Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/sg4Dd2EGiQo5aaFf1IoxM4S3wWs.roa
File: sg4Dd2EGiQo5aaFf1IoxM4S3wWs.roa (raw, json)
Hash identifier: 661IlzTtFdknNrykJ/kjVnQsFr/7ujaDfgvH33xo6ss=
Subject key identifier: B2:0E:03:77:61:06:89:0A:39:69:A1:5F:D4:8A:31:33:84:B7:C1:6B
Certificate issuer: /CN=c8f9baab1a13df30eff0fcd780c4bbc54bc3e6d5
Certificate serial: 018CC5DC46D715F4D7DB2CDF0337462A52CB
Authority key identifier: C8:F9:BA:AB:1A:13:DF:30:EF:F0:FC:D7:80:C4:BB:C5:4B:C3:E6:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPm6qxoT3zDv8PzXgMS7xUvD5tU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/sg4Dd2EGiQo5aaFf1IoxM4S3wWs.roa
Signing time: Mon 01 Jan 2024 16:29:56 +0000
ROA not before: Mon 01 Jan 2024 16:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 185.189.4.0/22 maxlen: 22
2a0b:d780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/yPm6qxoT3zDv8PzXgMS7xUvD5tU.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/yPm6qxoT3zDv8PzXgMS7xUvD5tU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yPm6qxoT3zDv8PzXgMS7xUvD5tU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 07:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:46:d7:15:f4:d7:db:2c:df:03:37:46:2a:52:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f9baab1a13df30eff0fcd780c4bbc54bc3e6d5
Validity
Not Before: Jan 1 16:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20e03776106890a3969a15fd48a313384b7c16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d1:57:d7:d0:40:c8:ac:8c:f0:7e:d4:ac:f6:
4d:97:ca:b2:ce:f5:6d:32:b1:af:ac:b9:ef:81:a0:
cf:79:12:cc:e8:89:ca:ef:fe:5b:c9:ad:35:9d:4f:
94:51:bd:00:ef:ca:a9:6d:64:ab:d8:dc:34:6d:52:
66:dd:7f:13:e1:60:96:86:c6:c1:32:bf:90:09:d7:
7b:23:e0:ce:64:ff:d9:79:ae:45:94:e7:72:80:e3:
2e:ff:a4:55:32:1a:b9:d8:33:5e:a0:77:2a:f2:97:
fe:53:de:88:66:28:e4:fd:07:0c:4a:60:67:55:ea:
48:5f:3c:26:4e:14:cf:82:ba:22:eb:c9:6b:19:f8:
73:5a:e8:63:c2:bb:27:c3:27:26:99:ec:e5:08:93:
94:bd:4b:dd:fe:2a:e6:56:0c:2f:4a:27:6f:fa:35:
11:cd:cc:67:84:5a:e7:3f:ae:66:f0:c9:6e:ab:c6:
72:32:db:ef:96:eb:af:a2:cb:b4:23:22:ef:d8:4e:
f8:ed:eb:34:e7:93:a8:a0:c3:f8:79:38:4f:92:a4:
ce:08:8d:33:77:e5:c4:f4:d5:b8:a1:35:07:80:89:
ab:f1:5e:5f:a4:7f:36:b0:ad:1d:fc:49:b6:7d:fc:
c7:97:11:05:99:c0:45:97:01:85:c7:3f:1a:6b:eb:
8f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0E:03:77:61:06:89:0A:39:69:A1:5F:D4:8A:31:33:84:B7:C1:6B
X509v3 Authority Key Identifier:
keyid:C8:F9:BA:AB:1A:13:DF:30:EF:F0:FC:D7:80:C4:BB:C5:4B:C3:E6:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPm6qxoT3zDv8PzXgMS7xUvD5tU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/sg4Dd2EGiQo5aaFf1IoxM4S3wWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/3e6762-0989-48ef-a8d2-db484cce7293/1/yPm6qxoT3zDv8PzXgMS7xUvD5tU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.4.0/22
IPv6:
2a0b:d780::/29
Signature Algorithm: sha256WithRSAEncryption
81:cd:d6:96:9a:1b:72:43:2a:43:e6:b8:4a:43:ac:40:1f:39:
e7:d0:98:6b:36:40:0d:4b:30:08:51:17:98:02:9f:d1:c3:9a:
d4:23:3b:72:59:e9:e5:c4:1c:37:ba:76:04:97:55:15:c0:4d:
69:e5:2f:78:b2:2b:24:cc:84:67:65:18:95:a5:1f:ff:ab:ee:
d6:00:6a:62:a6:b3:00:bb:34:e2:1f:15:fc:db:69:34:5c:5c:
84:3e:0a:06:10:eb:30:a7:23:b0:95:32:1c:c4:e1:30:78:59:
00:22:e6:7d:40:29:de:c5:07:19:89:ca:3e:ef:45:5d:1d:54:
c7:3c:f2:07:63:24:77:97:4e:a0:57:2a:61:14:0c:c3:02:af:
16:e8:dd:42:7e:5c:cc:60:4e:e9:bc:f6:6a:93:82:37:56:a6:
45:87:68:2e:a6:72:37:e0:f1:c9:77:d8:11:8a:ef:da:cd:5a:
af:6a:de:0f:b9:b6:cf:36:fd:24:e3:95:a5:51:35:b5:80:17:
f5:c6:b6:64:a2:3b:63:41:15:ec:51:7b:b9:8e:86:32:af:b4:
45:6e:b2:64:b1:ce:a4:7a:96:98:fd:e1:07:08:d5:33:49:64:
b9:17:29:d5:28:5d:16:d8:ad:4f:50:10:bd:f9:05:5e:cb:5b:
64:12:57:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3EbXFfTX2yzfAzdGKlLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjliYWFiMWExM2RmMzBlZmYwZmNkNzgwYzRiYmM1NGJj
M2U2ZDUwHhcNMjQwMTAxMTYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBlMDM3NzYxMDY4OTBhMzk2OWExNWZkNDhhMzEzMzg0YjdjMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNFX19BAyKyM8H7UrPZNl8qyzvVt
MrGvrLnvgaDPeRLM6InK7/5bya01nU+UUb0A78qpbWSr2Nw0bVJm3X8T4WCWhsbB
Mr+QCdd7I+DOZP/Zea5FlOdygOMu/6RVMhq52DNeoHcq8pf+U96IZijk/QcMSmBn
VepIXzwmThTPgroi68lrGfhzWuhjwrsnwycmmezlCJOUvUvd/irmVgwvSidv+jUR
zcxnhFrnP65m8Mluq8ZyMtvvluuvosu0IyLv2E747es055OooMP4eThPkqTOCI0z
d+XE9NW4oTUHgImr8V5fpH82sK0d/Em2ffzHlxEFmcBFlwGFxz8aa+uPBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLIOA3dhBokKOWmhX9SKMTOEt8FrMB8GA1UdIwQY
MBaAFMj5uqsaE98w7/D814DEu8VLw+bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBtNnF4b1QzekR2OFB6WGdNUzd4VXZENXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zZTY3NjItMDk4OS00OGVmLWE4ZDIt
ZGI0ODRjY2U3MjkzLzEvc2c0RGQyRUdpUW81YWFGZjFJb3hNNFMzd1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zZTY3NjItMDk4OS00OGVmLWE4ZDItZGI0ODRjY2U3Mjkz
LzEveVBtNnF4b1QzekR2OFB6WGdNUzd4VXZENXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub0EMA0E
AgACMAcDBQMqC9eAMA0GCSqGSIb3DQEBCwUAA4IBAQCBzdaWmhtyQypD5rhKQ6xA
Hznn0JhrNkANSzAIUReYAp/Rw5rUIztyWenlxBw3unYEl1UVwE1p5S94siskzIRn
ZRiVpR//q+7WAGpiprMAuzTiHxX822k0XFyEPgoGEOswpyOwlTIcxOEweFkAIuZ9
QCnexQcZico+70VdHVTHPPIHYyR3l06gVyphFAzDAq8W6N1CflzMYE7pvPZqk4I3
VqZFh2gupnI34PHJd9gRiu/azVqvat4PubbPNv0k45WlUTW1gBf1xrZkojtjQRXs
UXu5joYyr7RFbrJksc6kepaY/eEHCNUzSWS5FynVKF0W2K1PUBC9+QVey1tkElfR
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:33:55 2024 by rpki-client on console-ams.rpki-client.org