Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/a4vmpNJH9x7EqcB7Bs2HgHXBhHQ.roa
File: a4vmpNJH9x7EqcB7Bs2HgHXBhHQ.roa (raw, json)
Hash identifier: Ru8G+uMhJpzOEyOmsYwp0/3EDe5UfCfNRWTduF8bI4s=
Subject key identifier: 6B:8B:E6:A4:D2:47:F7:1E:C4:A9:C0:7B:06:CD:87:80:75:C1:84:74
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018CC802D3F298F0568862BD08C06B4ED998
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/a4vmpNJH9x7EqcB7Bs2HgHXBhHQ.roa
Signing time: Tue 02 Jan 2024 02:31:17 +0000
ROA not before: Tue 02 Jan 2024 02:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 192.6.252.0/22 maxlen: 22
192.6.64.0/22 maxlen: 22
158.120.58.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
192.25.232.0/22 maxlen: 22
158.120.54.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
158.120.62.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
192.137.24.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d3:f2:98:f0:56:88:62:bd:08:c0:6b:4e:d9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 2 02:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8be6a4d247f71ec4a9c07b06cd878075c18474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7a:81:2b:b6:eb:40:1b:df:3f:50:59:40:20:
d5:c9:52:4e:fa:4e:d4:03:df:19:98:b3:58:a3:0c:
ce:c8:f7:83:e9:13:e1:21:fa:c2:a1:97:b6:0e:c3:
da:3a:95:8f:04:02:81:37:b5:b8:72:f9:dd:b0:f9:
6c:9b:29:fe:2e:5c:16:93:14:00:6e:82:2f:2f:c6:
a3:71:69:42:9f:bc:62:cd:22:a9:5a:af:5a:9f:67:
36:44:dd:c0:8b:f4:b0:4a:c7:d2:da:06:69:40:af:
28:cd:2b:79:ba:06:8a:39:a8:42:15:2c:d4:04:00:
4b:29:b3:76:53:b2:de:98:7d:94:11:29:a0:6d:dd:
19:8f:4b:1b:1e:fe:80:cf:30:e0:5a:1c:fd:e2:d1:
b9:e8:55:e3:cd:e4:a2:dd:36:6b:fd:4c:c4:a4:75:
31:c0:a1:42:9a:3a:a6:55:b7:2d:55:8c:4c:73:aa:
72:4d:3b:b3:ba:55:ce:55:2f:5e:78:33:a6:a3:c9:
92:11:2a:f8:c8:df:5b:29:2d:58:f6:43:10:b3:1d:
dc:3c:eb:5d:a7:6b:a4:63:68:e9:10:6d:e3:5f:56:
5d:bf:f6:66:85:00:af:fc:1b:17:6e:65:39:cc:be:
77:c6:7b:37:74:21:a9:af:a0:dd:08:5a:4d:66:ba:
e8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8B:E6:A4:D2:47:F7:1E:C4:A9:C0:7B:06:CD:87:80:75:C1:84:74
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/a4vmpNJH9x7EqcB7Bs2HgHXBhHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:e1:c5:27:12:6f:05:d9:bb:45:9f:9c:2b:13:da:5e:f2:2a:
c2:0d:66:79:79:93:65:c6:d8:4c:74:8e:42:c3:9d:81:ff:23:
22:00:6c:a2:0c:60:49:1d:a8:e7:85:4c:ee:24:8f:9a:7d:88:
ae:62:c4:4e:26:67:ee:e8:0c:f2:14:84:5f:a0:09:1b:3a:4e:
2c:09:c9:08:f4:98:4e:a2:29:28:c9:e9:62:b0:63:6f:b5:00:
09:7b:ee:0b:23:01:cc:c8:3a:84:43:26:46:eb:bc:39:a1:ad:
b4:44:1b:54:f3:9b:86:85:f6:c2:d8:00:c9:3e:9e:c6:b0:5e:
27:8c:db:c2:e0:a2:a1:34:2f:50:a8:3e:7c:b0:15:b6:66:88:
b5:a7:1f:73:45:d7:04:57:71:97:de:7f:b8:8a:6b:f6:22:f1:
dc:91:89:59:7e:37:54:83:10:59:bf:bf:be:a8:b3:aa:11:3a:
aa:56:8a:a5:cc:e2:8c:70:f4:7b:08:24:8e:98:32:97:8c:5d:
d6:63:7b:bb:c2:0f:25:09:1e:ae:a9:69:8c:ae:42:49:22:1e:
7c:b7:11:b2:03:54:5e:0e:05:8c:7d:c9:c4:14:66:9a:10:84:
a3:d3:2c:d5:67:1f:76:c4:d1:2b:33:22:40:f7:fd:65:e5:4b:
f2:48:0b:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzIAtPymPBWiGK9CMBrTtmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjQwMTAyMDIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhiZTZhNGQyNDdmNzFlYzRhOWMwN2IwNmNkODc4MDc1YzE4NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3qBK7brQBvfP1BZQCDVyVJO+k7U
A98ZmLNYowzOyPeD6RPhIfrCoZe2DsPaOpWPBAKBN7W4cvndsPlsmyn+LlwWkxQA
boIvL8ajcWlCn7xizSKpWq9an2c2RN3Ai/SwSsfS2gZpQK8ozSt5ugaKOahCFSzU
BABLKbN2U7LemH2UESmgbd0Zj0sbHv6AzzDgWhz94tG56FXjzeSi3TZr/UzEpHUx
wKFCmjqmVbctVYxMc6pyTTuzulXOVS9eeDOmo8mSESr4yN9bKS1Y9kMQsx3cPOtd
p2ukY2jpEG3jX1Zdv/ZmhQCv/BsXbmU5zL53xns3dCGpr6DdCFpNZrrojQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGuL5qTSR/cexKnAewbNh4B1wYR0MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvYTR2bXBOSkg5eDdFcWNCN0JzMkhnSFhCaEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAnngwAwQA
nngyAwQAnng0AwQAnng2AwQAnng4AwQAnng6AwQAnng8AwQAnng+AwQCwAZAAwQC
wAasAwQCwAb8AwQCwBm0AwQCwBnIAwQCwBnQAwQCwBnoAwQCwBn0AwQCwIkYMA0G
CSqGSIb3DQEBCwUAA4IBAQC24cUnEm8F2btFn5wrE9pe8irCDWZ5eZNlxthMdI5C
w52B/yMiAGyiDGBJHajnhUzuJI+afYiuYsROJmfu6AzyFIRfoAkbOk4sCckI9JhO
oikoyelisGNvtQAJe+4LIwHMyDqEQyZG67w5oa20RBtU85uGhfbC2ADJPp7GsF4n
jNvC4KKhNC9QqD58sBW2Zoi1px9zRdcEV3GX3n+4imv2IvHckYlZfjdUgxBZv7++
qLOqETqqVoqlzOKMcPR7CCSOmDKXjF3WY3u7wg8lCR6uqWmMrkJJIh58txGyA1Re
DgWMfcnEFGaaEISj0yzVZx92xNErMyJA9/1l5UvySAtG
-----END CERTIFICATE-----
Generated at Mon May 6 04:24:13 2024 by rpki-client on console-fra.rpki-client.org