Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/4nh3q0nLQq8KOfc3jcT6Am3PT6w.roa
File: 4nh3q0nLQq8KOfc3jcT6Am3PT6w.roa (raw, json)
Hash identifier: 2esWk0mtFqduBA3KRQA7Ildh+EdW1H0cZNHEqqnJsJY=
Subject key identifier: E2:78:77:AB:49:CB:42:AF:0A:39:F7:37:8D:C4:FA:02:6D:CF:4F:AC
Certificate issuer: /CN=d18647005fa8b06e47ee2efbfdedc97a0c7755f8
Certificate serial: 018CC87090B16BE509370C73D33184EC22C6
Authority key identifier: D1:86:47:00:5F:A8:B0:6E:47:EE:2E:FB:FD:ED:C9:7A:0C:77:55:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/4nh3q0nLQq8KOfc3jcT6Am3PT6w.roa
Signing time: Tue 02 Jan 2024 04:31:09 +0000
ROA not before: Tue 02 Jan 2024 04:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205206
IP address blocks: 91.207.214.0/23 maxlen: 24
193.29.201.0/24 maxlen: 24
185.224.16.0/22 maxlen: 24
2a0c:cc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:90:b1:6b:e5:09:37:0c:73:d3:31:84:ec:22:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18647005fa8b06e47ee2efbfdedc97a0c7755f8
Validity
Not Before: Jan 2 04:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e27877ab49cb42af0a39f7378dc4fa026dcf4fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:95:0f:47:f9:d5:4e:3a:ad:29:59:4c:d5:a2:
8d:44:ee:14:67:2f:cd:4b:3b:76:44:bd:a8:f8:b4:
1b:97:93:df:e0:0c:0b:10:08:8e:d1:17:f9:6f:86:
d5:7a:a3:45:65:6e:4b:5f:eb:fb:36:9b:69:71:e8:
73:92:39:d5:ff:1a:1b:40:ff:ac:1f:63:eb:c3:52:
02:36:4b:a4:ba:ca:ff:85:bd:15:00:72:40:4d:12:
15:38:5b:07:54:85:f8:e2:e5:e9:13:13:d9:4f:bb:
09:a9:0b:c0:7f:fa:e2:aa:37:53:07:e1:03:2c:16:
af:23:e2:9c:f5:11:d2:7c:62:ab:5d:05:f2:e1:b7:
56:fe:e6:7f:7e:a1:a5:10:28:c4:5b:9b:02:41:0a:
2a:59:b3:85:7c:86:73:29:bf:58:9b:7e:b8:f6:e0:
e1:4d:59:65:ee:0e:2e:f5:2a:23:fa:f6:c7:e7:86:
75:f8:e1:2f:40:13:d0:bf:c6:5d:a5:a8:76:5a:39:
89:91:9b:1d:87:66:e7:a4:26:fa:09:fb:b4:49:8e:
43:a8:d4:a8:96:ea:fb:f7:8e:d2:5e:4d:24:aa:87:
cd:a4:cb:30:68:e1:79:06:24:99:14:fd:0a:3f:bc:
93:b0:1b:f6:99:d9:5e:5e:f4:08:41:c8:f8:a6:3f:
f9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:78:77:AB:49:CB:42:AF:0A:39:F7:37:8D:C4:FA:02:6D:CF:4F:AC
X509v3 Authority Key Identifier:
keyid:D1:86:47:00:5F:A8:B0:6E:47:EE:2E:FB:FD:ED:C9:7A:0C:77:55:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/4nh3q0nLQq8KOfc3jcT6Am3PT6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.214.0/23
185.224.16.0/22
193.29.201.0/24
IPv6:
2a0c:cc00::/32
Signature Algorithm: sha256WithRSAEncryption
a1:20:58:bf:d4:ab:58:33:81:b9:eb:7d:a7:b9:e9:6b:7c:87:
64:f7:9d:f4:9d:3e:66:c8:99:fc:3a:40:13:86:97:d4:45:b2:
6e:d4:19:61:6d:e4:f7:f3:26:0b:09:d7:36:10:fe:c4:3a:fb:
e5:ab:ce:81:85:97:66:ba:c9:48:4e:d6:47:81:4c:0c:f1:d5:
ed:79:2a:40:8a:91:a0:02:41:3b:24:4d:75:f2:3a:16:5b:57:
d5:6c:1f:13:bc:a6:92:3a:73:65:2f:25:bd:aa:7b:a4:35:7d:
83:90:a6:f0:24:73:91:16:00:d4:4f:5b:e8:5a:15:ae:5f:35:
7d:e3:94:63:32:fc:2b:13:2a:ff:5a:c1:3a:02:89:0b:a7:53:
be:26:4e:5a:1f:a3:cd:66:7d:95:6a:96:e1:a9:a0:76:2d:9a:
68:c4:74:fe:7e:8d:1b:c3:12:a1:43:d8:e1:f6:21:eb:be:16:
28:2e:ce:1b:77:e1:ff:0c:da:97:1c:95:6a:2d:72:8d:08:07:
b2:90:96:29:5a:71:28:81:dc:fa:e2:03:da:89:96:5b:eb:e6:
56:6d:4f:d7:4e:54:df:6e:7f:3d:b2:c9:02:5b:c0:cc:3f:80:
43:3d:30:77:f6:17:11:43:e1:01:d6:cc:c8:5a:d4:21:e2:b6:
8f:51:8f:b6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIcJCxa+UJNwxz0zGE7CLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODY0NzAwNWZhOGIwNmU0N2VlMmVmYmZkZWRjOTdhMGM3
NzU1ZjgwHhcNMjQwMTAyMDQzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc4NzdhYjQ5Y2I0MmFmMGEzOWY3Mzc4ZGM0ZmEwMjZkY2Y0ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZUPR/nVTjqtKVlM1aKNRO4UZy/N
Szt2RL2o+LQbl5Pf4AwLEAiO0Rf5b4bVeqNFZW5LX+v7NptpcehzkjnV/xobQP+s
H2Prw1ICNkukusr/hb0VAHJATRIVOFsHVIX44uXpExPZT7sJqQvAf/riqjdTB+ED
LBavI+Kc9RHSfGKrXQXy4bdW/uZ/fqGlECjEW5sCQQoqWbOFfIZzKb9Ym3649uDh
TVll7g4u9Soj+vbH54Z1+OEvQBPQv8Zdpah2WjmJkZsdh2bnpCb6Cfu0SY5DqNSo
lur7947SXk0kqofNpMswaOF5BiSZFP0KP7yTsBv2mdleXvQIQcj4pj/5swIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOJ4d6tJy0KvCjn3N43E+gJtz0+sMB8GA1UdIwQY
MBaAFNGGRwBfqLBuR+4u+/3tyXoMd1X4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlaSEFGLW9zRzVIN2k3N19lM0plZ3gzVmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZmE3OTEtYjNjOS00OGFlLTgwMzQt
YzIxMDQ2NzNjMjBiLzEvNG5oM3EwbkxRcThLT2ZjM2pjVDZBbTNQVDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZmE3OTEtYjNjOS00OGFlLTgwMzQtYzIxMDQ2NzNjMjBi
LzEvMFlaSEFGLW9zRzVIN2k3N19lM0plZ3gzVmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8/WAwQC
ueAQAwQAwR3JMA0EAgACMAcDBQAqDMwAMA0GCSqGSIb3DQEBCwUAA4IBAQChIFi/
1KtYM4G5632nuelrfIdk9530nT5myJn8OkAThpfURbJu1BlhbeT38yYLCdc2EP7E
Ovvlq86BhZdmuslITtZHgUwM8dXteSpAipGgAkE7JE118joWW1fVbB8TvKaSOnNl
LyW9qnukNX2DkKbwJHORFgDUT1voWhWuXzV945RjMvwrEyr/WsE6AokLp1O+Jk5a
H6PNZn2VapbhqaB2LZpoxHT+fo0bwxKhQ9jh9iHrvhYoLs4bd+H/DNqXHJVqLXKN
CAeykJYpWnEogdz64gPaiZZb6+ZWbU/XTlTfbn89sskCW8DMP4BDPTB39hcRQ+EB
1szIWtQh4raPUY+2
-----END CERTIFICATE-----
Generated at Fri May 17 23:57:30 2024 by rpki-client on console-ams.rpki-client.org