Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/4ARG7dN_UWclQ-rfAtZG7qsBAP8.roa
File: 4ARG7dN_UWclQ-rfAtZG7qsBAP8.roa (raw, json)
Hash identifier: FLt7IJ3Qv/PbliOseWo5lqCzOpguJYkHs4AV3VE7pcw=
Subject key identifier: E0:04:46:ED:D3:7F:51:67:25:43:EA:DF:02:D6:46:EE:AB:01:00:FF
Certificate issuer: /CN=1b31e73e6d3fc745f127a7ed990aa41214905e61
Certificate serial: 018CC8DF06868D3BF1B7FC670BC647716C8A
Authority key identifier: 1B:31:E7:3E:6D:3F:C7:45:F1:27:A7:ED:99:0A:A4:12:14:90:5E:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/4ARG7dN_UWclQ-rfAtZG7qsBAP8.roa
Signing time: Tue 02 Jan 2024 06:31:48 +0000
ROA not before: Tue 02 Jan 2024 06:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21230
IP address blocks: 84.43.160.0/19 maxlen: 19
84.43.192.0/21 maxlen: 21
84.43.200.0/21 maxlen: 21
84.43.208.0/21 maxlen: 21
84.43.216.0/21 maxlen: 21
84.43.224.0/21 maxlen: 21
185.221.32.0/22 maxlen: 22
84.43.232.0/21 maxlen: 21
193.110.216.0/21 maxlen: 21
84.43.128.0/19 maxlen: 19
84.43.240.0/20 maxlen: 20
2a00:82a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:06:86:8d:3b:f1:b7:fc:67:0b:c6:47:71:6c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b31e73e6d3fc745f127a7ed990aa41214905e61
Validity
Not Before: Jan 2 06:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e00446edd37f51672543eadf02d646eeab0100ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:40:dc:ef:73:38:19:00:5a:e9:28:b6:f9:67:
40:1b:f9:5c:c4:30:df:72:88:18:93:51:8a:67:22:
99:c9:ed:e9:c9:33:57:73:44:fb:74:04:73:0c:82:
96:56:97:f6:d8:ae:28:9a:da:cf:fd:b0:46:e6:e7:
d4:c4:2a:73:34:a2:8a:1e:8a:5d:11:02:cc:7b:c1:
43:88:dd:45:d9:ef:c9:30:9f:1e:b2:2f:47:5f:12:
53:29:6d:f6:f0:d8:b9:41:6e:48:08:ae:3e:ca:2c:
17:82:c7:ec:f8:d0:e4:1b:b0:34:85:c5:3c:aa:1e:
2f:16:3e:9d:d5:53:19:cd:08:1d:0e:74:de:dd:2f:
e4:16:0e:89:e3:e0:c6:2a:ee:59:e5:98:a2:d5:54:
ef:9a:4f:5d:94:f0:4e:28:40:58:b1:e2:9e:0e:79:
df:07:6c:5a:ee:8f:e8:f2:dc:1e:f7:a3:6c:88:8e:
3c:3b:30:e7:ab:3c:1d:a0:3f:9f:ff:aa:4d:71:f3:
9c:9f:36:c7:9b:31:4a:bd:c2:e6:ce:2e:1e:01:ab:
e6:18:4f:63:69:40:b4:d9:7d:e3:91:f7:65:04:f5:
8a:32:65:ca:45:24:9c:d2:b9:2b:68:85:5c:a0:c7:
da:f0:c3:d6:87:09:11:2f:48:38:2f:ee:96:90:e1:
9f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:04:46:ED:D3:7F:51:67:25:43:EA:DF:02:D6:46:EE:AB:01:00:FF
X509v3 Authority Key Identifier:
keyid:1B:31:E7:3E:6D:3F:C7:45:F1:27:A7:ED:99:0A:A4:12:14:90:5E:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/4ARG7dN_UWclQ-rfAtZG7qsBAP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.43.128.0/17
185.221.32.0/22
193.110.216.0/21
IPv6:
2a00:82a0::/32
Signature Algorithm: sha256WithRSAEncryption
53:36:74:2c:24:d3:6c:34:a2:13:ec:4b:91:11:9b:cf:1e:0b:
ce:f7:a2:11:5b:6b:9b:3c:99:37:84:cf:11:6c:a6:6d:b8:b2:
13:ed:43:00:c8:dc:ee:ea:79:9a:94:bc:46:f3:d2:ad:8b:37:
28:61:19:4f:1f:1f:b5:7b:d1:77:fa:f4:21:53:6b:70:50:92:
ec:19:05:07:67:f1:4d:e9:c0:6a:b6:e8:f5:de:9f:c2:0f:55:
67:d6:21:99:aa:98:63:ab:29:64:06:41:67:83:40:1a:1f:a3:
f0:cc:bc:a2:2c:e0:fc:f5:ee:a6:57:cf:36:6a:96:2c:5e:4b:
28:f9:64:c1:93:93:5e:ef:58:ec:2e:a0:eb:be:f5:2e:b9:78:
95:54:63:c9:bf:59:d0:f7:74:e1:9f:48:41:b0:a1:1f:00:6c:
24:42:5b:07:cd:4f:ce:7e:9f:0c:20:b6:a5:55:be:92:73:52:
1f:3e:a9:5c:c1:46:b6:3d:a1:27:f7:de:66:a7:e4:61:5d:38:
f8:93:8b:2a:d8:96:70:b5:9b:75:c2:d2:6f:85:b3:12:e2:db:
e0:01:ed:b9:4a:ad:e4:a3:95:08:a7:32:e0:a1:67:55:e0:e4:
28:ee:44:63:ca:98:56:b5:ef:30:84:75:e3:61:01:5d:a0:f2:
33:94:a7:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI3waGjTvxt/xnC8ZHcWyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzFlNzNlNmQzZmM3NDVmMTI3YTdlZDk5MGFhNDEyMTQ5
MDVlNjEwHhcNMjQwMTAyMDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA0NDZlZGQzN2Y1MTY3MjU0M2VhZGYwMmQ2NDZlZWFiMDEwMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0Dc73M4GQBa6Si2+WdAG/lcxDDf
cogYk1GKZyKZye3pyTNXc0T7dARzDIKWVpf22K4omtrP/bBG5ufUxCpzNKKKHopd
EQLMe8FDiN1F2e/JMJ8esi9HXxJTKW328Ni5QW5ICK4+yiwXgsfs+NDkG7A0hcU8
qh4vFj6d1VMZzQgdDnTe3S/kFg6J4+DGKu5Z5Zii1VTvmk9dlPBOKEBYseKeDnnf
B2xa7o/o8twe96NsiI48OzDnqzwdoD+f/6pNcfOcnzbHmzFKvcLmzi4eAavmGE9j
aUC02X3jkfdlBPWKMmXKRSSc0rkraIVcoMfa8MPWhwkRL0g4L+6WkOGfCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOAERu3Tf1FnJUPq3wLWRu6rAQD/MB8GA1UdIwQY
MBaAFBsx5z5tP8dF8Sen7ZkKpBIUkF5hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3pIblBtMF94MFh4SjZmdG1RcWtFaFNRWG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMWZkZDYtNzMwZS00YWYwLThhNTYt
NDYwMjczZjE2ZGRkLzEvNEFSRzdkTl9VV2NsUS1yZkF0Wkc3cXNCQVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMWZkZDYtNzMwZS00YWYwLThhNTYtNDYwMjczZjE2ZGRk
LzEvR3pIblBtMF94MFh4SjZmdG1RcWtFaFNRWG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHVCuAAwQC
ud0gAwQDwW7YMA0EAgACMAcDBQAqAIKgMA0GCSqGSIb3DQEBCwUAA4IBAQBTNnQs
JNNsNKIT7EuREZvPHgvO96IRW2ubPJk3hM8RbKZtuLIT7UMAyNzu6nmalLxG89Kt
izcoYRlPHx+1e9F3+vQhU2twUJLsGQUHZ/FN6cBqtuj13p/CD1Vn1iGZqphjqylk
BkFng0AaH6PwzLyiLOD89e6mV882apYsXkso+WTBk5Ne71jsLqDrvvUuuXiVVGPJ
v1nQ93Thn0hBsKEfAGwkQlsHzU/Ofp8MILalVb6Sc1IfPqlcwUa2PaEn995mp+Rh
XTj4k4sq2JZwtZt1wtJvhbMS4tvgAe25Sq3ko5UIpzLgoWdV4OQo7kRjyphWte8w
hHXjYQFdoPIzlKf+
-----END CERTIFICATE-----
Generated at Sun May 5 13:08:39 2024 by rpki-client on console-fra.rpki-client.org