Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/4eVwtfKGl7-qtIVxSVdOLMZ4Op0.roa
File: 4eVwtfKGl7-qtIVxSVdOLMZ4Op0.roa (raw, json)
Hash identifier: 4JUIcdYP05/YaAxCnk01BAtwjgu8vEHXN1YcDXp4sdg=
Subject key identifier: E1:E5:70:B5:F2:86:97:BF:AA:B4:85:71:49:57:4E:2C:C6:78:3A:9D
Certificate issuer: /CN=64950e4e58d6ac27f80f09a5ed2f3028b81ae8ca
Certificate serial: 018DCC27AB4A1CD780F02575636D3E50DE08
Authority key identifier: 64:95:0E:4E:58:D6:AC:27:F8:0F:09:A5:ED:2F:30:28:B8:1A:E8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/4eVwtfKGl7-qtIVxSVdOLMZ4Op0.roa
Signing time: Wed 21 Feb 2024 14:52:48 +0000
ROA not before: Wed 21 Feb 2024 14:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43997
IP address blocks: 193.35.148.0/24 maxlen: 24
193.35.149.0/24 maxlen: 24
193.35.150.0/23 maxlen: 23
2a0c:7fc0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/ZJUOTljWrCf4Dwml7S8wKLga6Mo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/ZJUOTljWrCf4Dwml7S8wKLga6Mo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:27:ab:4a:1c:d7:80:f0:25:75:63:6d:3e:50:de:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64950e4e58d6ac27f80f09a5ed2f3028b81ae8ca
Validity
Not Before: Feb 21 14:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1e570b5f28697bfaab4857149574e2cc6783a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:d8:23:43:5b:39:7e:5c:10:3d:38:d0:a9:
95:5b:13:f0:18:d2:67:15:42:07:61:de:77:c2:7c:
72:c6:c5:d6:1a:18:b6:38:c3:1c:6a:65:58:0b:a9:
61:df:2f:7b:a4:42:c1:b0:d7:e5:91:af:a7:b6:64:
6b:8d:41:49:04:e0:c5:e8:f5:25:6f:48:db:44:ad:
29:05:d2:bb:ba:d3:95:e1:c5:9d:f4:f8:df:a5:2b:
13:6d:55:d9:17:11:92:88:a7:0a:a6:ae:e6:d0:30:
50:86:3d:da:e4:7c:96:e0:10:e2:1e:03:8f:f0:b1:
89:82:e1:e6:8d:66:72:57:a3:fb:e2:67:84:16:8f:
64:19:8f:df:b4:28:c8:bd:f7:a2:e7:d8:b7:85:3b:
74:1f:10:a4:34:d9:97:b2:f5:4f:e9:ef:e3:53:1a:
c7:9b:df:11:ad:f6:49:c9:da:eb:87:af:9e:69:a7:
e2:5c:9d:bb:7d:7c:02:66:8f:f5:03:d4:cd:35:52:
6b:a4:0d:50:99:b2:61:fd:0c:ec:09:fe:78:f8:8c:
0b:ce:4e:d3:47:e0:1f:56:b5:f9:da:f6:f2:eb:bc:
35:31:80:26:92:3d:e9:40:18:c7:63:8d:db:38:02:
af:ea:d5:4a:69:97:0d:f5:f5:83:21:e8:a2:be:57:
21:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E5:70:B5:F2:86:97:BF:AA:B4:85:71:49:57:4E:2C:C6:78:3A:9D
X509v3 Authority Key Identifier:
keyid:64:95:0E:4E:58:D6:AC:27:F8:0F:09:A5:ED:2F:30:28:B8:1A:E8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZJUOTljWrCf4Dwml7S8wKLga6Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/4eVwtfKGl7-qtIVxSVdOLMZ4Op0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/300211-0909-4206-9136-e66d411fa6a0/1/ZJUOTljWrCf4Dwml7S8wKLga6Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.148.0/22
IPv6:
2a0c:7fc0::/40
Signature Algorithm: sha256WithRSAEncryption
91:f7:bc:2d:1e:e9:3c:d6:a4:7d:90:1d:48:e2:95:b2:80:df:
00:bd:69:71:d7:b2:79:a7:1c:8f:38:9b:85:ee:18:42:df:9a:
b0:b1:61:10:a3:e5:eb:65:72:1b:40:c4:0a:c9:62:68:00:69:
e0:ec:f3:36:9d:21:31:5f:ca:92:c4:45:91:0a:39:2b:b0:d2:
34:c6:2d:02:54:bf:5e:29:5b:6d:89:9c:41:13:17:5e:e0:b3:
e4:46:00:db:6e:5d:0f:87:d9:7e:26:5f:26:86:c1:ea:20:b8:
3b:74:06:79:76:b2:b6:12:82:e8:e1:47:40:6c:f8:80:a9:73:
f7:b0:3c:a4:e2:b1:71:9f:33:d4:d3:cf:81:d5:2f:c6:3d:f6:
3f:db:d6:35:57:0b:da:88:d7:5c:79:d5:3c:6e:bd:19:19:8f:
84:9b:d0:58:d7:6b:0f:6d:a4:15:e8:d8:74:60:37:1f:59:93:
5c:9f:22:15:90:79:02:f7:62:79:c4:01:78:3e:54:ae:60:65:
b5:e2:d0:df:fa:27:cc:ff:c7:23:cc:08:49:ed:37:fb:8d:5f:
f1:fe:f8:c7:91:57:d7:9e:c5:c3:51:d9:75:3b:33:cb:41:cc:
87:03:5c:29:1b:a5:a9:9a:2c:80:eb:d4:b0:63:dd:7e:54:ce:
b2:da:b8:29
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY3MJ6tKHNeA8CV1Y20+UN4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0OTUwZTRlNThkNmFjMjdmODBmMDlhNWVkMmYzMDI4Yjgx
YWU4Y2EwHhcNMjQwMjIxMTQ1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU1NzBiNWYyODY5N2JmYWFiNDg1NzE0OTU3NGUyY2M2NzgzYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt/YI0NbOX5cED040KmVWxPwGNJn
FUIHYd53wnxyxsXWGhi2OMMcamVYC6lh3y97pELBsNflka+ntmRrjUFJBODF6PUl
b0jbRK0pBdK7utOV4cWd9PjfpSsTbVXZFxGSiKcKpq7m0DBQhj3a5HyW4BDiHgOP
8LGJguHmjWZyV6P74meEFo9kGY/ftCjIvfei59i3hTt0HxCkNNmXsvVP6e/jUxrH
m98RrfZJydrrh6+eaafiXJ27fXwCZo/1A9TNNVJrpA1QmbJh/QzsCf54+IwLzk7T
R+AfVrX52vby67w1MYAmkj3pQBjHY43bOAKv6tVKaZcN9fWDIeiivlch6QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOHlcLXyhpe/qrSFcUlXTizGeDqdMB8GA1UdIwQY
MBaAFGSVDk5Y1qwn+A8Jpe0vMCi4GujKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkpVT1RsaldyQ2Y0RHdtbDdTOHdLTGdhNk1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMDAyMTEtMDkwOS00MjA2LTkxMzYt
ZTY2ZDQxMWZhNmEwLzEvNGVWd3RmS0dsNy1xdElWeFNWZE9MTVo0T3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMDAyMTEtMDkwOS00MjA2LTkxMzYtZTY2ZDQxMWZhNmEw
LzEvWkpVT1RsaldyQ2Y0RHdtbDdTOHdLTGdhNk1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCwSOUMA4E
AgACMAgDBgAqDH/AADANBgkqhkiG9w0BAQsFAAOCAQEAkfe8LR7pPNakfZAdSOKV
soDfAL1pcdeyeaccjzibhe4YQt+asLFhEKPl62VyG0DECsliaABp4OzzNp0hMV/K
ksRFkQo5K7DSNMYtAlS/XilbbYmcQRMXXuCz5EYA225dD4fZfiZfJobB6iC4O3QG
eXaythKC6OFHQGz4gKlz97A8pOKxcZ8z1NPPgdUvxj32P9vWNVcL2ojXXHnVPG69
GRmPhJvQWNdrD22kFejYdGA3H1mTXJ8iFZB5AvdiecQBeD5UrmBlteLQ3/onzP/H
I8wISe03+41f8f74x5FX157Fw1HZdTszy0HMhwNcKRulqZosgOvUsGPdflTOstq4
KQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:16:46 2024 by rpki-client on console-ams.rpki-client.org