
2d:b0:ba:42:29:49:cc:91:00:3c:92:28:8c:54:63:11:d4:e5:
cd:5a:b2:25:73:3f:ff:be:d4:17:c1:75:a7:42:aa:a7:b4:90:
9e:5b:d6:b6:da:33:c6:ce:56:a7:70:8c:d8:42:ae:49:75:9c:
ca:52:41:a9:ac:a9:7e:26:4a:ff:ad:de:c4:ac:78:ec:d0:18:
de:96:ec:05:27:91:24:62:4f:eb:92:a5:ed:e8:aa:83:16:9c:
b6:ac:b6:36:76:fd:d3:f9:cc:c0:dd:b7:98:d9:ab:86:9f:f4:
6d:5f:ae:94:1f:40:e9:a2:cc:26:57:57:b1:77:ee:59:d8:8c:
9f:ae:ca:d7:5d:f2:a8:e5:fd:dd:35:49:cb:8b:e6:58:b2:f9:
d8:fd:b8:e5:04:4a:e9:27:5f:6e:e6:a4:9a:bb:b5:d3:4b:c5:
7b:c8:e6:bc:22:01:a0:f6:c5:bc:4e:66:b4:5b:53:2f:13:f6:
cf:0c:97:b2:86:1c:13:6e:1e:46:fe:38:65:59:0c:31:49:b5:
5f:05:ed:fa:ae:f2:85:8a:e2:b4:89:b6:41:04:45:b6:f9:c4:
b0:c9:49:d2:7a:74:15:75:6a:75:cb:42:e2:a7:7b:56:24:41:
8a:c0:a1:24
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZIjyLP13JMs+dvIgmGySV9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzljZTRjMjlhYjNmODAyZjlkZTkzM2Y0NDk1MDI2YzRk
MGVlNGEwHhcNMjQwOTI0MTEyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmI2NzI2MThmM2UzZjhhYmFhNDcwYjE4NGZhZjg5YjYxZTQ5NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXagQT/5wSgNSGaNvILDAcKRMIl9
wM1c/D4VrUDybv85chY92F+9WMcMHTbsp2PH6Ol79mzzMs79h18u3EdgVkPUH6Kj
mRwysiMOqjVWaT+rkLc0BxDBdV+/C3r6K7x2MHfqnmxko1rSMWmLM4ocM37q2cj5
N8cu0DBPgalCdWzPCdAhmr7KryI1eypQuQE0XaykumFAR0e+iqR236LsISQnSuzu
2+eet/4SxyaZ72NCcQEajomRTLa+cGeYdrxFrarW91mGjyxQkHKHXeVedlwRiQYJ
C6fjchDl/exJNFEoJqeKicsKvpwMRLkgHG5wpEYsmev4vIj/mzihC+R+NQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOK2cmGPPj+KuqRwsYT6+Jth5JXXMB8GA1UdIwQY
MBaAFG05zkwpqz+AL53pM/RJUCbE0O5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5Nzkt
Y2RjMzFkNWZiOGE0LzEvNHJaeVlZOC1QNHE2cEhDeGhQcjRtMkhrbGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5NzktY2RjMzFkNWZiOGE0
LzEvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuQ/QAwQA
wvImMBgEAgACMBIDBwAqA6/AAAQDBwAqA6/AAAcwDQYJKoZIhvcNAQELBQADggEB
AKg6qomdpLYaZ8P9pFZbfpSyzC2wukIpScyRADySKIxUYxHU5c1asiVzP/++1BfB
dadCqqe0kJ5b1rbaM8bOVqdwjNhCrkl1nMpSQamsqX4mSv+t3sSseOzQGN6W7AUn
kSRiT+uSpe3oqoMWnLastjZ2/dP5zMDdt5jZq4af9G1frpQfQOmizCZXV7F37lnY
jJ+uytdd8qjl/d01ScuL5liy+dj9uOUESuknX27mpJq7tdNLxXvI5rwiAaD2xbxO
ZrRbUy8T9s8Ml7KGHBNuHkb+OGVZDDFJtV8F7fqu8oWK4rSJtkEERbb5xLDJSdJ6
dBV1anXLQuKne1YkQYrAoSQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:08 2024 by rpki-client on console-fra.rpki-client.org