Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/A4Ihi_3QDYsSS-rrEGwDkAzVPuM.roa
File: A4Ihi_3QDYsSS-rrEGwDkAzVPuM.roa (raw, json)
Hash identifier: yfjFFIfSn24mcZgRZ4oh4OfJGDrsQekqXA1iQ2k7Ybw=
Subject key identifier: 03:82:21:8B:FD:D0:0D:8B:12:4B:EA:EB:10:6C:03:90:0C:D5:3E:E3
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 018CC8011D9138C8B4DF84C81DEAA4533DB4
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/A4Ihi_3QDYsSS-rrEGwDkAzVPuM.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44684
IP address blocks: 176.126.240.0/21 maxlen: 24
185.101.96.0/24 maxlen: 24
195.10.223.0/24 maxlen: 24
45.139.80.0/22 maxlen: 22
45.139.80.0/24 maxlen: 24
93.93.128.0/21 maxlen: 24
185.47.60.0/22 maxlen: 22
46.235.224.0/21 maxlen: 24
2a04:ad80::/47 maxlen: 48
2a00:1098::/32 maxlen: 48
2a06:1c80::/29 maxlen: 29
2a04:ad80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1d:91:38:c8:b4:df:84:c8:1d:ea:a4:53:3d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0382218bfdd00d8b124beaeb106c03900cd53ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2b:5f:4f:43:74:3e:98:9a:fd:5a:f9:9d:7a:
05:d7:14:1d:f8:29:7a:b8:78:a5:04:2d:d1:c9:50:
ae:8d:2c:86:ca:fb:b8:63:33:e1:8d:53:04:d6:02:
cb:64:6e:7f:e3:b0:90:9d:3d:ac:01:d2:ec:05:7c:
e6:26:c1:2a:39:3b:b5:7a:7f:da:a1:38:32:da:b9:
45:db:29:14:f4:f3:38:da:43:b3:68:d0:b6:5a:52:
5e:e5:dd:6a:32:bd:0e:8a:63:82:c4:ee:f9:aa:05:
7f:c7:34:09:e6:df:cb:58:aa:e4:61:6b:4f:0b:da:
ee:2c:17:29:6a:df:70:71:27:07:12:fd:f8:15:1f:
d9:95:69:a6:ea:f6:0b:bb:08:ac:69:c6:1d:b7:39:
54:b7:5a:88:a6:eb:4e:97:54:71:6a:e3:75:5b:6d:
d5:ec:44:23:61:f7:0f:a8:ce:de:01:65:13:b1:3a:
d6:b5:e3:be:2c:d1:8f:54:3c:7c:29:b1:5a:98:a0:
0d:82:1c:c2:66:8a:f7:4a:ef:b7:ff:23:d6:a1:b5:
69:82:0d:33:2b:54:47:5b:61:51:c4:8c:e3:81:53:
09:2f:e1:c2:f3:68:88:a7:4d:f3:a4:09:bf:6f:4f:
57:dc:db:9e:77:e4:a8:f5:2d:a2:2a:a9:a1:18:9b:
4e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:82:21:8B:FD:D0:0D:8B:12:4B:EA:EB:10:6C:03:90:0C:D5:3E:E3
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/A4Ihi_3QDYsSS-rrEGwDkAzVPuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.80.0/22
46.235.224.0/21
93.93.128.0/21
176.126.240.0/21
185.47.60.0/22
185.101.96.0/24
195.10.223.0/24
IPv6:
2a00:1098::/32
2a04:ad80::/29
2a06:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
53:67:9c:16:67:42:f3:f7:1f:29:a2:aa:0c:a4:43:c2:26:99:
b6:ab:7b:f4:64:ab:ea:8e:7f:ec:8c:27:5a:51:76:ed:42:c5:
aa:53:65:86:9d:71:b4:ad:e9:94:54:70:95:a0:5b:3b:2d:1b:
de:1f:bc:ff:14:77:db:ff:19:92:79:5f:02:7c:45:8d:2c:e4:
11:1d:8b:63:c4:df:54:d6:5a:ec:54:f6:e7:1d:ed:04:4d:7b:
73:25:94:1c:08:df:10:94:f9:2f:19:89:22:7b:ee:bb:c8:7c:
f6:c9:50:ec:ea:e5:76:1f:dc:24:53:f7:e2:ef:a5:ee:ca:64:
23:d8:74:7f:38:5e:6b:73:b9:95:c5:84:d4:73:97:e1:4d:9c:
43:9f:ae:60:4e:53:2a:b2:3a:a3:f9:37:49:71:8f:50:dc:b1:
db:42:5d:e0:28:0f:92:13:8f:ef:97:c2:80:b8:04:90:53:99:
d5:6d:2e:aa:35:0a:12:97:c2:99:aa:b3:06:6a:2a:10:42:8e:
e7:7c:14:07:5f:9d:e0:43:bf:d1:78:30:a7:d6:5e:07:71:5c:
de:05:ca:aa:8b:09:67:23:49:b2:a5:7b:c6:08:77:0b:84:a4:
22:85:1e:b3:9f:cb:0f:e4:d1:90:31:81:9f:90:0d:6c:6e:be:
1d:83:43:3b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYzIAR2ROMi034TIHeqkUz20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWZjOGM4Mjk4NjMxMGM1ZjZhOWI1NmZiNzZiNmJkOTg3
N2ZjYzAwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzgyMjE4YmZkZDAwZDhiMTI0YmVhZWIxMDZjMDM5MDBjZDUzZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhStfT0N0Ppia/Vr5nXoF1xQd+Cl6
uHilBC3RyVCujSyGyvu4YzPhjVME1gLLZG5/47CQnT2sAdLsBXzmJsEqOTu1en/a
oTgy2rlF2ykU9PM42kOzaNC2WlJe5d1qMr0OimOCxO75qgV/xzQJ5t/LWKrkYWtP
C9ruLBcpat9wcScHEv34FR/ZlWmm6vYLuwisacYdtzlUt1qIputOl1RxauN1W23V
7EQjYfcPqM7eAWUTsTrWteO+LNGPVDx8KbFamKANghzCZor3Su+3/yPWobVpgg0z
K1RHW2FRxIzjgVMJL+HC82iIp03zpAm/b09X3Nued+So9S2iKqmhGJtO8QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFAOCIYv90A2LEkvq6xBsA5AM1T7jMB8GA1UdIwQY
MBaAFPgfyMgphjEMX2qbVvt2tr2Yd/zAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CX0l5Q21HTVF4ZmFwdFctM2EydlpoM19NQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFk
LTUxM2NhOGU2Y2VjZS8xL0E0SWhpXzNRRFlzU1MtcnJFR3dEa0F6VlB1TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFkLTUxM2NhOGU2Y2Vj
ZS8xLzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYAYIKwYBBQUHAQcBAf8EUTBPMDAEAgABMCoDBAIti1AD
BAMu6+ADBANdXYADBAOwfvADBAK5LzwDBAC5ZWADBADDCt8wGwQCAAIwFQMFACoA
EJgDBQMqBK2AAwUDKgYcgDANBgkqhkiG9w0BAQsFAAOCAQEAU2ecFmdC8/cfKaKq
DKRDwiaZtqt79GSr6o5/7IwnWlF27ULFqlNlhp1xtK3plFRwlaBbOy0b3h+8/xR3
2/8ZknlfAnxFjSzkER2LY8TfVNZa7FT25x3tBE17cyWUHAjfEJT5LxmJInvuu8h8
9slQ7Orldh/cJFP34u+l7spkI9h0fzhea3O5lcWE1HOX4U2cQ5+uYE5TKrI6o/k3
SXGPUNyx20Jd4CgPkhOP75fCgLgEkFOZ1W0uqjUKEpfCmaqzBmoqEEKO53wUB1+d
4EO/0Xgwp9ZeB3Fc3gXKqosJZyNJsqV7xgh3C4SkIoUes5/LD+TRkDGBn5ANbG6+
HYNDOw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:13 2024 by rpki-client on console-ams.rpki-client.org