Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/4LzlTaVGkf3H7W3JgvNSBiKPvDQ.roa
File: 4LzlTaVGkf3H7W3JgvNSBiKPvDQ.roa (raw, json)
Hash identifier: oLACbQeC+3FCjA6DYKz6vayNV7lbv3RlSQW4L+bAT7o=
Subject key identifier: E0:BC:E5:4D:A5:46:91:FD:C7:ED:6D:C9:82:F3:52:06:22:8F:BC:34
Certificate issuer: /CN=1bb45744a541285eea0e4e04e5de766a9c823b53
Certificate serial: 018CC86F14095BC9CB30B450852692CEC142
Authority key identifier: 1B:B4:57:44:A5:41:28:5E:EA:0E:4E:04:E5:DE:76:6A:9C:82:3B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/4LzlTaVGkf3H7W3JgvNSBiKPvDQ.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64415
IP address blocks: 185.100.249.0/24 maxlen: 24
185.100.248.0/22 maxlen: 22
185.100.248.0/24 maxlen: 24
185.100.250.0/24 maxlen: 24
2a00:9da0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:14:09:5b:c9:cb:30:b4:50:85:26:92:ce:c1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bb45744a541285eea0e4e04e5de766a9c823b53
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0bce54da54691fdc7ed6dc982f35206228fbc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ee:91:78:9f:cf:8f:d3:b5:5c:e1:4a:e4:0a:
49:75:00:21:7c:b9:08:cd:a2:48:65:ef:05:32:f8:
75:79:6e:22:78:79:f9:58:d3:cf:65:9f:07:5e:15:
f0:29:54:06:ea:26:0f:8f:d4:47:fd:63:0f:a3:82:
0b:a1:10:83:be:64:3f:c3:ba:de:b3:c7:20:11:7c:
c9:c1:54:9d:01:0a:77:bc:c0:a1:6c:18:a7:67:e9:
97:0b:b4:74:48:33:cd:74:9b:24:8f:22:bf:99:bb:
c4:81:8f:c2:51:d9:38:b6:6f:c8:05:cc:bc:5a:8a:
ae:2f:3d:ed:7c:94:e4:85:92:bd:ac:7e:60:21:dc:
cc:38:86:7f:dd:07:31:a6:89:e7:f3:0a:71:ad:7e:
35:7d:88:74:25:fb:bc:64:0d:fb:f0:3b:36:51:9c:
fc:60:95:3d:97:e9:f4:e9:84:c2:cb:b1:56:78:31:
34:d0:74:68:fe:b4:96:89:25:4b:a0:84:7c:63:c5:
a4:c7:07:d9:25:b3:73:a6:05:05:26:8c:5c:bc:9b:
d5:9a:6e:a9:43:da:e3:77:6f:71:56:65:0c:0b:52:
06:03:cc:33:ce:2e:3f:f5:f0:f1:48:b8:ce:d2:f1:
ef:db:63:ba:67:6c:83:a0:76:0e:87:20:e9:8b:68:
8c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BC:E5:4D:A5:46:91:FD:C7:ED:6D:C9:82:F3:52:06:22:8F:BC:34
X509v3 Authority Key Identifier:
keyid:1B:B4:57:44:A5:41:28:5E:EA:0E:4E:04:E5:DE:76:6A:9C:82:3B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/4LzlTaVGkf3H7W3JgvNSBiKPvDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.248.0/22
IPv6:
2a00:9da0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:68:2a:d8:85:da:62:7c:2b:b9:66:4b:ac:92:9f:51:0e:39:
cb:8d:d2:69:08:be:51:a7:29:b1:9e:05:4c:43:a9:3f:11:78:
29:ab:b2:b7:6a:f5:9d:09:21:d7:e0:db:00:58:df:31:9a:d7:
c8:1e:fa:dc:79:36:8d:87:e4:c1:ec:8c:dd:86:fd:7b:d2:23:
3a:e6:d1:21:cf:0e:2f:1e:af:ed:7e:13:e7:cb:88:a4:5f:48:
b9:37:0b:33:c1:9c:e8:44:7e:7b:f7:97:83:6d:76:c7:87:6a:
fa:68:0e:bd:b7:32:18:08:a4:d5:46:2b:17:24:d4:60:8d:2f:
21:fa:7a:92:46:91:ca:ad:4c:f6:8d:fc:ad:d9:e0:16:7c:7d:
65:56:f2:79:54:d4:87:ab:43:71:92:0e:2e:c7:c6:9f:29:77:
25:95:78:9f:66:d6:eb:f0:bb:c8:92:30:fd:1b:af:ec:85:fa:
d7:c9:56:12:82:ff:21:66:13:b7:5f:a9:d9:53:b8:f9:c0:c8:
62:63:69:7c:59:1e:44:61:95:3a:20:37:b6:af:b6:31:28:15:
9f:fa:f4:aa:14:2e:67:f6:5b:d9:6d:3d:82:9b:50:ca:13:a7:
b0:0c:02:d6:83:db:af:98:35:6d:d5:f6:b0:64:7e:6b:40:28:
57:1e:3c:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbxQJW8nLMLRQhSaSzsFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQ1NzQ0YTU0MTI4NWVlYTBlNGUwNGU1ZGU3NjZhOWM4
MjNiNTMwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJjZTU0ZGE1NDY5MWZkYzdlZDZkYzk4MmYzNTIwNjIyOGZiYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO6ReJ/Pj9O1XOFK5ApJdQAhfLkI
zaJIZe8FMvh1eW4ieHn5WNPPZZ8HXhXwKVQG6iYPj9RH/WMPo4ILoRCDvmQ/w7re
s8cgEXzJwVSdAQp3vMChbBinZ+mXC7R0SDPNdJskjyK/mbvEgY/CUdk4tm/IBcy8
WoquLz3tfJTkhZK9rH5gIdzMOIZ/3Qcxponn8wpxrX41fYh0Jfu8ZA378Ds2UZz8
YJU9l+n06YTCy7FWeDE00HRo/rSWiSVLoIR8Y8WkxwfZJbNzpgUFJoxcvJvVmm6p
Q9rjd29xVmUMC1IGA8wzzi4/9fDxSLjO0vHv22O6Z2yDoHYOhyDpi2iMEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOC85U2lRpH9x+1tyYLzUgYij7w0MB8GA1UdIwQY
MBaAFBu0V0SlQShe6g5OBOXedmqcgjtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdSWFJLVkJLRjdxRGs0RTVkNTJhcHlDTzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jNjNmOWUtOWU3Yi00NmRjLWE0MDIt
ODc5OTc5ZDI5ZTFlLzEvNEx6bFRhVkdrZjNIN1czSmd2TlNCaUtQdkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jNjNmOWUtOWU3Yi00NmRjLWE0MDItODc5OTc5ZDI5ZTFl
LzEvRzdSWFJLVkJLRjdxRGs0RTVkNTJhcHlDTzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWT4MA0E
AgACMAcDBQAqAJ2gMA0GCSqGSIb3DQEBCwUAA4IBAQCsaCrYhdpifCu5Zkuskp9R
DjnLjdJpCL5RpymxngVMQ6k/EXgpq7K3avWdCSHX4NsAWN8xmtfIHvrceTaNh+TB
7Izdhv170iM65tEhzw4vHq/tfhPny4ikX0i5NwszwZzoRH5795eDbXbHh2r6aA69
tzIYCKTVRisXJNRgjS8h+nqSRpHKrUz2jfyt2eAWfH1lVvJ5VNSHq0Nxkg4ux8af
KXcllXifZtbr8LvIkjD9G6/shfrXyVYSgv8hZhO3X6nZU7j5wMhiY2l8WR5EYZU6
IDe2r7YxKBWf+vSqFC5n9lvZbT2Cm1DKE6ewDALWg9uvmDVt1fawZH5rQChXHjzM
-----END CERTIFICATE-----
Generated at Wed Nov 27 06:01:20 2024 by rpki-client on console-fra.rpki-client.org