Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/40-F2h1SEnXSHLKfquwviXNm9r4.roa
File: 40-F2h1SEnXSHLKfquwviXNm9r4.roa (raw, json)
Hash identifier: RlMJpbI3ktejGicyW0bfp3yPKXT60/FzWuOapvC4D8Y=
Subject key identifier: E3:4F:85:DA:1D:52:12:75:D2:1C:B2:9F:AA:EC:2F:89:73:66:F6:BE
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 0191318BB449B6904D6356047B3C845C4724
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/40-F2h1SEnXSHLKfquwviXNm9r4.roa
Signing time: Thu 08 Aug 2024 10:32:04 +0000
ROA not before: Thu 08 Aug 2024 10:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 92.61.228.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
92.61.232.0/24 maxlen: 24
92.61.236.0/24 maxlen: 24
92.61.237.0/24 maxlen: 24
92.61.238.0/24 maxlen: 24
94.188.137.0/24 maxlen: 24
94.188.194.0/24 maxlen: 24
94.188.201.0/24 maxlen: 24
94.188.202.0/24 maxlen: 24
94.188.203.0/24 maxlen: 24
94.188.205.0/24 maxlen: 24
94.188.206.0/24 maxlen: 24
94.188.207.0/24 maxlen: 24
94.188.208.0/24 maxlen: 24
94.188.209.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
94.188.211.0/24 maxlen: 24
94.188.212.0/24 maxlen: 24
94.188.214.0/24 maxlen: 24
94.188.215.0/24 maxlen: 24
94.188.216.0/24 maxlen: 24
94.188.222.0/24 maxlen: 24
94.188.223.0/24 maxlen: 24
94.188.224.0/24 maxlen: 24
94.188.225.0/24 maxlen: 24
94.188.226.0/24 maxlen: 24
94.188.227.0/24 maxlen: 24
94.188.228.0/24 maxlen: 24
94.188.229.0/24 maxlen: 24
94.188.230.0/24 maxlen: 24
94.188.231.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.233.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.235.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
94.188.237.0/24 maxlen: 24
94.188.239.0/24 maxlen: 24
94.188.240.0/24 maxlen: 24
94.188.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:8b:b4:49:b6:90:4d:63:56:04:7b:3c:84:5c:47:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Aug 8 10:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e34f85da1d521275d21cb29faaec2f897366f6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:44:7f:04:ad:ea:89:c4:eb:2c:6b:8b:b8:20:
5d:e1:05:42:51:5a:e2:a7:9a:d8:c6:0d:f6:8c:36:
4c:e7:fa:24:01:00:6f:d3:69:3f:b8:e7:ca:01:ab:
f8:c0:98:49:87:8b:29:80:61:3a:52:73:33:a0:e0:
88:fd:1f:2c:43:b5:cd:a6:fb:88:c4:41:d3:9e:f7:
77:1a:14:27:35:55:2e:bc:15:ff:54:0b:60:7a:76:
7d:21:83:4c:45:97:43:60:a5:c2:ae:e6:3f:5d:f2:
31:3f:bb:9a:29:dc:47:a8:d4:16:09:43:9b:ae:ab:
47:16:bf:5f:87:de:c9:bb:b2:6e:40:27:40:20:cd:
12:0f:a1:fa:d0:b1:61:41:18:44:8c:14:12:c1:99:
fa:ce:a2:14:5d:93:bd:8d:46:f0:af:8e:40:79:68:
ea:32:36:5a:b9:f6:3f:8a:ff:ab:9a:3c:53:d8:5f:
1c:0d:8c:41:e8:6a:15:66:b0:bd:97:d6:88:93:27:
ea:23:3d:95:a0:22:69:c8:da:2a:3b:51:03:e2:9e:
36:16:b8:0c:a4:d4:b9:6e:5f:28:9f:c8:7d:bb:4a:
85:e6:98:99:7d:41:36:40:14:19:55:c0:9b:a0:14:
a5:1e:0b:2e:12:18:ff:f5:e0:7f:05:0b:ac:8b:07:
a5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4F:85:DA:1D:52:12:75:D2:1C:B2:9F:AA:EC:2F:89:73:66:F6:BE
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/40-F2h1SEnXSHLKfquwviXNm9r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.228.0/24
92.61.230.0-92.61.232.255
92.61.236.0-92.61.238.255
94.188.137.0/24
94.188.194.0/24
94.188.201.0-94.188.203.255
94.188.205.0-94.188.212.255
94.188.214.0-94.188.216.255
94.188.222.0-94.188.237.255
94.188.239.0-94.188.241.255
Signature Algorithm: sha256WithRSAEncryption
7e:1c:31:a0:87:1f:b6:df:58:cb:52:f3:68:4b:7f:9b:3e:f6:
8b:5d:36:53:e0:8a:27:4d:7c:22:89:e2:b8:3e:c7:b3:40:2a:
3a:ba:99:13:be:6d:e6:d5:e6:09:c8:99:9b:b9:a7:72:5e:a9:
f0:4c:e2:68:e2:e7:6c:24:5d:1d:c2:a0:87:16:a4:b8:43:c0:
99:07:e8:85:8f:fa:36:00:ed:67:e4:69:5c:c3:fd:9c:93:f6:
96:bc:d4:08:32:90:31:db:2f:6f:f9:9b:79:69:aa:f3:e3:83:
3c:46:1a:5c:6c:57:ee:9b:c9:a6:2d:4e:61:38:d5:3b:ed:a4:
78:21:60:0d:3c:d8:41:b3:4d:c8:d7:5e:e9:c6:55:87:df:d7:
2b:38:b7:2c:fd:e5:dc:96:da:55:7f:03:5c:35:09:43:a7:ff:
54:fa:7e:29:2a:1d:9a:ec:bd:da:f9:ca:64:09:a9:e9:65:ca:
6b:76:79:43:1f:13:6b:d3:24:1e:35:36:a1:3e:3d:20:0b:c7:
35:98:e7:66:d1:b5:67:b4:f5:f2:32:e1:0f:e5:ac:ab:56:72:
a8:24:64:44:c8:f8:d2:19:c9:9b:c7:1b:f1:97:2f:c0:f6:d7:
8b:56:c8:ff:fb:9f:6d:d9:79:12:55:51:e0:79:17:c6:18:57:
b2:5e:68:97
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZExi7RJtpBNY1YEezyEXEckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwODA4MTAzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRmODVkYTFkNTIxMjc1ZDIxY2IyOWZhYWVjMmY4OTczNjZmNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtER/BK3qicTrLGuLuCBd4QVCUVri
p5rYxg32jDZM5/okAQBv02k/uOfKAav4wJhJh4spgGE6UnMzoOCI/R8sQ7XNpvuI
xEHTnvd3GhQnNVUuvBX/VAtgenZ9IYNMRZdDYKXCruY/XfIxP7uaKdxHqNQWCUOb
rqtHFr9fh97Ju7JuQCdAIM0SD6H60LFhQRhEjBQSwZn6zqIUXZO9jUbwr45AeWjq
MjZaufY/iv+rmjxT2F8cDYxB6GoVZrC9l9aIkyfqIz2VoCJpyNoqO1ED4p42FrgM
pNS5bl8on8h9u0qF5piZfUE2QBQZVcCboBSlHgsuEhj/9eB/BQusiwelgQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFONPhdodUhJ10hyyn6rsL4lzZva+MB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvNDAtRjJoMVNFblhTSExLZnF1d3ZpWE5tOXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFw95DAM
AwQBXD3mAwQAXD3oMAwDBAJcPewDBABcPe4DBABevIkDBABevMIwDAMEAF68yQME
Al68yDAMAwQAXrzNAwQAXrzUMAwDBAFevNYDBABevNgwDAMEAV683gMEAV687DAM
AwQAXrzvAwQBXrzwMA0GCSqGSIb3DQEBCwUAA4IBAQB+HDGghx+231jLUvNoS3+b
PvaLXTZT4IonTXwiieK4PsezQCo6upkTvm3m1eYJyJmbuadyXqnwTOJo4udsJF0d
wqCHFqS4Q8CZB+iFj/o2AO1n5Glcw/2ck/aWvNQIMpAx2y9v+Zt5aarz44M8Rhpc
bFfum8mmLU5hONU77aR4IWANPNhBs03I117pxlWH39crOLcs/eXcltpVfwNcNQlD
p/9U+n4pKh2a7L3a+cpkCanpZcprdnlDHxNr0yQeNTahPj0gC8c1mOdm0bVntPXy
MuEP5ayrVnKoJGREyPjSGcmbxxvxly/A9teLVsj/+59t2XkSVVHgeRfGGFeyXmiX
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:02 2024 by rpki-client on console-ams.rpki-client.org