Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/4EtvpWp3t3yuG9UpobViZqd9YvI.roa
File: 4EtvpWp3t3yuG9UpobViZqd9YvI.roa (raw, json)
Hash identifier: C8B2UPgeBh8R3D6nfq5RnZzNhCmW6Jv2BKfEcsCYGis=
Subject key identifier: E0:4B:6F:A5:6A:77:B7:7C:AE:1B:D5:29:A1:B5:62:66:A7:7D:62:F2
Certificate issuer: /CN=2219b59dc2e9f34b255230e562a3cca61daeb155
Certificate serial: 018CC4932322118D14B97F863538ACF44756
Authority key identifier: 22:19:B5:9D:C2:E9:F3:4B:25:52:30:E5:62:A3:CC:A6:1D:AE:B1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ihm1ncLp80slUjDlYqPMph2usVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/4EtvpWp3t3yuG9UpobViZqd9YvI.roa
Signing time: Mon 01 Jan 2024 10:30:26 +0000
ROA not before: Mon 01 Jan 2024 10:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44030
IP address blocks: 176.99.64.0/19 maxlen: 19
195.2.232.0/23 maxlen: 23
2001:67c:2084::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/Ihm1ncLp80slUjDlYqPMph2usVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/Ihm1ncLp80slUjDlYqPMph2usVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ihm1ncLp80slUjDlYqPMph2usVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:23:22:11:8d:14:b9:7f:86:35:38:ac:f4:47:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2219b59dc2e9f34b255230e562a3cca61daeb155
Validity
Not Before: Jan 1 10:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e04b6fa56a77b77cae1bd529a1b56266a77d62f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:60:80:69:46:a2:97:94:65:a8:5d:a4:b7:38:
11:8c:0d:f1:ce:f6:13:ec:37:ae:5f:ae:4a:f9:ec:
f7:08:53:6b:a1:3b:ef:54:88:e7:fa:f5:be:e7:7b:
fe:05:30:d3:bb:d9:9c:47:d4:f5:52:4e:8d:60:37:
ce:d7:79:26:f5:d2:f0:05:0f:00:c6:e4:f7:7b:48:
d5:56:7a:21:2e:9c:55:90:4c:22:73:35:a0:db:50:
2d:ee:37:5d:93:62:e7:e1:07:2d:a7:72:4a:e9:be:
58:49:1f:cb:0e:70:49:6b:af:d8:79:eb:bf:93:43:
81:0e:f1:58:af:33:6d:e3:01:f7:df:4a:7c:ca:1d:
3f:a7:47:a0:c8:25:f5:8f:44:68:ed:86:e2:3e:d9:
39:7c:db:14:13:7b:67:e0:8f:2f:f6:b3:67:90:29:
7c:54:d6:a0:1c:3a:b4:c8:ed:38:c5:2e:61:8a:58:
2f:d7:44:fb:71:52:6b:b5:08:7c:cc:bb:13:1a:8b:
21:2a:c1:b1:19:96:77:2a:f4:b8:f5:a5:de:28:ef:
0b:b1:79:d8:5b:fc:81:d3:bb:b8:ee:f0:5a:28:59:
1c:e2:ee:94:65:f5:87:2b:73:46:de:b3:00:11:b6:
7f:8e:7d:30:e5:a1:ed:b4:b9:31:df:82:a2:25:52:
d7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4B:6F:A5:6A:77:B7:7C:AE:1B:D5:29:A1:B5:62:66:A7:7D:62:F2
X509v3 Authority Key Identifier:
keyid:22:19:B5:9D:C2:E9:F3:4B:25:52:30:E5:62:A3:CC:A6:1D:AE:B1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ihm1ncLp80slUjDlYqPMph2usVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/4EtvpWp3t3yuG9UpobViZqd9YvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/Ihm1ncLp80slUjDlYqPMph2usVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.99.64.0/19
195.2.232.0/23
IPv6:
2001:67c:2084::/48
Signature Algorithm: sha256WithRSAEncryption
46:a5:bc:61:7e:d9:3b:39:bf:ab:b9:7b:10:a0:f2:64:f3:ba:
7b:9e:56:de:a7:31:e8:08:50:0c:df:07:fa:ee:05:a2:45:28:
2c:91:04:1e:85:98:c6:e7:9b:c1:57:53:45:2d:e7:aa:ce:dd:
4a:1c:e0:aa:ae:0e:51:d3:00:a2:08:59:a3:25:54:54:08:a4:
52:39:3e:05:9a:86:3e:0d:ad:4c:e3:bb:ad:01:35:d0:13:1c:
c1:ab:da:4b:71:6b:dc:80:b9:34:fb:9b:f5:f8:79:45:82:c8:
fa:05:94:0c:1a:dc:68:02:6b:60:bb:f0:13:a3:7a:12:e6:0b:
f7:3a:09:bc:20:df:56:8b:51:ec:bd:40:2b:96:2e:54:d8:35:
bc:4d:ce:f1:e5:3c:0e:40:d6:4f:38:6b:73:b7:90:7e:4a:05:
b5:8b:fd:6e:a8:a7:d3:51:53:98:dc:19:7b:16:a9:5c:99:2a:
86:be:19:f4:74:1c:4e:e9:e1:ba:25:bb:55:a3:23:15:3f:fb:
f0:e9:f2:40:48:5b:4f:20:cd:e9:96:8c:cb:35:0f:c0:5a:07:
78:ac:ea:f1:40:d9:e2:55:89:12:57:9f:30:fd:39:74:34:43:
03:d0:b6:ab:b7:6c:14:28:0b:c0:a9:4b:67:7c:09:bb:d8:30:
33:1c:c2:9a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEkyMiEY0UuX+GNTis9EdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTliNTlkYzJlOWYzNGIyNTUyMzBlNTYyYTNjY2E2MWRh
ZWIxNTUwHhcNMjQwMTAxMTAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRiNmZhNTZhNzdiNzdjYWUxYmQ1MjlhMWI1NjI2NmE3N2Q2MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWCAaUail5RlqF2ktzgRjA3xzvYT
7DeuX65K+ez3CFNroTvvVIjn+vW+53v+BTDTu9mcR9T1Uk6NYDfO13km9dLwBQ8A
xuT3e0jVVnohLpxVkEwiczWg21At7jddk2Ln4Qctp3JK6b5YSR/LDnBJa6/Yeeu/
k0OBDvFYrzNt4wH330p8yh0/p0egyCX1j0Ro7YbiPtk5fNsUE3tn4I8v9rNnkCl8
VNagHDq0yO04xS5hilgv10T7cVJrtQh8zLsTGoshKsGxGZZ3KvS49aXeKO8LsXnY
W/yB07u47vBaKFkc4u6UZfWHK3NG3rMAEbZ/jn0w5aHttLkx34KiJVLX6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOBLb6Vqd7d8rhvVKaG1YmanfWLyMB8GA1UdIwQY
MBaAFCIZtZ3C6fNLJVIw5WKjzKYdrrFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhtMW5jTHA4MHNsVWpEbFlxUE1waDJ1c1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8zYmIzYTgtMWMzZS00MTU0LTkwYTkt
MDA2ZGUwZmE1MzQyLzEvNEV0dnBXcDN0M3l1RzlVcG9iVmlacWQ5WXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8zYmIzYTgtMWMzZS00MTU0LTkwYTktMDA2ZGUwZmE1MzQy
LzEvSWhtMW5jTHA4MHNsVWpEbFlxUE1waDJ1c1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQFsGNAAwQB
wwLoMA8EAgACMAkDBwAgAQZ8IIQwDQYJKoZIhvcNAQELBQADggEBAEalvGF+2Ts5
v6u5exCg8mTzunueVt6nMegIUAzfB/ruBaJFKCyRBB6FmMbnm8FXU0Ut56rO3Uoc
4KquDlHTAKIIWaMlVFQIpFI5PgWahj4NrUzju60BNdATHMGr2ktxa9yAuTT7m/X4
eUWCyPoFlAwa3GgCa2C78BOjehLmC/c6Cbwg31aLUey9QCuWLlTYNbxNzvHlPA5A
1k84a3O3kH5KBbWL/W6op9NRU5jcGXsWqVyZKoa+GfR0HE7p4bolu1WjIxU/+/Dp
8kBIW08gzemWjMs1D8BaB3is6vFA2eJViRJXnzD9OXQ0QwPQtqu3bBQoC8CpS2d8
CbvYMDMcwpo=
-----END CERTIFICATE-----
Generated at Sun May 19 06:41:13 2024 by rpki-client on console-ams.rpki-client.org