Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/4C2DJqzkmogUMCB3rs00AnsVahQ.roa
File: 4C2DJqzkmogUMCB3rs00AnsVahQ.roa (raw, json)
Hash identifier: lxzJjQWpUiCF1j7IfR1qyjjFwINVQYCcKBlIUHjCSRY=
Subject key identifier: E0:2D:83:26:AC:E4:9A:88:14:30:20:77:AE:CD:34:02:7B:15:6A:14
Certificate issuer: /CN=bffd0f0ad9c784096c5a0fb9e8cf5c2f0440413b
Certificate serial: 018CFE32556BB80B8890B231E420BEA2C2D0
Authority key identifier: BF:FD:0F:0A:D9:C7:84:09:6C:5A:0F:B9:E8:CF:5C:2F:04:40:41:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/4C2DJqzkmogUMCB3rs00AnsVahQ.roa
Signing time: Fri 12 Jan 2024 15:02:40 +0000
ROA not before: Fri 12 Jan 2024 15:02:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44692
IP address blocks: 85.202.96.0/20 maxlen: 20
109.125.192.0/19 maxlen: 19
109.125.218.0/23 maxlen: 23
109.125.220.0/22 maxlen: 22
109.125.224.0/23 maxlen: 23
78.31.144.0/23 maxlen: 23
109.125.226.0/23 maxlen: 23
78.31.146.0/23 maxlen: 23
109.125.228.0/23 maxlen: 23
78.31.148.0/23 maxlen: 23
109.125.230.0/23 maxlen: 23
78.31.150.0/23 maxlen: 23
109.125.232.0/22 maxlen: 22
109.125.236.0/22 maxlen: 22
109.125.240.0/22 maxlen: 22
109.125.244.0/22 maxlen: 22
109.125.248.0/22 maxlen: 22
109.125.255.0/24 maxlen: 24
109.125.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/v_0PCtnHhAlsWg-56M9cLwRAQTs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/v_0PCtnHhAlsWg-56M9cLwRAQTs.mft
rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:32:55:6b:b8:0b:88:90:b2:31:e4:20:be:a2:c2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bffd0f0ad9c784096c5a0fb9e8cf5c2f0440413b
Validity
Not Before: Jan 12 15:02:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e02d8326ace49a8814302077aecd34027b156a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:44:63:74:19:3c:8a:bb:fd:bb:41:91:3a:45:
25:de:75:4b:21:35:ff:07:fc:5d:4e:cd:d6:b4:e7:
33:4b:82:a2:2a:01:17:40:7b:4f:41:d5:21:e7:0b:
17:4e:b8:4e:5c:b3:7e:e5:6e:db:b8:66:52:5d:a8:
f0:02:cc:ae:23:4d:fd:32:4f:de:51:21:91:dc:d7:
95:5b:83:f5:9c:dc:b4:92:0c:e9:05:c0:ea:69:dc:
fe:97:8f:cf:0e:96:7d:02:b9:18:c3:ff:f4:b5:2a:
f6:b2:e7:31:38:d1:25:87:f2:87:70:20:08:4e:cf:
f4:8c:72:9c:96:bd:5f:65:b7:32:f6:21:cd:3d:5f:
35:c2:fd:b9:7e:16:c6:cd:3d:3e:d1:10:e3:bd:13:
41:50:62:70:d9:c1:8a:17:a1:c3:6c:fb:c3:70:7d:
b5:fd:5f:7e:45:ab:49:1d:21:f0:d9:8a:5b:37:31:
72:83:22:55:f4:51:ec:34:9c:33:f4:53:15:94:68:
2c:2b:c4:74:2a:ba:a2:3c:16:51:6d:42:25:c2:49:
b7:b6:80:96:de:8d:da:d5:1e:a7:d8:db:27:2e:56:
26:4f:98:08:4a:fb:fe:5c:a6:3e:eb:a0:96:ad:dc:
3c:6d:5a:ee:01:b9:1a:62:d4:ea:4d:fc:b5:a9:b5:
e7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2D:83:26:AC:E4:9A:88:14:30:20:77:AE:CD:34:02:7B:15:6A:14
X509v3 Authority Key Identifier:
keyid:BF:FD:0F:0A:D9:C7:84:09:6C:5A:0F:B9:E8:CF:5C:2F:04:40:41:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/4C2DJqzkmogUMCB3rs00AnsVahQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/v_0PCtnHhAlsWg-56M9cLwRAQTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.144.0/21
85.202.96.0/20
109.125.192.0-109.125.251.255
109.125.254.0/23
Signature Algorithm: sha256WithRSAEncryption
23:bb:6c:4b:ec:32:80:b5:3d:49:f4:ce:94:ba:fc:ba:ee:26:
ca:ea:79:77:7b:df:c1:54:85:e4:c0:7c:6f:1c:08:25:47:9b:
ea:36:ae:7e:9d:a6:5e:91:b5:31:10:3f:f3:18:55:e5:b6:6b:
a2:b2:37:66:57:a6:66:ed:63:c2:0a:fa:fd:fa:7f:07:3e:4d:
a8:44:49:23:94:a9:f7:e0:ec:1f:e4:16:13:a3:c2:ce:b2:c0:
43:4a:14:f4:cf:38:6e:e0:14:d8:9c:e2:32:dd:e1:fd:50:87:
18:0c:39:b5:b5:d1:05:c9:3a:19:38:96:20:7c:66:ef:c4:03:
cb:65:09:e9:c2:c9:e3:bd:11:9b:b0:9b:20:9d:37:78:c1:fb:
54:3c:b3:0e:67:54:47:55:b7:75:8a:7a:40:b8:b1:39:b5:6d:
27:32:94:85:f3:bd:f4:e6:54:7a:3b:a3:1d:25:79:f6:81:3d:
ae:02:e5:02:a2:a1:a7:73:27:e4:0f:e7:61:b1:ce:93:cb:d3:
b2:e7:7c:a3:a3:84:f0:19:85:2e:e9:d7:9f:9d:fb:41:f4:5a:
6e:48:a7:69:7b:95:b7:0f:28:27:43:2c:3c:5b:21:ec:cd:96:
b8:ad:b1:5c:cb:f9:49:5f:c2:04:50:f5:c0:67:1f:ef:0d:85:
3e:5e:59:44
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYz+MlVruAuIkLIx5CC+osLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZmQwZjBhZDljNzg0MDk2YzVhMGZiOWU4Y2Y1YzJmMDQ0
MDQxM2IwHhcNMjQwMTEyMTUwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJkODMyNmFjZTQ5YTg4MTQzMDIwNzdhZWNkMzQwMjdiMTU2YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0RjdBk8irv9u0GROkUl3nVLITX/
B/xdTs3WtOczS4KiKgEXQHtPQdUh5wsXTrhOXLN+5W7buGZSXajwAsyuI039Mk/e
USGR3NeVW4P1nNy0kgzpBcDqadz+l4/PDpZ9ArkYw//0tSr2sucxONElh/KHcCAI
Ts/0jHKclr1fZbcy9iHNPV81wv25fhbGzT0+0RDjvRNBUGJw2cGKF6HDbPvDcH21
/V9+RatJHSHw2YpbNzFygyJV9FHsNJwz9FMVlGgsK8R0KrqiPBZRbUIlwkm3toCW
3o3a1R6n2NsnLlYmT5gISvv+XKY+66CWrdw8bVruAbkaYtTqTfy1qbXnUwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOAtgyas5JqIFDAgd67NNAJ7FWoUMB8GA1UdIwQY
MBaAFL/9DwrZx4QJbFoPuejPXC8EQEE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl8wUEN0bkhoQWxzV2ctNTZNOWNMd1JBUVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYWVhNTktOTE5ZC00MTM1LTliZGUt
NmRjZjBjOTNjYmRiLzEvNEMyREpxemttb2dVTUNCM3JzMDBBbnNWYWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYWVhNTktOTE5ZC00MTM1LTliZGUtNmRjZjBjOTNjYmRi
LzEvdl8wUEN0bkhoQWxzV2ctNTZNOWNMd1JBUVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDTh+QAwQE
VcpgMAwDBAZtfcADBAJtffgDBAFtff4wDQYJKoZIhvcNAQELBQADggEBACO7bEvs
MoC1PUn0zpS6/LruJsrqeXd738FUheTAfG8cCCVHm+o2rn6dpl6RtTEQP/MYVeW2
a6KyN2ZXpmbtY8IK+v36fwc+TahESSOUqffg7B/kFhOjws6ywENKFPTPOG7gFNic
4jLd4f1QhxgMObW10QXJOhk4liB8Zu/EA8tlCenCyeO9EZuwmyCdN3jB+1Q8sw5n
VEdVt3WKekC4sTm1bScylIXzvfTmVHo7ox0lefaBPa4C5QKioadzJ+QP52GxzpPL
07LnfKOjhPAZhS7p15+d+0H0Wm5Ip2l7lbcPKCdDLDxbIezNlritsVzL+UlfwgRQ
9cBnH+8NhT5eWUQ=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:05:38 2024 by rpki-client on console-fra.rpki-client.org