Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/4tOKlP1T3bDrTqkAmVV6UQsvOIw.roa
File: 4tOKlP1T3bDrTqkAmVV6UQsvOIw.roa (raw, json)
Hash identifier: fbyIrovjz2LFUWdgFAe/c/Tjvv1l2c8mcyiOkk7SOcI=
Subject key identifier: E2:D3:8A:94:FD:53:DD:B0:EB:4E:A9:00:99:55:7A:51:0B:2F:38:8C
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018CC871410D5650732B5AD756F7DF0BEF5D
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/4tOKlP1T3bDrTqkAmVV6UQsvOIw.roa
Signing time: Tue 02 Jan 2024 04:31:54 +0000
ROA not before: Tue 02 Jan 2024 04:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50316
IP address blocks: 147.123.112.0/22 maxlen: 24
147.123.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:41:0d:56:50:73:2b:5a:d7:56:f7:df:0b:ef:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Jan 2 04:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2d38a94fd53ddb0eb4ea90099557a510b2f388c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ef:29:a6:02:0a:d3:9a:83:f1:38:a7:f9:ca:
cd:03:78:99:18:1e:89:e8:64:43:b5:fe:02:56:fb:
23:65:af:54:ec:d5:ed:c3:d9:c5:f2:52:4c:3c:40:
85:8c:da:ab:29:39:c1:5f:ba:33:16:ba:4a:77:f9:
b8:7d:73:85:66:2d:ec:a4:13:ac:01:9c:07:aa:d9:
1b:80:94:d7:e3:4e:d8:2d:22:5a:31:99:08:15:ea:
ad:45:b2:0d:9f:12:ac:91:f7:fc:cb:26:b5:ea:bd:
f6:8b:19:28:7b:e6:4f:5d:7f:87:fc:a2:ea:98:e6:
db:30:02:9f:46:7b:62:d1:19:72:63:a4:91:b7:a9:
97:ae:25:c3:ae:80:94:be:1b:32:e8:10:bd:44:6a:
16:4c:a3:3f:14:d8:93:0e:0a:71:ce:bf:b6:67:10:
3f:f9:51:9c:3a:3f:0e:6b:5e:9b:54:10:4c:6a:ee:
34:4a:3f:e5:94:0f:47:15:28:05:e1:dc:0a:aa:96:
8f:ee:e3:27:80:f0:90:af:b7:b2:8e:b6:52:d6:f1:
6e:fc:47:5b:2c:04:bf:18:b1:e8:91:6c:0b:0f:1f:
71:80:27:00:d2:56:b3:21:ca:a1:c0:63:84:e1:dc:
b1:0d:3a:f9:80:7c:06:b1:c9:a7:2e:e6:b8:36:59:
7b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D3:8A:94:FD:53:DD:B0:EB:4E:A9:00:99:55:7A:51:0B:2F:38:8C
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/4tOKlP1T3bDrTqkAmVV6UQsvOIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.123.112.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:c1:44:63:92:e4:ed:80:a8:c5:2a:d9:0b:4e:36:4d:16:64:
ec:fd:d0:be:01:2e:05:f8:eb:e6:cb:0d:ae:7f:c5:24:0b:49:
18:ec:47:f7:e4:09:c5:36:d6:44:d4:e9:8e:8b:5e:02:73:86:
18:d6:90:e3:09:91:fb:20:c0:8d:9a:ce:f8:7b:74:21:c5:c9:
e3:d5:21:37:3f:83:3c:e2:29:65:d2:3e:84:61:95:40:07:7f:
e9:b6:88:52:08:fe:6e:c6:f4:39:76:8a:b8:fc:0b:fb:5c:2b:
83:e0:b0:5f:6c:15:dc:f1:74:85:d6:54:8b:f6:6d:45:01:35:
89:f1:90:64:6a:51:f6:e3:5c:3d:f9:e9:a8:11:d5:49:31:26:
cc:c5:28:b8:87:8b:16:5c:95:e0:17:b2:0a:d6:10:eb:d9:09:
34:cd:25:d4:f0:c3:99:9b:51:e6:35:87:a0:52:8b:11:e7:43:
8f:f0:dc:c2:58:93:0e:a4:e3:de:9e:89:01:58:3a:fe:5d:fe:
cc:c9:80:4d:85:02:94:1d:0b:3e:f8:bb:34:60:aa:bc:d4:a9:
6b:6b:06:3d:e7:3e:92:1a:74:e9:61:db:c9:8f:d9:b8:0a:19:
05:3b:2e:ba:80:54:fc:03:0f:12:0c:6e:32:40:e0:be:8c:e4:
dc:ae:9f:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcUENVlBzK1rXVvffC+9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjQwMTAyMDQzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQzOGE5NGZkNTNkZGIwZWI0ZWE5MDA5OTU1N2E1MTBiMmYzODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO8ppgIK05qD8Tin+crNA3iZGB6J
6GRDtf4CVvsjZa9U7NXtw9nF8lJMPECFjNqrKTnBX7ozFrpKd/m4fXOFZi3spBOs
AZwHqtkbgJTX407YLSJaMZkIFeqtRbINnxKskff8yya16r32ixkoe+ZPXX+H/KLq
mObbMAKfRnti0RlyY6SRt6mXriXDroCUvhsy6BC9RGoWTKM/FNiTDgpxzr+2ZxA/
+VGcOj8Oa16bVBBMau40Sj/llA9HFSgF4dwKqpaP7uMngPCQr7eyjrZS1vFu/Edb
LAS/GLHokWwLDx9xgCcA0lazIcqhwGOE4dyxDTr5gHwGscmnLua4Nll7oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLTipT9U92w606pAJlVelELLziMMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvNHRPS2xQMVQzYkRyVHFrQW1WVjZVUXN2T0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDk3twMA0G
CSqGSIb3DQEBCwUAA4IBAQAawURjkuTtgKjFKtkLTjZNFmTs/dC+AS4F+Ovmyw2u
f8UkC0kY7Ef35AnFNtZE1OmOi14Cc4YY1pDjCZH7IMCNms74e3Qhxcnj1SE3P4M8
4ill0j6EYZVAB3/ptohSCP5uxvQ5doq4/Av7XCuD4LBfbBXc8XSF1lSL9m1FATWJ
8ZBkalH241w9+emoEdVJMSbMxSi4h4sWXJXgF7IK1hDr2Qk0zSXU8MOZm1HmNYeg
UosR50OP8NzCWJMOpOPenokBWDr+Xf7MyYBNhQKUHQs++Ls0YKq81KlrawY95z6S
GnTpYdvJj9m4ChkFOy66gFT8Aw8SDG4yQOC+jOTcrp+E
-----END CERTIFICATE-----
Generated at Sun May 19 21:06:49 2024 by rpki-client on console-fra.rpki-client.org