Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/1OpiRN8mLlL-H3Sb2ymDtipIQP8.roa
File: 1OpiRN8mLlL-H3Sb2ymDtipIQP8.roa (raw, json)
Hash identifier: fYZyitoW+lagsmuRrmVhZmJUqPpTxHQzngT53TW1s1w=
Subject key identifier: D4:EA:62:44:DF:26:2E:52:FE:1F:74:9B:DB:29:83:B6:2A:48:40:FF
Certificate issuer: /CN=b05442c4ffe9c1d761e7c569360ead042438f903
Certificate serial: 018CC801A3935DF029EA742D9DC0A9EB5F64
Authority key identifier: B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/1OpiRN8mLlL-H3Sb2ymDtipIQP8.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33808
IP address blocks: 217.170.188.0/22 maxlen: 22
89.31.0.0/21 maxlen: 21
193.110.68.0/22 maxlen: 22
79.171.88.0/21 maxlen: 21
134.101.125.0/24 maxlen: 24
217.170.176.0/21 maxlen: 21
217.170.184.0/22 maxlen: 22
2a00:17f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a3:93:5d:f0:29:ea:74:2d:9d:c0:a9:eb:5f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05442c4ffe9c1d761e7c569360ead042438f903
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4ea6244df262e52fe1f749bdb2983b62a4840ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8b:c3:07:04:be:c6:8d:99:d6:c6:29:ee:6d:
9c:50:25:22:7b:85:5f:1c:44:86:48:5f:d2:7c:f5:
80:2a:dc:95:9f:85:5d:51:e8:bf:7c:7a:8a:52:34:
fc:c1:04:4d:34:47:2a:97:d2:5b:16:50:05:a7:b3:
2b:a0:d8:f2:9a:29:a9:d8:ff:43:d5:04:14:16:f2:
29:3c:5b:de:a7:24:0d:df:c3:6e:bc:ab:fc:bc:94:
c0:18:45:08:8c:b5:0e:52:1d:c7:9f:8f:c7:36:46:
43:ce:13:58:23:89:ef:c9:d0:08:26:ca:7e:9f:bf:
01:0d:49:68:1b:f9:76:ea:a7:2f:31:33:de:c6:6d:
a0:fb:74:db:9d:05:0d:8f:e7:7d:92:c6:90:02:84:
b5:e6:3b:0d:26:ae:c3:a0:7e:4d:7c:5a:eb:92:ff:
93:51:78:cd:0e:f6:d4:13:41:26:c4:38:4b:d7:6e:
89:95:10:54:f7:75:6c:39:a2:dc:99:77:6e:3d:eb:
f6:38:94:28:a9:50:30:07:a8:ff:76:73:a2:bd:69:
48:06:5d:ce:ee:7d:dc:59:59:a6:22:ce:cc:03:41:
ed:39:2f:5c:80:d6:44:cc:05:6f:01:3d:c9:a6:14:
74:9c:06:18:cd:8e:75:00:43:95:78:04:74:a9:10:
95:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EA:62:44:DF:26:2E:52:FE:1F:74:9B:DB:29:83:B6:2A:48:40:FF
X509v3 Authority Key Identifier:
keyid:B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/1OpiRN8mLlL-H3Sb2ymDtipIQP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.88.0/21
89.31.0.0/21
134.101.125.0/24
193.110.68.0/22
217.170.176.0/20
IPv6:
2a00:17f0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:57:4b:46:57:d4:d5:44:36:f3:00:b7:cb:08:e3:45:0e:12:
db:54:f3:90:91:58:bf:e1:a5:59:41:d0:d0:e9:b5:f3:df:a0:
50:b3:a7:06:61:49:cb:b7:51:ef:ad:4d:cd:0c:52:d0:c8:d3:
5b:b8:b7:08:d7:9f:b5:e5:33:72:aa:43:52:84:83:df:68:b2:
1d:a4:46:9a:a2:54:e4:29:86:c1:b0:80:bb:e3:90:30:54:d6:
40:44:f7:42:16:a1:45:8f:ea:f0:01:18:9a:7a:03:5d:72:de:
53:20:7d:fb:2f:8a:07:02:9c:38:31:22:96:97:9b:74:47:9e:
dc:ec:35:62:3e:c2:fd:59:6f:98:19:51:cc:f1:f5:3f:13:9e:
46:48:5d:9a:08:4a:40:e4:fa:27:76:d8:bd:75:43:f8:2c:83:
c1:88:86:5d:ac:6b:c8:86:09:a4:45:bd:2a:aa:3d:50:bb:fb:
7e:8d:39:b3:0a:da:65:28:63:58:90:f8:34:95:87:aa:ca:1d:
ed:23:23:2d:cc:55:08:20:ab:c2:56:13:be:d5:7c:9f:ff:4a:
b9:2a:aa:be:bd:f3:48:ce:13:80:6d:bc:b3:c3:64:8f:a5:4d:
0d:c4:62:1e:7d:4f:c7:77:ef:be:9c:1e:6f:bd:2c:5e:10:7e:
a7:21:87:16
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzIAaOTXfAp6nQtncCp619kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTQ0MmM0ZmZlOWMxZDc2MWU3YzU2OTM2MGVhZDA0MjQz
OGY5MDMwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVhNjI0NGRmMjYyZTUyZmUxZjc0OWJkYjI5ODNiNjJhNDg0MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkovDBwS+xo2Z1sYp7m2cUCUie4Vf
HESGSF/SfPWAKtyVn4VdUei/fHqKUjT8wQRNNEcql9JbFlAFp7MroNjymimp2P9D
1QQUFvIpPFvepyQN38NuvKv8vJTAGEUIjLUOUh3Hn4/HNkZDzhNYI4nvydAIJsp+
n78BDUloG/l26qcvMTPexm2g+3TbnQUNj+d9ksaQAoS15jsNJq7DoH5NfFrrkv+T
UXjNDvbUE0EmxDhL126JlRBU93VsOaLcmXduPev2OJQoqVAwB6j/dnOivWlIBl3O
7n3cWVmmIs7MA0HtOS9cgNZEzAVvAT3JphR0nAYYzY51AEOVeAR0qRCVmQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNTqYkTfJi5S/h90m9spg7YqSED/MB8GA1UdIwQY
MBaAFLBUQsT/6cHXYefFaTYOrQQkOPkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGIt
NmVkMzMxZjMxZTA5LzEvMU9waVJOOG1MbEwtSDNTYjJ5bUR0aXBJUVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGItNmVkMzMxZjMxZTA5
LzEvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDT6tYAwQD
WR8AAwQAhmV9AwQCwW5EAwQE2aqwMA0EAgACMAcDBQAqABfwMA0GCSqGSIb3DQEB
CwUAA4IBAQBaV0tGV9TVRDbzALfLCONFDhLbVPOQkVi/4aVZQdDQ6bXz36BQs6cG
YUnLt1HvrU3NDFLQyNNbuLcI15+15TNyqkNShIPfaLIdpEaaolTkKYbBsIC745Aw
VNZARPdCFqFFj+rwARiaegNdct5TIH37L4oHApw4MSKWl5t0R57c7DViPsL9WW+Y
GVHM8fU/E55GSF2aCEpA5Pondti9dUP4LIPBiIZdrGvIhgmkRb0qqj1Qu/t+jTmz
CtplKGNYkPg0lYeqyh3tIyMtzFUIIKvCVhO+1Xyf/0q5Kqq+vfNIzhOAbbyzw2SP
pU0NxGIefU/Hd+++nB5vvSxeEH6nIYcW
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:41:11 2024 by rpki-client on console-fra.rpki-client.org