Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/4kAQI_-ZpMycf0gmNI6O5jXq6pU.roa
File: 4kAQI_-ZpMycf0gmNI6O5jXq6pU.roa (raw, json)
Hash identifier: gaYkEc6HL9uHrbnQBJvhB0pKQVniBYZy+1lrFY7rug4=
Subject key identifier: E2:40:10:23:FF:99:A4:CC:9C:7F:48:26:34:8E:8E:E6:35:EA:EA:95
Certificate issuer: /CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Certificate serial: 018CC9BC764BEDADE84EE141ABF57DA5DE45
Authority key identifier: 63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/4kAQI_-ZpMycf0gmNI6O5jXq6pU.roa
Signing time: Tue 02 Jan 2024 10:33:40 +0000
ROA not before: Tue 02 Jan 2024 10:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15600
IP address blocks: 185.206.244.0/22 maxlen: 22
91.138.64.0/18 maxlen: 18
2a0a:d1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:76:4b:ed:ad:e8:4e:e1:41:ab:f5:7d:a5:de:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Validity
Not Before: Jan 2 10:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2401023ff99a4cc9c7f4826348e8ee635eaea95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:58:92:a6:55:f4:48:db:eb:47:d9:82:95:84:
2c:52:4d:92:88:1a:d3:53:19:06:57:ef:58:08:cb:
92:9a:a1:07:dd:bc:95:a7:6c:99:de:f5:9f:b3:23:
45:cf:5f:11:8d:54:fa:5f:61:65:63:f5:e5:5e:2b:
75:fc:57:9d:bf:41:9f:a1:ae:02:72:4b:aa:14:04:
9d:8e:05:66:ff:cc:bd:f9:09:cb:07:e4:40:e5:14:
8a:9e:e8:22:05:a1:a1:38:af:1a:28:24:ad:96:f3:
80:0b:b2:1f:13:2d:a8:24:fc:ad:5d:63:18:f6:fa:
a5:4f:89:80:74:9e:76:09:8b:29:32:ea:af:93:81:
70:6a:a5:c7:8c:1d:6f:c5:29:ea:d9:e0:2b:bd:2c:
46:f8:77:f0:93:76:a9:d2:ab:88:e0:42:4e:9c:b0:
23:fc:dd:0d:7a:06:22:06:d3:66:62:23:25:b7:e1:
89:92:8e:6d:69:b5:f9:a5:8d:36:78:7a:34:47:ef:
17:2d:a5:df:1f:dc:96:41:e4:c0:ff:d3:1c:3b:f0:
00:b2:50:f0:81:a1:0f:7a:f6:2a:13:bf:2f:41:14:
cf:f3:d2:37:ba:03:b3:8c:61:21:f9:87:ac:d6:13:
03:bd:fb:eb:57:23:47:fc:b8:52:5a:5a:13:cb:8b:
c8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:40:10:23:FF:99:A4:CC:9C:7F:48:26:34:8E:8E:E6:35:EA:EA:95
X509v3 Authority Key Identifier:
keyid:63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/4kAQI_-ZpMycf0gmNI6O5jXq6pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.138.64.0/18
185.206.244.0/22
IPv6:
2a0a:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:73:29:6e:2c:23:2c:7d:bb:c8:e4:f8:31:64:9b:2f:29:d6:
bc:fb:74:f4:39:a1:ff:51:81:0a:05:b5:3c:c1:a0:30:2d:cb:
d5:e1:a0:22:72:4e:fc:7a:e0:07:f9:9d:fb:dc:fd:b5:35:9f:
48:aa:b1:fb:66:b5:bc:71:dc:6a:19:5e:d6:4c:8a:5c:3f:eb:
60:86:40:bb:51:7e:9f:16:26:ab:7e:f0:1c:a4:f0:89:72:9b:
81:50:79:49:d1:7e:a9:c6:30:4c:2f:10:ca:bc:07:46:ee:d8:
2e:5d:cf:55:eb:20:97:92:d8:b4:53:b9:67:2f:81:66:e1:c4:
0f:57:03:19:2c:57:1c:37:c4:0a:9e:fd:97:e2:3e:48:32:a0:
29:56:b8:83:36:bc:36:02:21:0f:da:25:f3:1a:6c:9e:4b:57:
03:76:01:b7:8e:85:c8:4d:c7:be:e9:44:6f:de:87:73:e6:33:
6d:1e:bd:a4:d0:2b:11:b3:37:ee:26:72:79:7e:18:63:35:9a:
00:fa:99:4d:19:85:20:bf:b3:f8:7b:08:fc:2d:97:4d:bb:7e:
7b:09:47:01:a4:8e:65:7d:bb:60:1a:65:5c:cb:fe:b1:4a:99:
26:b6:ae:23:28:c3:c2:31:23:cc:14:55:97:7f:cf:f7:18:ae:
92:d1:3f:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvHZL7a3oTuFBq/V9pd5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDI3YzUzNTg3M2U0YzRlYWQ4MDQyZDY3YmJmM2YxZjQ3
YjI2YjEwHhcNMjQwMTAyMTAzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQwMTAyM2ZmOTlhNGNjOWM3ZjQ4MjYzNDhlOGVlNjM1ZWFlYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01iSplX0SNvrR9mClYQsUk2SiBrT
UxkGV+9YCMuSmqEH3byVp2yZ3vWfsyNFz18RjVT6X2FlY/XlXit1/Fedv0Gfoa4C
ckuqFASdjgVm/8y9+QnLB+RA5RSKnugiBaGhOK8aKCStlvOAC7IfEy2oJPytXWMY
9vqlT4mAdJ52CYspMuqvk4FwaqXHjB1vxSnq2eArvSxG+Hfwk3ap0quI4EJOnLAj
/N0NegYiBtNmYiMlt+GJko5tabX5pY02eHo0R+8XLaXfH9yWQeTA/9McO/AAslDw
gaEPevYqE78vQRTP89I3ugOzjGEh+Yes1hMDvfvrVyNH/LhSWloTy4vIuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOJAECP/maTMnH9IJjSOjuY16uqVMB8GA1UdIwQY
MBaAFGNCfFNYc+TE6tgELWe78/H0eyaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBKOFUxaHo1TVRxMkFRdFo3dno4ZlI3SnJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82MTA4M2MtNGIzZC00NmQ4LTgyYWEt
YjI5OTdiYzYxNDc0LzEvNGtBUUlfLVpwTXljZjBnbU5JNk81alhxNnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82MTA4M2MtNGIzZC00NmQ4LTgyYWEtYjI5OTdiYzYxNDc0
LzEvWTBKOFUxaHo1TVRxMkFRdFo3dno4ZlI3SnJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW4pAAwQC
uc70MA0EAgACMAcDBQMqCtHAMA0GCSqGSIb3DQEBCwUAA4IBAQCrcyluLCMsfbvI
5PgxZJsvKda8+3T0OaH/UYEKBbU8waAwLcvV4aAick78euAH+Z373P21NZ9IqrH7
ZrW8cdxqGV7WTIpcP+tghkC7UX6fFiarfvAcpPCJcpuBUHlJ0X6pxjBMLxDKvAdG
7tguXc9V6yCXkti0U7lnL4Fm4cQPVwMZLFccN8QKnv2X4j5IMqApVriDNrw2AiEP
2iXzGmyeS1cDdgG3joXITce+6URv3odz5jNtHr2k0CsRszfuJnJ5fhhjNZoA+plN
GYUgv7P4ewj8LZdNu357CUcBpI5lfbtgGmVcy/6xSpkmtq4jKMPCMSPMFFWXf8/3
GK6S0T8g
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:18:25 2024 by rpki-client on console-ams.rpki-client.org