Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/4s_WTS65wj3oUwEZeRkzHUHSDIw.roa
File: 4s_WTS65wj3oUwEZeRkzHUHSDIw.roa (raw, json)
Hash identifier: lnIlquBHZXAggFCV85ywnMpldcJWSf+ZEi9U7BSZTYE=
Subject key identifier: E2:CF:D6:4D:2E:B9:C2:3D:E8:53:01:19:79:19:33:1D:41:D2:0C:8C
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01929E3667BA69414A4A4CC65923447114FF
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/4s_WTS65wj3oUwEZeRkzHUHSDIw.roa
Signing time: Fri 18 Oct 2024 06:00:18 +0000
ROA not before: Fri 18 Oct 2024 06:00:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
5.183.77.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
45.95.185.0/24 maxlen: 24
45.95.187.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.132.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
185.215.224.0/24 maxlen: 24
185.215.227.0/24 maxlen: 24
2a0b:ae40:1::/48 maxlen: 48
2a0b:ae40:2::/48 maxlen: 48
2a0b:ae40:3::/48 maxlen: 48
2a0b:ae40:4::/48 maxlen: 48
2a0b:ae47:3::/48 maxlen: 48
2a0b:ae47:4::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0e:3840:2::/48 maxlen: 48
2a0e:3840:4::/48 maxlen: 48
2a0e:3840:242::/48 maxlen: 48
2a0e:3840:415::/48 maxlen: 48
2a0e:3840:801::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9981::/32 maxlen: 32
2a0f:9982::/32 maxlen: 32
2a0f:9983::/32 maxlen: 32
2a0f:9984::/32 maxlen: 32
2a0f:9985::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:36:67:ba:69:41:4a:4a:4c:c6:59:23:44:71:14:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Oct 18 06:00:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2cfd64d2eb9c23de85301197919331d41d20c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:a7:a4:29:30:36:5a:2e:82:78:1f:02:67:
c7:9e:57:7c:f2:1e:53:78:78:f6:9f:e3:58:43:c7:
ba:07:0b:a8:f0:0a:08:90:25:04:98:8d:7f:bb:e5:
06:ae:da:af:09:8c:ce:da:50:3f:c0:5d:f0:e1:94:
0d:62:be:2a:8b:09:ab:59:ea:9b:22:77:33:de:f7:
cf:ee:8b:3d:0d:9e:cd:da:8a:9c:17:23:62:c9:ea:
86:9c:fa:46:2c:55:24:b8:e6:45:0a:06:5f:51:31:
60:3e:c1:c7:56:eb:06:e1:3b:c0:6c:29:46:ee:83:
ea:bf:96:12:7b:5e:7d:c7:31:2e:ec:19:a8:ab:a1:
c4:d9:bd:10:e9:51:b2:30:a3:c0:53:10:a5:50:d7:
84:01:c9:e4:00:cf:ed:54:e7:75:ed:8b:ec:7a:ba:
30:03:65:d9:da:1b:00:8c:a8:83:6e:4d:80:91:89:
01:e8:64:1b:06:f2:88:f9:15:09:de:13:4b:a7:7a:
28:d5:05:87:20:17:07:0a:ac:c7:2a:c5:31:8b:6b:
18:44:1f:5b:2a:0f:69:89:46:e6:43:b9:85:2e:be:
54:2b:e4:98:1f:8f:cc:2b:56:c8:ad:33:b8:75:e4:
23:bc:93:86:e0:0b:fc:6a:07:66:b7:7a:29:ad:a2:
8b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CF:D6:4D:2E:B9:C2:3D:E8:53:01:19:79:19:33:1D:41:D2:0C:8C
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/4s_WTS65wj3oUwEZeRkzHUHSDIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/23
45.14.113.0/24
45.95.185.0/24
45.95.187.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.135.0/24
176.111.217.0/24
185.215.224.0/24
185.215.227.0/24
IPv6:
2a0b:ae40:1::-2a0b:ae40:4:ffff:ffff:ffff:ffff:ffff
2a0b:ae47:3::-2a0b:ae47:4:ffff:ffff:ffff:ffff:ffff
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0e:3840:2::/48
2a0e:3840:4::/48
2a0e:3840:242::/48
2a0e:3840:415::/48
2a0e:3840:801::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
2a0f:9981::-2a0f:9985:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:12:62:c7:2e:11:a9:79:28:a2:6d:3a:ce:6a:ab:c8:b9:5a:
3d:7a:d8:14:9f:8d:e8:e9:3f:4d:e6:ff:9b:ad:0c:42:94:a1:
40:c0:87:b3:63:bf:1b:46:89:f8:48:10:b7:d7:5a:ee:86:8d:
dd:33:de:d8:8e:2e:0d:ca:f6:c2:13:ec:4a:00:17:11:41:63:
59:ab:71:87:5c:b7:1d:20:9a:a1:3e:dd:f8:08:2c:1d:0c:ce:
39:78:32:0b:93:64:c3:64:b6:d9:84:a0:e0:50:fe:f2:e5:d9:
04:65:da:d7:34:ef:a6:59:8c:fd:3c:6e:12:73:f2:4c:d6:1e:
68:33:75:56:3d:9f:ae:4d:ae:e5:1d:b2:64:18:30:24:c6:51:
22:1a:75:d8:4e:e0:d6:98:af:39:c5:5d:a9:1f:f4:35:b1:fb:
b5:b9:dc:02:e1:57:ca:93:ea:53:b5:12:f5:37:a0:b5:2c:43:
1f:cc:a7:37:a8:e6:2a:9e:c1:51:81:2b:6c:28:6f:76:1d:d0:
26:19:72:d4:b5:c4:b5:0e:6c:94:be:08:b3:09:d5:7f:1d:aa:
ec:ae:d7:e3:5c:fa:9c:e6:27:6d:f6:a4:dd:72:7e:e3:9f:67:
78:c1:80:6d:ef:7a:32:4c:d7:7b:cd:f1:d3:4e:3c:e6:9a:69:
df:93:24:28
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAZKeNme6aUFKSkzGWSNEcRT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQxMDE4MDYwMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmNmZDY0ZDJlYjljMjNkZTg1MzAxMTk3OTE5MzMxZDQxZDIwYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucmnpCkwNlougngfAmfHnld88h5T
eHj2n+NYQ8e6Bwuo8AoIkCUEmI1/u+UGrtqvCYzO2lA/wF3w4ZQNYr4qiwmrWeqb
Incz3vfP7os9DZ7N2oqcFyNiyeqGnPpGLFUkuOZFCgZfUTFgPsHHVusG4TvAbClG
7oPqv5YSe159xzEu7Bmoq6HE2b0Q6VGyMKPAUxClUNeEAcnkAM/tVOd17Yvserow
A2XZ2hsAjKiDbk2AkYkB6GQbBvKI+RUJ3hNLp3oo1QWHIBcHCqzHKsUxi2sYRB9b
Kg9piUbmQ7mFLr5UK+SYH4/MK1bIrTO4deQjvJOG4Av8agdmt3opraKL5wIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFOLP1k0uucI96FMBGXkZMx1B0gyMMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xLzRzX1dUUzY1d2ozb1V3RVplUmt6SFVIU0RJdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEeBggrBgEFBQcBBwEB/wSCAQ0wggEJMFAEAgABMEoD
BAECOAgDBAEFt0wDBAAtDnEDBAAtX7kDBAAtX7sDBACTvYAwDAMEAJO9gwMEAJO9
hAMEAJO9hwMEALBv2QMEALnX4AMEALnX4zCBtAQCAAIwga0wEgMHACoLrkAAAQMH
ACoLrkAABDASAwcAKguuRwADAwcAKguuRwAEAwcAKg4MgAADAwcAKg4MgAMjAwcA
Kg4MgAQDAwcAKg4MgAdDAwcAKg44QAACAwcAKg44QAAEAwcAKg44QAJCAwcAKg44
QAQVAwcAKg44QAgBAwcAKg+ZgAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2
MA4DBQAqD5mBAwUBKg+ZhDANBgkqhkiG9w0BAQsFAAOCAQEAlhJixy4RqXkoom06
zmqryLlaPXrYFJ+N6Ok/Teb/m60MQpShQMCHs2O/G0aJ+EgQt9da7oaN3TPe2I4u
Dcr2whPsSgAXEUFjWatxh1y3HSCaoT7d+AgsHQzOOXgyC5Nkw2S22YSg4FD+8uXZ
BGXa1zTvplmM/TxuEnPyTNYeaDN1Vj2frk2u5R2yZBgwJMZRIhp12E7g1pivOcVd
qR/0NbH7tbncAuFXypPqU7US9TegtSxDH8ynN6jmKp7BUYErbChvdh3QJhly1LXE
tQ5slL4IswnVfx2q7K7X41z6nOYnbfak3XJ+459neMGAbe96MkzXe83x00485ppp
35MkKA==
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:40:01 2024 by rpki-client on console-fra.rpki-client.org