Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/4WTvs_8bYDSBDPj8ncqO29xACfs.roa
File: 4WTvs_8bYDSBDPj8ncqO29xACfs.roa (raw, json)
Hash identifier: mONYxnMrU3qxDwE8ivYfYsRiVU3o5o5mnjxiWZ5+3xE=
Subject key identifier: E1:64:EF:B3:FF:1B:60:34:81:0C:F8:FC:9D:CA:8E:DB:DC:40:09:FB
Certificate issuer: /CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Certificate serial: 018F2D6593435CF6E06709DFDB9CBFB9E83A
Authority key identifier: 9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/4WTvs_8bYDSBDPj8ncqO29xACfs.roa
Signing time: Tue 30 Apr 2024 05:06:22 +0000
ROA not before: Tue 30 Apr 2024 05:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51825
IP address blocks: 46.31.96.0/21 maxlen: 21
46.31.96.0/23 maxlen: 23
46.31.96.0/24 maxlen: 24
46.31.97.0/24 maxlen: 24
46.31.98.0/23 maxlen: 23
46.31.98.0/24 maxlen: 24
46.31.99.0/24 maxlen: 24
46.31.100.0/23 maxlen: 23
46.31.100.0/24 maxlen: 24
46.31.101.0/24 maxlen: 24
46.31.102.0/23 maxlen: 23
46.31.102.0/24 maxlen: 24
46.31.103.0/24 maxlen: 24
147.234.92.0/22 maxlen: 22
147.234.96.0/21 maxlen: 21
185.24.204.0/22 maxlen: 22
185.24.204.0/23 maxlen: 23
185.24.204.0/24 maxlen: 24
185.24.205.0/24 maxlen: 24
185.24.206.0/23 maxlen: 23
185.24.206.0/24 maxlen: 24
185.24.207.0/24 maxlen: 24
213.137.64.0/20 maxlen: 20
213.137.64.0/24 maxlen: 24
213.137.65.0/24 maxlen: 24
213.137.66.0/24 maxlen: 24
213.137.67.0/24 maxlen: 24
213.137.70.0/24 maxlen: 24
213.137.71.0/24 maxlen: 24
213.137.72.0/23 maxlen: 23
213.137.73.0/24 maxlen: 24
2a02:5080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:65:93:43:5c:f6:e0:67:09:df:db:9c:bf:b9:e8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Validity
Not Before: Apr 30 05:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e164efb3ff1b6034810cf8fc9dca8edbdc4009fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:b7:62:d3:14:a8:24:ae:8e:ea:23:23:20:
28:2f:12:1c:bc:72:60:66:fb:e5:87:fb:cd:2f:0a:
c8:cb:b8:0b:ed:d8:fa:18:37:d2:22:d6:59:bf:f1:
5f:82:9b:a4:3c:cb:91:96:7e:6f:45:5d:88:49:6c:
dd:68:a3:6b:19:79:09:df:9d:9f:31:99:b0:aa:2f:
e5:08:84:a9:e6:bd:86:59:3b:f9:0d:ec:e5:43:8d:
59:aa:7f:88:f0:8c:c8:cd:49:2a:43:4d:61:60:16:
3f:e1:41:50:56:8d:82:94:77:b7:bc:de:ec:25:92:
31:0b:78:71:2a:c7:9d:02:48:c8:bd:75:be:65:7e:
47:a4:57:1e:47:e1:b2:90:36:97:4b:24:42:4f:73:
39:47:c7:b4:d7:a1:e3:c9:fe:50:76:be:77:ea:5d:
2c:4c:e1:0e:d2:fc:24:1f:a9:9a:9b:fc:90:16:ab:
d7:09:db:7a:4c:5b:b5:1e:b7:e6:10:48:f2:83:e0:
93:4d:8b:46:82:c8:34:12:7b:40:5f:ee:f1:13:7f:
f7:59:55:c3:ac:e1:25:8f:05:96:cc:91:37:5a:70:
dd:03:bd:48:f8:8b:66:83:e6:41:be:35:fc:17:30:
19:60:53:23:95:4e:de:6b:c0:a4:06:db:1b:32:43:
d4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:64:EF:B3:FF:1B:60:34:81:0C:F8:FC:9D:CA:8E:DB:DC:40:09:FB
X509v3 Authority Key Identifier:
keyid:9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/4WTvs_8bYDSBDPj8ncqO29xACfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.96.0/21
147.234.92.0-147.234.103.255
185.24.204.0/22
213.137.64.0/20
IPv6:
2a02:5080::/32
Signature Algorithm: sha256WithRSAEncryption
7d:b9:2b:8b:8a:0c:a1:f0:5d:72:d0:98:ff:d7:93:52:19:03:
cd:0e:86:2d:fb:f4:d2:56:b6:bc:65:84:44:70:21:cd:a3:37:
b8:63:4b:8f:97:0c:71:be:f3:78:86:45:7e:0a:22:69:9d:c7:
ba:fa:31:b9:8a:e8:e0:79:15:bc:7f:70:23:50:39:be:a0:f4:
aa:32:99:fa:ff:21:b6:22:26:3f:07:cf:94:5c:99:cc:8f:27:
4d:a4:3c:43:13:05:4f:fb:df:04:67:d1:3e:8e:3d:b1:b6:04:
87:74:5d:ae:e2:bb:af:a3:9d:01:ef:90:3e:34:bb:23:3c:ed:
41:92:e0:81:ad:84:46:10:6a:e3:00:33:5a:0c:2a:65:72:03:
4b:96:2a:75:88:25:37:4d:72:1c:c8:6d:5b:13:94:b7:08:57:
f8:29:7c:2e:d7:03:71:ed:fc:c5:60:2d:c0:3b:ee:5b:54:6c:
42:52:da:bf:76:e6:b7:2e:3c:ce:22:02:3a:c2:d5:52:8e:e1:
59:45:67:ec:66:1c:a1:8e:aa:e0:ea:d0:8c:2e:15:54:08:7d:
e0:81:49:22:7c:90:df:a5:d0:c3:8a:14:98:09:f4:43:a7:43:
a0:b1:ea:2a:90:15:70:ce:bf:fe:59:9b:43:76:a7:cd:62:47:
91:11:08:4b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY8tZZNDXPbgZwnf25y/ueg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTg5NWU3ZjZhNmQ0YWJhOWM5NjFmNzEzYjJlNzk3MTVm
MDIxZjAwHhcNMjQwNDMwMDUwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTY0ZWZiM2ZmMWI2MDM0ODEwY2Y4ZmM5ZGNhOGVkYmRjNDAwOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm63YtMUqCSujuojIyAoLxIcvHJg
Zvvlh/vNLwrIy7gL7dj6GDfSItZZv/FfgpukPMuRln5vRV2ISWzdaKNrGXkJ352f
MZmwqi/lCISp5r2GWTv5DezlQ41Zqn+I8IzIzUkqQ01hYBY/4UFQVo2ClHe3vN7s
JZIxC3hxKsedAkjIvXW+ZX5HpFceR+GykDaXSyRCT3M5R8e016Hjyf5Qdr536l0s
TOEO0vwkH6mam/yQFqvXCdt6TFu1HrfmEEjyg+CTTYtGgsg0EntAX+7xE3/3WVXD
rOEljwWWzJE3WnDdA71I+Itmg+ZBvjX8FzAZYFMjlU7ea8CkBtsbMkPUhQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOFk77P/G2A0gQz4/J3KjtvcQAn7MB8GA1UdIwQY
MBaAFJtYlef2ptSrqclh9xOy55cV8CHwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDIt
ZmMyYTk3YjdkNTNlLzEvNFdUdnNfOGJZRFNCRFBqOG5jcU8yOXhBQ2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDItZmMyYTk3YjdkNTNl
LzEvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLh9gMAwD
BAKT6lwDBAOT6mADBAK5GMwDBATViUAwDQQCAAIwBwMFACoCUIAwDQYJKoZIhvcN
AQELBQADggEBAH25K4uKDKHwXXLQmP/Xk1IZA80Ohi379NJWtrxlhERwIc2jN7hj
S4+XDHG+83iGRX4KImmdx7r6MbmK6OB5Fbx/cCNQOb6g9Koymfr/IbYiJj8Hz5Rc
mcyPJ02kPEMTBU/73wRn0T6OPbG2BId0Xa7iu6+jnQHvkD40uyM87UGS4IGthEYQ
auMAM1oMKmVyA0uWKnWIJTdNchzIbVsTlLcIV/gpfC7XA3Ht/MVgLcA77ltUbEJS
2r925rcuPM4iAjrC1VKO4VlFZ+xmHKGOquDq0IwuFVQIfeCBSSJ8kN+l0MOKFJgJ
9EOnQ6Cx6iqQFXDOv/5Zm0N2p81iR5ERCEs=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:37:08 2024 by rpki-client on console-ams.rpki-client.org