Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/SA4--3RL1LKqftGapPAScoFDGdM.roa
File: SA4--3RL1LKqftGapPAScoFDGdM.roa (raw, json)
Hash identifier: 9BSX+UaSRLiXdFwKfd1GLeQrhAGBTCGU7o960nM2+GY=
Subject key identifier: 48:0E:3E:FB:74:4B:D4:B2:AA:7E:D1:9A:A4:F0:12:72:81:43:19:D3
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 019320628D96E67E78CBE3EE11ECA7EA795B
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/SA4--3RL1LKqftGapPAScoFDGdM.roa
Signing time: Tue 12 Nov 2024 12:39:09 +0000
ROA not before: Tue 12 Nov 2024 12:39:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 46.226.160.0/21 maxlen: 32
89.169.32.0/22 maxlen: 32
89.169.52.0/22 maxlen: 32
92.246.136.0/22 maxlen: 32
213.108.20.0/24 maxlen: 32
213.108.21.0/24 maxlen: 32
213.108.22.0/24 maxlen: 32
213.108.23.0/24 maxlen: 32
217.144.185.0/24 maxlen: 32
217.144.186.0/24 maxlen: 32
217.144.187.0/24 maxlen: 32
217.144.188.0/24 maxlen: 32
217.144.189.0/24 maxlen: 32
217.144.190.0/24 maxlen: 32
217.144.191.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:62:8d:96:e6:7e:78:cb:e3:ee:11:ec:a7:ea:79:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Nov 12 12:39:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=480e3efb744bd4b2aa7ed19aa4f01272814319d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:23:69:5e:63:b3:33:be:0d:7a:72:6d:21:9e:
00:56:07:f7:66:36:50:8f:9a:73:57:98:03:a7:64:
84:eb:4b:ed:20:2f:da:0f:fd:eb:e9:23:32:6e:58:
8b:0e:25:9e:28:3d:f1:d9:7d:f6:c1:17:24:e0:bc:
15:3f:1d:b2:a4:77:8d:e1:5c:63:75:1e:94:59:a5:
64:e7:e9:44:d5:75:09:a3:c1:53:6f:b5:0c:e4:a1:
73:03:6a:84:bf:7a:fa:ad:e9:eb:1c:82:3f:32:27:
ca:08:52:b5:b3:98:76:d1:be:27:e5:0d:9c:98:23:
91:e5:92:4c:cb:d8:3b:9a:6b:49:03:c3:8c:de:c2:
4c:3a:9c:bc:4d:d4:52:70:0e:45:1c:38:31:9c:0c:
b8:b5:d7:83:da:20:5d:af:b6:d9:e6:d6:2e:4d:a6:
79:a6:71:b9:78:13:53:cf:fa:8d:e9:d7:f1:d9:8e:
8b:7b:b9:0c:77:85:0c:b4:83:ff:71:5d:f5:58:52:
9f:fd:01:f4:04:67:14:20:dc:e5:b1:ad:c6:90:7a:
e0:21:de:ad:e4:16:51:c7:e6:b0:4e:35:6b:f9:37:
e7:f8:b1:42:6a:c3:a0:f9:5a:77:51:3c:f1:b4:41:
fb:d0:8f:64:f8:d9:ee:4f:67:61:a8:c7:95:64:97:
b5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0E:3E:FB:74:4B:D4:B2:AA:7E:D1:9A:A4:F0:12:72:81:43:19:D3
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/SA4--3RL1LKqftGapPAScoFDGdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
89.169.32.0/22
89.169.52.0/22
92.246.136.0/22
213.108.20.0/22
217.144.185.0-217.144.191.255
Signature Algorithm: sha256WithRSAEncryption
b0:a0:0a:48:80:4d:56:fb:44:cd:4b:92:81:af:e8:46:7d:27:
07:a0:2b:ef:78:5c:b9:9b:3e:1b:29:e4:fb:10:69:83:c1:d2:
ca:9a:b2:1d:98:fe:58:fc:a4:c0:9d:4a:98:04:ae:2b:9d:8d:
02:c9:fa:8b:8a:6b:04:6b:dd:d8:bc:4c:1f:84:94:3c:37:4f:
f2:6c:b4:05:9e:e5:73:77:7f:b7:5f:33:93:76:f7:d6:bc:3a:
2c:83:7a:58:25:42:a7:63:32:16:e8:3b:5f:65:fb:b2:02:be:
bd:2f:ed:01:e4:cc:bf:b9:49:cc:ea:1b:78:9a:85:a2:79:23:
4f:64:43:00:45:99:7f:0a:cd:2c:7a:27:8d:be:5d:31:46:0e:
b2:0a:5d:15:de:d6:9d:9c:31:d3:9c:50:e7:29:3e:d3:42:c7:
49:4a:a4:a3:a5:ba:00:6b:2b:c2:de:2d:c4:a2:a9:c5:a4:82:
b0:f0:d7:c8:db:ac:54:7b:16:49:52:b2:4f:74:b5:14:5c:c7:
55:22:9e:9a:a0:b8:2c:da:92:d2:ba:14:85:2d:8f:54:c9:bd:
3c:ea:34:7e:b0:89:cd:b4:93:ce:97:86:26:5f:0a:79:a4:6e:
34:9e:ad:47:b1:99:1d:ed:9c:c8:ca:b4:44:ed:3f:6a:72:b3:
b9:2b:fd:09
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZMgYo2W5n54y+PuEeyn6nlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQxMTEyMTIzOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODBlM2VmYjc0NGJkNGIyYWE3ZWQxOWFhNGYwMTI3MjgxNDMxOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyNpXmOzM74NenJtIZ4AVgf3ZjZQ
j5pzV5gDp2SE60vtIC/aD/3r6SMybliLDiWeKD3x2X32wRck4LwVPx2ypHeN4Vxj
dR6UWaVk5+lE1XUJo8FTb7UM5KFzA2qEv3r6renrHII/MifKCFK1s5h20b4n5Q2c
mCOR5ZJMy9g7mmtJA8OM3sJMOpy8TdRScA5FHDgxnAy4tdeD2iBdr7bZ5tYuTaZ5
pnG5eBNTz/qN6dfx2Y6Le7kMd4UMtIP/cV31WFKf/QH0BGcUINzlsa3GkHrgId6t
5BZRx+awTjVr+Tfn+LFCasOg+Vp3UTzxtEH70I9k+NnuT2dhqMeVZJe1rQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEgOPvt0S9Syqn7RmqTwEnKBQxnTMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvU0E0LS0zUkwxTEtxZnRHYXBQQVNjb0ZER2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDLuKgAwQC
WakgAwQCWak0AwQCXPaIAwQC1WwUMAwDBADZkLkDBAbZkIAwDQYJKoZIhvcNAQEL
BQADggEBALCgCkiATVb7RM1LkoGv6EZ9JwegK+94XLmbPhsp5PsQaYPB0sqash2Y
/lj8pMCdSpgEriudjQLJ+ouKawRr3di8TB+ElDw3T/JstAWe5XN3f7dfM5N299a8
OiyDelglQqdjMhboO19l+7ICvr0v7QHkzL+5SczqG3iahaJ5I09kQwBFmX8KzSx6
J42+XTFGDrIKXRXe1p2cMdOcUOcpPtNCx0lKpKOlugBrK8LeLcSiqcWkgrDw18jb
rFR7FklSsk90tRRcx1UinpqguCzaktK6FIUtj1TJvTzqNH6wic20k86XhiZfCnmk
bjSerUexmR3tnMjKtETtP2pys7kr/Qk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:46 2024 by rpki-client on console-ams.rpki-client.org