Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/4ivpBlzDaXdB0WUyAitckQO6x78.roa
File: 4ivpBlzDaXdB0WUyAitckQO6x78.roa (raw, json)
Hash identifier: 11/OX3G71vhdCWYNVoa3ohu1kgZeT6k5y5PH6GTm0/E=
Subject key identifier: E2:2B:E9:06:5C:C3:69:77:41:D1:65:32:02:2B:5C:91:03:BA:C7:BF
Certificate issuer: /CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Certificate serial: 018CC3B68DD1C3EB56AFBCDEF0E32F0463AE
Authority key identifier: 67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/4ivpBlzDaXdB0WUyAitckQO6x78.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 87.238.140.0/24 maxlen: 24
87.238.140.0/22 maxlen: 24
2a06:56c1::/32 maxlen: 48
2a06:56c1::/40 maxlen: 48
2a06:56c2::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8d:d1:c3:eb:56:af:bc:de:f0:e3:2f:04:63:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e22be9065cc3697741d16532022b5c9103bac7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e2:b6:c9:d2:83:90:88:0f:56:f9:4e:59:6c:
c7:89:64:48:3c:42:97:6b:90:23:02:e5:c0:41:3b:
5a:08:91:d3:6e:4b:2c:29:b0:4c:19:89:36:7b:b0:
b9:ab:d7:97:e1:76:94:ae:94:54:28:52:62:66:6e:
3e:48:34:68:6f:81:51:da:05:af:e7:4d:0b:83:f1:
28:32:fd:8f:dd:dd:cd:2d:29:2e:ef:44:9f:89:5c:
37:98:9a:05:61:68:a2:9b:00:1b:03:6d:d7:0e:81:
8c:1f:ee:6d:ff:83:16:d0:db:14:7c:37:ec:a9:3c:
2e:ac:72:de:2b:8b:24:0c:e7:40:dd:19:3f:db:c4:
1a:51:d7:4f:cb:17:0e:b8:ff:0a:b0:d0:2c:84:6a:
2e:32:11:21:a2:0f:a8:c9:3c:43:d1:fa:4f:9a:3e:
cb:de:41:61:71:07:03:91:7d:1c:e2:eb:73:8b:1f:
cf:b3:49:34:3a:bd:4e:e4:92:71:dc:54:dd:88:f9:
ce:db:94:02:1f:cc:40:1a:33:af:10:76:2e:81:87:
ef:ba:9a:db:3d:37:74:97:2c:de:90:d2:fb:be:50:
4f:3c:76:bd:f5:ed:1b:13:83:95:e8:69:43:90:14:
2f:c3:9d:02:ea:aa:5c:c4:2f:ef:26:75:7b:bf:f3:
61:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2B:E9:06:5C:C3:69:77:41:D1:65:32:02:2B:5C:91:03:BA:C7:BF
X509v3 Authority Key Identifier:
keyid:67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/4ivpBlzDaXdB0WUyAitckQO6x78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.140.0/22
IPv6:
2a06:56c1::-2a06:56c2:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:e8:f3:62:19:55:8f:c9:81:6a:9b:b9:01:b9:3e:62:d0:3f:
63:79:f1:3c:43:96:b9:c7:46:47:34:94:9e:44:ec:91:96:c5:
93:bf:2d:51:55:5f:bd:1a:28:01:65:c6:57:85:a5:2f:a1:a3:
32:cc:68:61:94:20:90:9d:32:e8:30:a9:ae:d2:74:26:91:d0:
3a:2d:cd:37:3a:d6:aa:7b:d6:d2:b2:d3:a0:d4:5c:3a:5f:60:
ae:5e:42:84:f8:de:7e:d4:70:4d:2f:59:98:b2:b1:59:14:b1:
62:8a:3d:5d:95:4d:e0:db:e3:5f:a6:19:ed:a2:2e:a0:11:e1:
d4:bb:7b:61:12:ed:da:ae:99:87:1f:63:47:f4:79:3b:59:0f:
c3:68:17:85:3a:5b:91:03:2e:cf:2d:9b:49:e2:68:5b:fe:74:
00:4e:6a:ed:71:76:ca:f4:05:f3:fc:16:72:09:0b:fc:c6:8d:
10:51:73:d9:66:65:fd:f8:b4:34:c3:4f:97:1d:fd:8f:d8:b4:
45:52:a4:40:82:6b:ee:d8:aa:71:6f:8a:76:85:72:99:18:38:
ba:fa:6d:e2:5a:df:b1:3d:3b:78:1d:b9:61:97:b9:7f:ca:c0:
5d:63:19:d3:e8:2a:c0:06:b2:3a:db:37:3d:d7:75:77:69:3d:
91:2c:be:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzDto3Rw+tWr7ze8OMvBGOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MmYwZTQyYjA4YWE0NTFmYzU4M2EzNThlYzM3MGZmYmQy
ZGFjNjgwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjJiZTkwNjVjYzM2OTc3NDFkMTY1MzIwMjJiNWM5MTAzYmFjN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeK2ydKDkIgPVvlOWWzHiWRIPEKX
a5AjAuXAQTtaCJHTbkssKbBMGYk2e7C5q9eX4XaUrpRUKFJiZm4+SDRob4FR2gWv
500Lg/EoMv2P3d3NLSku70SfiVw3mJoFYWiimwAbA23XDoGMH+5t/4MW0NsUfDfs
qTwurHLeK4skDOdA3Rk/28QaUddPyxcOuP8KsNAshGouMhEhog+oyTxD0fpPmj7L
3kFhcQcDkX0c4utzix/Ps0k0Or1O5JJx3FTdiPnO25QCH8xAGjOvEHYugYfvuprb
PTd0lyzekNL7vlBPPHa99e0bE4OV6GlDkBQvw50C6qpcxC/vJnV7v/NhzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIr6QZcw2l3QdFlMgIrXJEDuse/MB8GA1UdIwQY
MBaAFGcvDkKwiqRR/Fg6NY7DcP+9LaxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTct
ZjBiOTYyZjUyNDE0LzEvNGl2cEJsekRhWGRCMFdVeUFpdGNrUU82eDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTctZjBiOTYyZjUyNDE0
LzEvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCV+6MMBcE
AgACMBEwDwMFACoGVsEDBgAqBlbCADANBgkqhkiG9w0BAQsFAAOCAQEAlOjzYhlV
j8mBapu5Abk+YtA/Y3nxPEOWucdGRzSUnkTskZbFk78tUVVfvRooAWXGV4WlL6Gj
MsxoYZQgkJ0y6DCprtJ0JpHQOi3NNzrWqnvW0rLToNRcOl9grl5ChPjeftRwTS9Z
mLKxWRSxYoo9XZVN4NvjX6YZ7aIuoBHh1Lt7YRLt2q6Zhx9jR/R5O1kPw2gXhTpb
kQMuzy2bSeJoW/50AE5q7XF2yvQF8/wWcgkL/MaNEFFz2WZl/fi0NMNPlx39j9i0
RVKkQIJr7tiqcW+KdoVymRg4uvpt4lrfsT07eB25YZe5f8rAXWMZ0+gqwAayOts3
Pdd1d2k9kSy+bQ==
-----END CERTIFICATE-----
Generated at Thu May 2 06:57:24 2024 by rpki-client on console-fra.rpki-client.org