Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/4fqazuHnom2PKxM-rZUbZ-4d-Ks.roa
File: 4fqazuHnom2PKxM-rZUbZ-4d-Ks.roa (raw, json)
Hash identifier: GVqQy9AjlxNXlbPHcEyBIQrkZcueqyevQ8qOJXSj4mk=
Subject key identifier: E1:FA:9A:CE:E1:E7:A2:6D:8F:2B:13:3E:AD:95:1B:67:EE:1D:F8:AB
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 0192DDB46A6BE359F7A0B208D4CA444B3528
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/4fqazuHnom2PKxM-rZUbZ-4d-Ks.roa
Signing time: Wed 30 Oct 2024 13:54:01 +0000
ROA not before: Wed 30 Oct 2024 13:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47527
IP address blocks: 46.30.120.0/21 maxlen: 21
62.69.152.0/21 maxlen: 21
91.223.235.0/24 maxlen: 24
91.230.239.0/24 maxlen: 24
178.23.176.0/21 maxlen: 21
185.126.152.0/23 maxlen: 23
185.208.212.0/22 maxlen: 24
194.247.61.0/24 maxlen: 24
195.182.36.0/24 maxlen: 24
2a00:1b18::/29 maxlen: 32
2a00:1cf0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.mft
rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:b4:6a:6b:e3:59:f7:a0:b2:08:d4:ca:44:4b:35:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Oct 30 13:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1fa9acee1e7a26d8f2b133ead951b67ee1df8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7b:4a:54:44:03:09:75:44:8d:3c:6f:56:91:
b1:5d:85:13:4b:00:7e:f4:93:bf:4c:c4:20:57:ba:
29:7f:8a:de:ae:8a:76:ed:69:cb:10:90:7e:bb:cb:
c4:14:fb:66:cf:43:49:3d:ef:01:db:6a:e4:d9:95:
3e:de:46:1a:59:3c:7f:35:0e:ba:55:8a:82:81:c6:
39:31:f0:88:f8:cb:9d:c8:3c:58:df:65:70:5b:b7:
15:d8:16:28:fe:bc:c4:1a:01:ba:f8:f3:a2:d9:de:
1c:bd:22:7a:79:c6:5d:de:d3:bb:98:2c:9b:82:ab:
42:38:6e:99:6e:f9:90:ba:d9:a0:de:48:9c:bd:11:
11:be:e1:bb:b0:79:c6:22:ed:4d:cf:02:b3:1d:a4:
90:53:07:46:5d:f9:b4:92:ca:50:6f:27:10:0a:47:
c6:6d:35:98:ae:79:bd:ee:3d:f6:8b:15:ad:ea:ec:
19:ea:65:4a:98:0f:05:1b:d9:de:d8:82:f4:7a:99:
be:22:30:14:81:67:dc:a6:71:af:fa:2b:f0:bc:dd:
a5:80:f1:cf:67:55:6b:0e:ea:40:89:a2:20:5b:eb:
62:83:7c:f1:b0:cf:36:47:ad:d3:d9:70:b8:df:86:
f6:5f:25:cf:44:2b:79:51:0a:b2:3b:e5:ec:aa:47:
18:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FA:9A:CE:E1:E7:A2:6D:8F:2B:13:3E:AD:95:1B:67:EE:1D:F8:AB
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/4fqazuHnom2PKxM-rZUbZ-4d-Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.120.0/21
62.69.152.0/21
91.223.235.0/24
91.230.239.0/24
178.23.176.0/21
185.126.152.0/23
185.208.212.0/22
194.247.61.0/24
195.182.36.0/24
IPv6:
2a00:1b18::/29
2a00:1cf0::/29
Signature Algorithm: sha256WithRSAEncryption
34:41:5a:1c:98:6f:bd:a7:b6:c1:11:2e:21:29:8b:43:e6:29:
ac:7c:bc:3c:ea:ed:68:ad:79:da:8b:11:83:83:5c:ad:33:9d:
d0:dd:65:bd:7b:c4:9a:a5:2d:75:97:8c:f5:90:57:8f:d2:6c:
a9:ea:0f:75:62:d0:12:de:ab:97:11:f2:ee:0d:93:75:7a:f5:
1d:7f:99:1a:98:ee:35:2c:c8:81:ad:2b:02:59:e9:a7:e3:87:
7a:eb:34:84:1a:5c:43:e3:7a:74:7f:13:b1:e7:98:0d:a9:e7:
49:68:3e:2b:1c:07:27:50:3b:1b:c2:d7:6f:c5:f6:4b:d6:f0:
3f:51:66:5f:00:29:80:91:56:d7:30:b7:af:45:f6:0e:12:48:
66:d0:5d:d3:81:f4:f9:1d:c4:19:fa:f3:1a:e8:4d:cc:92:4d:
fe:4b:77:78:5f:bd:6f:fe:f8:5c:a0:6a:c0:06:62:20:38:fc:
2f:46:1c:9c:1b:d9:a8:83:05:17:61:8b:ff:fa:60:39:a0:43:
e6:65:94:06:74:25:6a:bc:98:57:27:8c:91:c4:ce:b4:d0:84:
25:10:f4:38:6a:15:22:e6:97:cc:dd:53:51:4b:c9:2a:ca:96:
83:3b:8b:88:60:ef:21:fe:f8:cd:32:44:b8:29:4c:4b:6b:de:
7c:db:21:06
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZLdtGpr41n3oLII1MpESzUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjQxMDMwMTM1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZhOWFjZWUxZTdhMjZkOGYyYjEzM2VhZDk1MWI2N2VlMWRmOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3tKVEQDCXVEjTxvVpGxXYUTSwB+
9JO/TMQgV7opf4rerop27WnLEJB+u8vEFPtmz0NJPe8B22rk2ZU+3kYaWTx/NQ66
VYqCgcY5MfCI+MudyDxY32VwW7cV2BYo/rzEGgG6+POi2d4cvSJ6ecZd3tO7mCyb
gqtCOG6ZbvmQutmg3kicvRERvuG7sHnGIu1NzwKzHaSQUwdGXfm0kspQbycQCkfG
bTWYrnm97j32ixWt6uwZ6mVKmA8FG9ne2IL0epm+IjAUgWfcpnGv+ivwvN2lgPHP
Z1VrDupAiaIgW+tig3zxsM82R63T2XC434b2XyXPRCt5UQqyO+XsqkcYXQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOH6ms7h56JtjysTPq2VG2fuHfirMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEvNGZxYXp1SG5vbTJQS3hNLXJaVWJaLTRkLUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLh54AwQD
PkWYAwQAW9/rAwQAW+bvAwQDshewAwQBuX6YAwQCudDUAwQAwvc9AwQAw7YkMBQE
AgACMA4DBQMqABsYAwUDKgAc8DANBgkqhkiG9w0BAQsFAAOCAQEANEFaHJhvvae2
wREuISmLQ+YprHy8POrtaK152osRg4NcrTOd0N1lvXvEmqUtdZeM9ZBXj9JsqeoP
dWLQEt6rlxHy7g2TdXr1HX+ZGpjuNSzIga0rAlnpp+OHeus0hBpcQ+N6dH8TseeY
DannSWg+KxwHJ1A7G8LXb8X2S9bwP1FmXwApgJFW1zC3r0X2DhJIZtBd04H0+R3E
GfrzGuhNzJJN/kt3eF+9b/74XKBqwAZiIDj8L0YcnBvZqIMFF2GL//pgOaBD5mWU
BnQlaryYVyeMkcTOtNCEJRD0OGoVIuaXzN1TUUvJKsqWgzuLiGDvIf74zTJEuClM
S2vefNshBg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:18:19 2024 by rpki-client on console-ams.rpki-client.org