Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/F4nAwWoc7AY6rAAzVNjAD6LtuEQ.roa
File: F4nAwWoc7AY6rAAzVNjAD6LtuEQ.roa (raw, json)
Hash identifier: USB7votBZnFPhIAC15OHKrvXOXQepI0snTupHyIzvVQ=
Subject key identifier: 17:89:C0:C1:6A:1C:EC:06:3A:AC:00:33:54:D8:C0:0F:A2:ED:B8:44
Certificate issuer: /CN=c469fe3d882c93e38e8b6a286a3177dc17e99ac7
Certificate serial: 0190BADC8D34D32A764CDFC333EE9E02ABAF
Authority key identifier: C4:69:FE:3D:88:2C:93:E3:8E:8B:6A:28:6A:31:77:DC:17:E9:9A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/F4nAwWoc7AY6rAAzVNjAD6LtuEQ.roa
Signing time: Tue 16 Jul 2024 09:25:34 +0000
ROA not before: Tue 16 Jul 2024 09:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197453
IP address blocks: 46.183.176.0/21 maxlen: 21
91.200.86.0/23 maxlen: 23
178.57.80.0/21 maxlen: 21
178.57.88.0/22 maxlen: 22
178.57.93.0/24 maxlen: 24
178.57.95.0/24 maxlen: 24
185.9.84.0/22 maxlen: 22
185.162.232.0/24 maxlen: 24
185.195.243.0/24 maxlen: 24
185.196.116.0/24 maxlen: 24
193.47.154.0/24 maxlen: 24
212.74.228.0/24 maxlen: 24
212.74.229.0/24 maxlen: 24
212.74.230.0/24 maxlen: 24
213.5.224.0/23 maxlen: 23
2a01:bc40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:dc:8d:34:d3:2a:76:4c:df:c3:33:ee:9e:02:ab:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c469fe3d882c93e38e8b6a286a3177dc17e99ac7
Validity
Not Before: Jul 16 09:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1789c0c16a1cec063aac003354d8c00fa2edb844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:21:4f:e2:4d:5e:b6:7f:0b:0b:e5:9d:43:96:
90:b8:f8:8b:aa:f8:e1:f0:3b:16:c1:34:4a:00:d0:
c3:11:90:78:54:df:c0:8e:50:7b:22:d3:85:d0:f1:
f0:f7:8b:63:df:5a:b0:48:75:07:14:03:2d:d8:3c:
93:16:31:2e:8e:b6:cf:31:24:29:63:7b:2e:b0:fb:
e4:f2:81:3f:c4:c4:14:cc:e2:f0:0c:5d:dc:19:7b:
1e:87:64:7e:e9:bd:d2:b2:cf:ac:db:d9:9b:df:f6:
f5:82:05:ad:30:92:8c:b2:d8:3c:0c:5e:a4:8f:ee:
f3:f6:75:f7:48:89:a9:18:9d:2e:a7:f6:8f:67:c9:
9d:37:c8:7e:03:56:43:b2:7c:3b:09:c9:2d:9f:70:
8f:a1:b1:2b:51:cf:22:5e:b8:fc:82:4d:c6:8c:2b:
f9:e6:f1:0b:76:50:e2:ff:b4:1a:32:f6:43:48:71:
25:84:d5:75:3a:34:7f:48:00:77:3f:a4:ef:e1:27:
20:9e:75:8a:d2:a1:61:46:af:41:a3:f7:be:22:36:
0e:31:59:fa:85:e0:a8:a6:75:c8:63:b1:83:f4:85:
cd:09:3d:e8:10:b4:c3:ab:a4:6e:8c:93:61:f3:76:
cf:d2:e7:b5:18:48:13:c3:6d:34:12:2b:01:e7:14:
9f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:89:C0:C1:6A:1C:EC:06:3A:AC:00:33:54:D8:C0:0F:A2:ED:B8:44
X509v3 Authority Key Identifier:
keyid:C4:69:FE:3D:88:2C:93:E3:8E:8B:6A:28:6A:31:77:DC:17:E9:9A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/F4nAwWoc7AY6rAAzVNjAD6LtuEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.176.0/21
91.200.86.0/23
178.57.80.0-178.57.91.255
178.57.93.0/24
178.57.95.0/24
185.9.84.0/22
185.162.232.0/24
185.195.243.0/24
185.196.116.0/24
193.47.154.0/24
212.74.228.0-212.74.230.255
213.5.224.0/23
IPv6:
2a01:bc40::/32
Signature Algorithm: sha256WithRSAEncryption
7a:41:e7:3a:4e:b3:50:ea:e4:0e:e2:b8:66:2c:05:f9:a8:e6:
77:16:59:6d:86:5b:bc:e9:67:9f:6b:7a:bc:4d:1b:d9:64:85:
ff:a2:16:f7:37:99:ae:3e:13:b4:5a:b5:2a:26:70:41:00:00:
34:55:03:cf:3c:ab:58:87:db:e6:89:92:39:6a:a9:8f:18:22:
f0:6e:04:69:85:e3:ec:bd:9a:1b:cb:e6:be:45:3a:0b:f1:d0:
c6:9c:b3:c1:f0:d5:89:27:31:3d:02:55:08:54:a0:e8:a7:36:
7b:62:5c:a7:2c:70:a6:d8:9a:ff:89:64:3e:13:f7:1d:47:9f:
49:de:d2:96:1f:29:78:4e:8d:ef:67:9c:87:6a:a4:87:31:56:
4d:95:5d:f2:5f:d2:09:b6:63:c5:7a:e0:e3:a9:5a:be:fb:63:
7e:fc:1e:be:60:f2:3e:23:d5:bc:a1:1d:ee:96:43:a8:57:77:
4a:7f:71:ed:60:10:fe:c3:09:dc:c9:3c:55:ec:e3:06:fa:09:
4c:0a:03:93:67:47:a1:bb:d2:5f:b4:ff:08:eb:65:b4:9b:38:
37:91:63:b1:e7:6a:7e:06:5e:f7:2b:1f:29:47:18:da:5c:ef:
75:99:39:02:0a:2b:b0:e7:b7:74:1a:7a:64:f3:67:4d:16:a0:
57:d8:34:31
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZC63I000yp2TN/DM+6eAquvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NjlmZTNkODgyYzkzZTM4ZThiNmEyODZhMzE3N2RjMTdl
OTlhYzcwHhcNMjQwNzE2MDkyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzg5YzBjMTZhMWNlYzA2M2FhYzAwMzM1NGQ4YzAwZmEyZWRiODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSFP4k1etn8LC+WdQ5aQuPiLqvjh
8DsWwTRKANDDEZB4VN/AjlB7ItOF0PHw94tj31qwSHUHFAMt2DyTFjEujrbPMSQp
Y3susPvk8oE/xMQUzOLwDF3cGXseh2R+6b3Sss+s29mb3/b1ggWtMJKMstg8DF6k
j+7z9nX3SImpGJ0up/aPZ8mdN8h+A1ZDsnw7Ccktn3CPobErUc8iXrj8gk3GjCv5
5vELdlDi/7QaMvZDSHElhNV1OjR/SAB3P6Tv4ScgnnWK0qFhRq9Bo/e+IjYOMVn6
heCopnXIY7GD9IXNCT3oELTDq6RujJNh83bP0ue1GEgTw200EisB5xSfnwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBeJwMFqHOwGOqwAM1TYwA+i7bhEMB8GA1UdIwQY
MBaAFMRp/j2ILJPjjotqKGoxd9wX6ZrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEduLVBZZ3NrLU9PaTJvb2FqRjMzQmZwbXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jNDc1YWItZmRkNS00OTJmLTgxM2Et
NjFkOWEyM2YzNDExLzEvRjRuQXdXb2M3QVk2ckFBelZOakFENkx0dUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jNDc1YWItZmRkNS00OTJmLTgxM2EtNjFkOWEyM2YzNDEx
LzEveEduLVBZZ3NrLU9PaTJvb2FqRjMzQmZwbXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wXgQCAAEwWAMEAy63sAME
AVvIVjAMAwQEsjlQAwQCsjlYAwQAsjldAwQAsjlfAwQCuQlUAwQAuaLoAwQAucPz
AwQAucR0AwQAwS+aMAwDBALUSuQDBADUSuYDBAHVBeAwDQQCAAIwBwMFACoBvEAw
DQYJKoZIhvcNAQELBQADggEBAHpB5zpOs1Dq5A7iuGYsBfmo5ncWWW2GW7zpZ59r
erxNG9lkhf+iFvc3ma4+E7RatSomcEEAADRVA888q1iH2+aJkjlqqY8YIvBuBGmF
4+y9mhvL5r5FOgvx0Macs8Hw1YknMT0CVQhUoOinNntiXKcscKbYmv+JZD4T9x1H
n0ne0pYfKXhOje9nnIdqpIcxVk2VXfJf0gm2Y8V64OOpWr77Y378Hr5g8j4j1byh
He6WQ6hXd0p/ce1gEP7DCdzJPFXs4wb6CUwKA5NnR6G70l+0/wjrZbSbODeRY7Hn
an4GXvcrHylHGNpc73WZOQIKK7Dnt3QaemTzZ00WoFfYNDE=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:34 2024 by rpki-client on console-ams.rpki-client.org