Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/4M4BuOh_gORKdn-yRt1XOQJmRuo.roa
File: 4M4BuOh_gORKdn-yRt1XOQJmRuo.roa (raw, json)
Hash identifier: Dqy89wUGLXIQxbAiI3AetHOkMRIKmue/uOAlOl9N7yU=
Subject key identifier: E0:CE:01:B8:E8:7F:80:E4:4A:76:7F:B2:46:DD:57:39:02:66:46:EA
Certificate issuer: /CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Certificate serial: 018CC726E5A45BCF1ADAC0073D9D72F236E0
Authority key identifier: 6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/4M4BuOh_gORKdn-yRt1XOQJmRuo.roa
Signing time: Mon 01 Jan 2024 22:31:04 +0000
ROA not before: Mon 01 Jan 2024 22:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199046
IP address blocks: 193.7.220.0/24 maxlen: 24
193.7.220.0/22 maxlen: 22
193.7.222.0/24 maxlen: 24
193.7.221.0/24 maxlen: 24
193.7.223.0/24 maxlen: 24
45.146.14.0/24 maxlen: 24
45.146.13.0/24 maxlen: 24
45.146.15.0/24 maxlen: 24
45.146.12.0/24 maxlen: 24
45.146.12.0/22 maxlen: 22
5.133.24.0/21 maxlen: 24
5.253.68.0/24 maxlen: 24
5.253.68.0/22 maxlen: 22
5.253.70.0/24 maxlen: 24
5.253.69.0/24 maxlen: 24
5.253.71.0/24 maxlen: 24
185.132.249.0/24 maxlen: 24
185.132.251.0/24 maxlen: 24
185.132.250.0/24 maxlen: 24
185.132.248.0/24 maxlen: 24
185.132.248.0/22 maxlen: 22
2a09:9900::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:e5:a4:5b:cf:1a:da:c0:07:3d:9d:72:f2:36:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Validity
Not Before: Jan 1 22:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0ce01b8e87f80e44a767fb246dd5739026646ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e2:42:b4:04:46:9e:fe:0e:b2:87:a9:c0:62:
e0:62:37:fb:77:a6:21:a3:04:37:d1:af:6b:f2:ab:
cf:22:0e:50:4e:26:d9:3b:07:4e:e9:41:32:2c:f0:
2f:74:1c:2a:8f:ce:22:d2:ea:af:10:fe:82:ac:9c:
42:d0:1c:16:f3:ae:38:21:66:dc:fe:27:1c:66:35:
c6:5b:fe:25:56:fd:e7:08:a7:c6:a7:dc:a7:08:83:
0a:6c:5a:2c:89:ad:25:c9:97:54:c0:dc:5e:97:c1:
00:d6:7d:fe:2c:62:f4:0e:98:b4:3e:ba:99:7a:2d:
d5:ed:dd:92:29:50:bd:0a:d3:b6:b5:ae:b2:34:4c:
92:ed:2a:d6:0c:b7:0b:fa:5e:f0:05:f8:7a:f2:06:
2f:d8:7d:d0:1e:a4:c2:d2:90:51:5e:4d:31:f8:d6:
b9:59:39:5a:d8:b0:60:b5:cf:3b:ab:eb:b9:d9:ff:
05:8e:51:01:a5:cf:f1:09:b0:9d:c6:81:42:03:f1:
f6:80:28:e2:be:6f:72:01:d9:9c:da:fd:9f:40:99:
2f:c7:d6:fe:e0:38:66:96:3c:c5:96:0c:04:22:8b:
68:03:7e:50:3f:36:95:12:e1:4b:cd:96:df:a4:ff:
f7:06:c8:fe:d0:83:1c:c0:c6:35:d6:21:19:d5:3d:
a2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CE:01:B8:E8:7F:80:E4:4A:76:7F:B2:46:DD:57:39:02:66:46:EA
X509v3 Authority Key Identifier:
keyid:6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/4M4BuOh_gORKdn-yRt1XOQJmRuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.24.0/21
5.253.68.0/22
45.146.12.0/22
185.132.248.0/22
193.7.220.0/22
IPv6:
2a09:9900::/32
Signature Algorithm: sha256WithRSAEncryption
81:64:7e:f2:2c:f2:ea:3f:8f:4a:4a:94:f5:72:b0:b4:f5:df:
36:f2:b0:c8:aa:8a:21:1f:b6:3f:8a:20:95:15:29:c7:e2:dd:
51:96:10:e9:46:d5:c1:45:b9:16:37:74:b7:cb:53:70:5e:c3:
2a:cf:d0:ba:3b:3d:84:50:02:69:61:d5:8b:ca:82:53:e0:9a:
33:49:f8:3c:1a:37:e4:4a:58:d3:f6:94:34:38:21:ec:54:2c:
91:09:d3:29:54:a4:5c:74:9d:78:cf:a7:b7:7d:75:e4:ab:56:
f8:03:03:17:d9:d9:62:88:45:80:97:7a:f7:54:9f:77:96:6c:
59:21:44:f0:2e:d6:73:ca:41:f3:15:56:1d:63:9c:c8:a0:c4:
24:15:18:a1:84:d6:e0:5e:2d:e7:75:fe:68:eb:0c:79:0b:92:
2b:71:00:62:3a:e5:ed:5e:35:3b:ab:2a:17:74:04:9a:1d:bf:
5b:96:40:31:24:50:27:7a:33:b9:3a:9b:7e:ad:87:92:ba:3c:
4f:f3:4b:bb:ef:b2:d3:da:65:16:bf:16:26:ca:79:b1:11:5a:
3f:9a:03:e2:6a:fc:6a:d5:9b:9d:36:9c:8e:b9:06:ce:75:eb:
72:5c:88:e8:f8:4c:e1:8c:3c:eb:f4:b3:04:1e:a1:10:ef:fa:
c5:d7:77:12
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJuWkW88a2sAHPZ1y8jbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWFjYzQ0OGM0YTIzYWZjOTRhNDVhNzliNzZkZmJlODMw
YjI1OTgwHhcNMjQwMTAxMjIzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNlMDFiOGU4N2Y4MGU0NGE3NjdmYjI0NmRkNTczOTAyNjY0NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuJCtARGnv4OsoepwGLgYjf7d6Yh
owQ30a9r8qvPIg5QTibZOwdO6UEyLPAvdBwqj84i0uqvEP6CrJxC0BwW8644IWbc
/iccZjXGW/4lVv3nCKfGp9ynCIMKbFosia0lyZdUwNxel8EA1n3+LGL0Dpi0PrqZ
ei3V7d2SKVC9CtO2ta6yNEyS7SrWDLcL+l7wBfh68gYv2H3QHqTC0pBRXk0x+Na5
WTla2LBgtc87q+u52f8FjlEBpc/xCbCdxoFCA/H2gCjivm9yAdmc2v2fQJkvx9b+
4DhmljzFlgwEIotoA35QPzaVEuFLzZbfpP/3Bsj+0IMcwMY11iEZ1T2ipwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFODOAbjof4DkSnZ/skbdVzkCZkbqMB8GA1UdIwQY
MBaAFG2qzESMSiOvyUpFp5t2376DCyWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmFyTVJJeEtJNl9KU2tXbm0zYmZ2b01MSlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zNDY0OWUtOWJjNC00MDE4LWIzYTAt
NzU2ZjNjYzNlYzMzLzEvNE00QnVPaF9nT1JLZG4teVJ0MVhPUUptUnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zNDY0OWUtOWJjNC00MDE4LWIzYTAtNzU2ZjNjYzNlYzMz
LzEvYmFyTVJJeEtJNl9KU2tXbm0zYmZ2b01MSlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBYUYAwQC
Bf1EAwQCLZIMAwQCuYT4AwQCwQfcMA0EAgACMAcDBQAqCZkAMA0GCSqGSIb3DQEB
CwUAA4IBAQCBZH7yLPLqP49KSpT1crC09d828rDIqoohH7Y/iiCVFSnH4t1RlhDp
RtXBRbkWN3S3y1NwXsMqz9C6Oz2EUAJpYdWLyoJT4JozSfg8GjfkSljT9pQ0OCHs
VCyRCdMpVKRcdJ14z6e3fXXkq1b4AwMX2dliiEWAl3r3VJ93lmxZIUTwLtZzykHz
FVYdY5zIoMQkFRihhNbgXi3ndf5o6wx5C5IrcQBiOuXtXjU7qyoXdASaHb9blkAx
JFAnejO5Opt+rYeSujxP80u777LT2mUWvxYmynmxEVo/mgPiavxq1ZudNpyOuQbO
detyXIjo+EzhjDzr9LMEHqEQ7/rF13cS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:42 2024 by rpki-client on console-ams.rpki-client.org