Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/e_4FKuujqvGNTZn2mBQxBFOmLyk.roa
File: e_4FKuujqvGNTZn2mBQxBFOmLyk.roa (raw, json)
Hash identifier: FgAOXRknJbgkcYa9a6nj3I5/0JFmN9UXM4jEXCnXIis=
Subject key identifier: 7B:FE:05:2A:EB:A3:AA:F1:8D:4D:99:F6:98:14:31:04:53:A6:2F:29
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 0192E239424BD6C6A478E9ECAB72B3C4E4FC
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/e_4FKuujqvGNTZn2mBQxBFOmLyk.roa
Signing time: Thu 31 Oct 2024 10:57:36 +0000
ROA not before: Thu 31 Oct 2024 10:57:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139646
IP address blocks: 109.248.16.0/21 maxlen: 24
109.248.24.0/22 maxlen: 24
109.248.28.0/22 maxlen: 24
188.130.228.0/22 maxlen: 24
188.130.228.0/23 maxlen: 24
188.130.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:39:42:4b:d6:c6:a4:78:e9:ec:ab:72:b3:c4:e4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Oct 31 10:57:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bfe052aeba3aaf18d4d99f69814310453a62f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:39:b1:8a:ce:b6:f6:20:9c:a8:ff:97:e5:4e:
42:0b:a3:9e:9f:23:53:4c:7a:04:73:00:03:f7:d5:
b6:25:f1:b1:22:70:3e:ef:3c:8b:81:3e:8f:05:81:
5e:d3:e3:ab:2a:37:06:9c:51:5a:9f:9a:fb:24:2f:
ae:79:eb:52:37:f1:3b:b8:63:b5:c8:aa:1f:e1:b3:
72:11:52:4e:87:d3:be:69:63:69:ca:3e:d9:fa:f0:
39:0a:3c:cc:63:71:9e:78:2a:6c:8d:cd:aa:03:58:
c9:41:0c:2a:f1:d4:5d:5d:a5:37:1e:32:1b:f4:ed:
87:ef:ba:14:32:0a:06:c0:30:63:28:53:54:ca:7d:
35:56:74:70:11:d7:6e:ff:07:03:eb:9f:de:2c:96:
2c:e9:b7:c6:e8:58:f6:4d:af:8f:5b:01:c5:cd:8d:
62:7a:82:5f:82:87:57:2a:77:16:34:19:02:0b:35:
ec:3b:46:d4:46:64:01:09:a3:b0:3d:d9:06:cc:3f:
b5:ec:bd:47:13:a9:06:8e:f8:10:a7:4c:d1:f5:39:
94:e6:53:f2:cd:1c:77:54:f3:13:fb:a1:2b:a4:48:
ba:e6:e3:e4:c1:81:9a:e6:5f:be:5a:5a:9c:5a:d7:
51:9f:8a:f1:d5:66:46:a9:46:ea:2d:35:43:7a:92:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FE:05:2A:EB:A3:AA:F1:8D:4D:99:F6:98:14:31:04:53:A6:2F:29
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/e_4FKuujqvGNTZn2mBQxBFOmLyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.16.0/20
188.130.228.0/22
Signature Algorithm: sha256WithRSAEncryption
73:13:47:8e:83:b5:6e:51:ee:46:98:e3:10:13:51:b5:5f:1c:
1f:09:bf:bf:f6:d1:68:dd:1d:41:58:38:3c:8c:0a:6b:5d:6d:
96:ad:de:3b:ea:1a:f7:85:d2:5a:76:fa:32:72:e4:88:e9:a7:
89:ae:f7:a5:0c:c9:15:21:99:db:18:54:5a:09:b9:d7:a2:44:
36:87:cc:f7:dc:68:50:d9:50:1c:41:69:74:b0:e5:33:6e:c2:
68:62:0d:2c:50:37:b8:7b:d3:5c:6a:95:93:14:d4:d4:ad:40:
1a:82:d8:c3:2a:75:1b:a3:28:f1:cf:80:68:9b:c5:1d:5a:fe:
a8:4b:9d:fd:82:22:66:6d:c0:c8:b4:57:3d:c3:ef:8a:a0:c7:
4a:e9:36:85:fb:09:9b:08:16:bf:e3:02:b4:4c:d6:2e:85:87:
d7:df:45:ac:54:d2:54:6e:a4:75:8f:ab:71:00:d3:dd:4c:07:
82:aa:0c:80:86:4b:4a:e2:0c:b7:b1:3f:47:a0:09:d0:ba:24:
f1:37:2b:be:20:d6:f6:e8:34:9e:46:97:90:b9:2a:c0:64:a3:
b3:7d:ce:17:27:a5:d6:83:86:f6:ae:34:e6:08:4b:cd:b7:de:
6d:08:fa:d6:3f:3e:23:bf:6d:25:7f:24:a4:43:67:2d:c5:89:
22:6a:18:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLiOUJL1sakeOnsq3KzxOT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjQxMDMxMTA1NzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmZlMDUyYWViYTNhYWYxOGQ0ZDk5ZjY5ODE0MzEwNDUzYTYyZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzmxis629iCcqP+X5U5CC6OenyNT
THoEcwAD99W2JfGxInA+7zyLgT6PBYFe0+OrKjcGnFFan5r7JC+ueetSN/E7uGO1
yKof4bNyEVJOh9O+aWNpyj7Z+vA5CjzMY3GeeCpsjc2qA1jJQQwq8dRdXaU3HjIb
9O2H77oUMgoGwDBjKFNUyn01VnRwEddu/wcD65/eLJYs6bfG6Fj2Ta+PWwHFzY1i
eoJfgodXKncWNBkCCzXsO0bURmQBCaOwPdkGzD+17L1HE6kGjvgQp0zR9TmU5lPy
zRx3VPMT+6ErpEi65uPkwYGa5l++WlqcWtdRn4rx1WZGqUbqLTVDepJdUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHv+BSrro6rxjU2Z9pgUMQRTpi8pMB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvZV80Rkt1dWpxdkdOVFpuMm1CUXhCRk9tTHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbfgQAwQC
vILkMA0GCSqGSIb3DQEBCwUAA4IBAQBzE0eOg7VuUe5GmOMQE1G1XxwfCb+/9tFo
3R1BWDg8jAprXW2Wrd476hr3hdJadvoycuSI6aeJrvelDMkVIZnbGFRaCbnXokQ2
h8z33GhQ2VAcQWl0sOUzbsJoYg0sUDe4e9NcapWTFNTUrUAagtjDKnUboyjxz4Bo
m8UdWv6oS539giJmbcDItFc9w++KoMdK6TaF+wmbCBa/4wK0TNYuhYfX30WsVNJU
bqR1j6txANPdTAeCqgyAhktK4gy3sT9HoAnQuiTxNyu+INb26DSeRpeQuSrAZKOz
fc4XJ6XWg4b2rjTmCEvNt95tCPrWPz4jv20lfySkQ2ctxYkiahg6
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:29 2024 by rpki-client on console-ams.rpki-client.org