Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/4wyRuQVnJAsLQCAPIRxFrjvcEpE.roa
File: 4wyRuQVnJAsLQCAPIRxFrjvcEpE.roa (raw, json)
Hash identifier: monCMNndgMK+8Yg63zF/qiU9DHDPYZVWqU4S6O1isvs=
Subject key identifier: E3:0C:91:B9:05:67:24:0B:0B:40:20:0F:21:1C:45:AE:3B:DC:12:91
Certificate issuer: /CN=e69c92c3b9ee60ba013d941822042f25004c95ec
Certificate serial: 018CC2DB65E07DD02FD32C8DFC5733067848
Authority key identifier: E6:9C:92:C3:B9:EE:60:BA:01:3D:94:18:22:04:2F:25:00:4C:95:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5pySw7nuYLoBPZQYIgQvJQBMlew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/4wyRuQVnJAsLQCAPIRxFrjvcEpE.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31449
IP address blocks: 185.57.128.0/22 maxlen: 22
185.57.128.0/23 maxlen: 23
185.57.130.0/23 maxlen: 23
217.112.176.0/20 maxlen: 20
217.112.176.0/21 maxlen: 21
217.112.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/5pySw7nuYLoBPZQYIgQvJQBMlew.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/5pySw7nuYLoBPZQYIgQvJQBMlew.mft
rsync://rpki.ripe.net/repository/DEFAULT/5pySw7nuYLoBPZQYIgQvJQBMlew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 10:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:65:e0:7d:d0:2f:d3:2c:8d:fc:57:33:06:78:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e69c92c3b9ee60ba013d941822042f25004c95ec
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e30c91b90567240b0b40200f211c45ae3bdc1291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1b:82:1d:93:bd:41:09:11:50:62:b6:3e:d3:
07:a8:1b:2b:cc:1b:50:94:12:2a:58:2f:b2:3a:8f:
cb:74:c5:32:82:b6:ed:65:1d:9f:ce:d7:74:bb:7d:
9e:1a:ed:25:4d:83:d1:37:44:fd:cf:c8:2b:0c:3d:
18:04:91:07:9f:35:7c:e4:92:ff:58:fe:3f:24:31:
13:f1:26:7c:f5:7e:86:ba:2b:90:99:e3:38:d7:4a:
61:87:0f:d1:61:27:cf:aa:2a:83:25:ae:c9:b8:e9:
08:0c:57:05:e3:12:52:78:c4:79:f7:89:87:0d:d5:
24:95:41:8e:5a:b2:2d:cc:58:8b:d0:e8:5a:33:2d:
14:1c:cb:8f:99:7b:20:21:1b:9c:3d:d7:b5:9c:38:
3f:c7:64:90:2d:a9:f8:54:e7:e8:87:56:0c:76:b0:
32:9f:03:e8:5f:5b:10:82:27:d4:e2:a2:88:e9:28:
6b:dc:55:71:e9:77:45:05:d9:05:77:29:bb:51:5c:
73:f0:5f:1a:bc:c9:6a:2c:fa:5a:91:6f:a9:68:db:
4c:fa:41:c8:ea:4d:11:ad:19:99:aa:01:1f:4f:aa:
95:ff:50:0b:ea:ef:94:e2:5b:f1:11:48:96:ef:6d:
e3:9d:00:ec:73:98:d6:3d:d1:d5:fb:9d:76:66:09:
a2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:0C:91:B9:05:67:24:0B:0B:40:20:0F:21:1C:45:AE:3B:DC:12:91
X509v3 Authority Key Identifier:
keyid:E6:9C:92:C3:B9:EE:60:BA:01:3D:94:18:22:04:2F:25:00:4C:95:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pySw7nuYLoBPZQYIgQvJQBMlew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/4wyRuQVnJAsLQCAPIRxFrjvcEpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/5pySw7nuYLoBPZQYIgQvJQBMlew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.128.0/22
217.112.176.0/20
Signature Algorithm: sha256WithRSAEncryption
48:6b:6f:bd:fd:3f:53:5e:c9:bf:e8:fb:64:74:95:86:e7:2f:
24:7e:5c:6a:c4:46:f7:d0:94:62:14:84:fb:68:4e:6e:2c:86:
a7:a5:1c:7a:74:3e:6e:40:ad:5a:9f:d7:c4:0a:1a:2c:2d:d0:
f1:c4:7b:4d:06:07:44:c7:af:fc:6e:0e:b3:c0:03:02:08:0b:
2c:6c:a2:0b:1f:aa:b5:d0:51:02:34:27:d4:bc:a8:76:c3:fe:
44:f1:1c:e4:03:39:5a:7d:65:14:ef:fb:4a:d3:37:38:64:07:
33:a8:70:26:76:fa:c8:78:a7:2a:f8:5f:8f:76:3f:5e:14:fe:
fe:98:ac:52:3c:a6:ef:f7:32:a8:49:ba:60:36:98:cf:b4:f3:
aa:79:f4:7a:bf:19:60:7e:4c:18:96:3e:f9:3a:b2:1e:82:89:
09:f7:7f:0e:7f:69:f5:94:8a:10:bd:b7:dc:b6:f1:ab:89:3c:
4f:4f:4d:ea:f1:9a:fe:c1:fb:01:20:64:13:6e:0c:96:01:4e:
be:60:03:6f:02:b1:dd:fb:cc:b4:e6:48:74:3c:98:6d:dc:de:
3a:ba:e6:94:d3:0a:9d:ad:cb:62:8a:c5:ed:08:ae:13:5a:b5:
bf:5f:40:6e:a2:ed:81:89:67:63:4a:cb:78:77:53:9d:95:f6:
91:46:64:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC22XgfdAv0yyN/FczBnhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OWM5MmMzYjllZTYwYmEwMTNkOTQxODIyMDQyZjI1MDA0
Yzk1ZWMwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzBjOTFiOTA1NjcyNDBiMGI0MDIwMGYyMTFjNDVhZTNiZGMxMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixuCHZO9QQkRUGK2PtMHqBsrzBtQ
lBIqWC+yOo/LdMUygrbtZR2fztd0u32eGu0lTYPRN0T9z8grDD0YBJEHnzV85JL/
WP4/JDET8SZ89X6GuiuQmeM410phhw/RYSfPqiqDJa7JuOkIDFcF4xJSeMR594mH
DdUklUGOWrItzFiL0OhaMy0UHMuPmXsgIRucPde1nDg/x2SQLan4VOfoh1YMdrAy
nwPoX1sQgifU4qKI6Shr3FVx6XdFBdkFdym7UVxz8F8avMlqLPpakW+paNtM+kHI
6k0RrRmZqgEfT6qV/1AL6u+U4lvxEUiW723jnQDsc5jWPdHV+512ZgmiVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOMMkbkFZyQLC0AgDyEcRa473BKRMB8GA1UdIwQY
MBaAFOacksO57mC6AT2UGCIELyUATJXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXB5U3c3bnVZTG9CUFpRWUlnUXZKUUJNbGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjg0YzMtZDdmZC00M2Q4LWE4ZjEt
OTEzNzEwM2M5M2VmLzEvNHd5UnVRVm5KQXNMUUNBUElSeEZyanZjRXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjg0YzMtZDdmZC00M2Q4LWE4ZjEtOTEzNzEwM2M5M2Vm
LzEvNXB5U3c3bnVZTG9CUFpRWUlnUXZKUUJNbGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTmAAwQE
2XCwMA0GCSqGSIb3DQEBCwUAA4IBAQBIa2+9/T9TXsm/6PtkdJWG5y8kflxqxEb3
0JRiFIT7aE5uLIanpRx6dD5uQK1an9fEChosLdDxxHtNBgdEx6/8bg6zwAMCCAss
bKILH6q10FECNCfUvKh2w/5E8RzkAzlafWUU7/tK0zc4ZAczqHAmdvrIeKcq+F+P
dj9eFP7+mKxSPKbv9zKoSbpgNpjPtPOqefR6vxlgfkwYlj75OrIegokJ938Of2n1
lIoQvbfctvGriTxPT03q8Zr+wfsBIGQTbgyWAU6+YANvArHd+8y05kh0PJht3N46
uuaU0wqdrctiisXtCK4TWrW/X0Buou2BiWdjSst4d1OdlfaRRmSp
-----END CERTIFICATE-----
Generated at Tue May 21 13:47:28 2024 by rpki-client on console-ams.rpki-client.org