Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/S1iKwv78pj78vn6ylzRyWeqom-Y.roa
File: S1iKwv78pj78vn6ylzRyWeqom-Y.roa (raw, json)
Hash identifier: NNSovzltmAtVdXkQAVVW+lJcFITCWSQQZ727vOCfQM8=
Subject key identifier: 4B:58:8A:C2:FE:FC:A6:3E:FC:BE:7E:B2:97:34:72:59:EA:A8:9B:E6
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 019299E9EA50C0D057503B6661B484F58E5F
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/S1iKwv78pj78vn6ylzRyWeqom-Y.roa
Signing time: Thu 17 Oct 2024 09:58:16 +0000
ROA not before: Thu 17 Oct 2024 09:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 2.59.244.0/22 maxlen: 22
89.38.216.0/21 maxlen: 21
103.95.124.0/22 maxlen: 22
103.132.4.0/22 maxlen: 22
103.204.220.0/23 maxlen: 23
185.124.100.0/22 maxlen: 22
185.250.76.0/22 maxlen: 22
193.36.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:e9:ea:50:c0:d0:57:50:3b:66:61:b4:84:f5:8e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Oct 17 09:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b588ac2fefca63efcbe7eb297347259eaa89be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:15:d2:a1:15:1b:b1:25:c2:69:ab:25:7f:f4:
99:30:2d:01:68:f3:bc:da:e5:a6:0f:9e:77:26:7d:
2b:3e:d9:99:9d:1f:c8:b6:c2:62:13:42:44:0a:e8:
90:d3:5e:b2:d8:e9:c5:ac:9e:97:8d:75:b9:3c:6e:
2e:1f:19:40:ea:fd:84:a9:24:6f:00:43:cd:40:a0:
e6:72:13:13:6d:b1:67:3c:d9:d0:2c:2d:8e:58:82:
dd:ef:52:4b:0c:42:cc:e8:ce:3c:fb:83:86:69:96:
ad:91:dd:33:2f:a4:8e:c7:25:aa:fb:6b:c5:fc:6e:
9a:2d:98:22:57:67:b1:28:ae:0a:8f:87:ba:6b:6e:
f1:53:68:e4:a6:7e:b4:2b:d5:2f:2b:1c:0c:c4:16:
3c:b5:d7:b7:9f:c9:03:a9:00:f1:b1:5a:26:84:c5:
b4:c5:6e:0a:0a:d1:44:0e:d0:2d:68:6f:51:78:99:
0b:e3:9b:dd:2f:c9:df:06:d1:ed:89:88:11:2c:d0:
1f:c5:44:6d:0d:9b:63:ac:2a:dc:7e:d0:38:36:e1:
1c:c1:b9:aa:1a:ab:22:60:2c:9c:1e:dd:fb:6f:9e:
27:9e:60:34:01:9b:96:c7:43:0a:2e:11:6f:a1:ff:
43:84:86:26:c6:19:1f:73:68:53:ac:42:8c:9d:27:
4c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:58:8A:C2:FE:FC:A6:3E:FC:BE:7E:B2:97:34:72:59:EA:A8:9B:E6
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/S1iKwv78pj78vn6ylzRyWeqom-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.244.0/22
89.38.216.0/21
103.95.124.0/22
103.132.4.0/22
103.204.220.0/23
185.124.100.0/22
185.250.76.0/22
193.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
63:62:02:f2:ff:bb:e7:fa:fc:8e:cf:41:20:fa:01:18:f5:fe:
bb:41:f0:d3:69:66:63:ed:4c:7a:b0:ca:3b:c3:8d:d1:55:19:
fe:84:5e:14:e1:93:43:0e:78:23:c2:35:94:3c:04:4e:79:e8:
b7:d1:dc:a2:81:8c:31:79:21:06:18:e3:21:ad:30:ee:f3:cb:
ef:da:6d:be:68:8d:60:ad:46:38:ea:ec:b7:0f:ec:3a:f3:b1:
35:be:0d:36:87:dd:95:c6:19:b6:b3:d6:80:67:cc:75:65:ac:
aa:5c:fe:c1:48:bf:cd:fd:33:2d:c4:f7:d9:2c:02:13:90:c4:
fd:23:05:fc:77:68:fb:a3:b5:66:e5:36:0c:23:e5:84:50:33:
ad:2f:9c:ef:dd:82:c8:33:33:da:e0:ac:aa:18:07:68:ca:75:
10:27:9b:fb:4c:8e:9e:91:e2:3b:d6:a5:e1:b0:a0:ec:00:a5:
2e:ed:22:f8:5b:42:71:58:06:6a:7b:f6:ac:cf:bb:5c:a3:e7:
a0:e0:87:a2:cb:30:63:13:12:01:5c:48:32:3f:9b:42:a2:49:
fa:b7:4b:93:23:0c:73:d6:90:a7:7f:8c:2b:a8:f6:de:c2:f8:
38:59:a7:d3:50:05:f0:fe:68:4b:d7:34:d9:d5:e2:9e:4f:9a:
fc:e5:67:e1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZKZ6epQwNBXUDtmYbSE9Y5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjQxMDE3MDk1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU4OGFjMmZlZmNhNjNlZmNiZTdlYjI5NzM0NzI1OWVhYTg5YmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRXSoRUbsSXCaaslf/SZMC0BaPO8
2uWmD553Jn0rPtmZnR/ItsJiE0JECuiQ016y2OnFrJ6XjXW5PG4uHxlA6v2EqSRv
AEPNQKDmchMTbbFnPNnQLC2OWILd71JLDELM6M48+4OGaZatkd0zL6SOxyWq+2vF
/G6aLZgiV2exKK4Kj4e6a27xU2jkpn60K9UvKxwMxBY8tde3n8kDqQDxsVomhMW0
xW4KCtFEDtAtaG9ReJkL45vdL8nfBtHtiYgRLNAfxURtDZtjrCrcftA4NuEcwbmq
GqsiYCycHt37b54nnmA0AZuWx0MKLhFvof9DhIYmxhkfc2hTrEKMnSdM7QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEtYisL+/KY+/L5+spc0clnqqJvmMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvUzFpS3d2Nzhwajc4dm42eWx6UnlXZXFvbS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjv0AwQD
WSbYAwQCZ198AwQCZ4QEAwQBZ8zcAwQCuXxkAwQCufpMAwQCwSRgMA0GCSqGSIb3
DQEBCwUAA4IBAQBjYgLy/7vn+vyOz0Eg+gEY9f67QfDTaWZj7Ux6sMo7w43RVRn+
hF4U4ZNDDngjwjWUPAROeei30dyigYwxeSEGGOMhrTDu88vv2m2+aI1grUY46uy3
D+w687E1vg02h92Vxhm2s9aAZ8x1ZayqXP7BSL/N/TMtxPfZLAITkMT9IwX8d2j7
o7Vm5TYMI+WEUDOtL5zv3YLIMzPa4KyqGAdoynUQJ5v7TI6ekeI71qXhsKDsAKUu
7SL4W0JxWAZqe/asz7tco+eg4IeiyzBjExIBXEgyP5tCokn6t0uTIwxz1pCnf4wr
qPbewvg4WafTUAXw/mhL1zTZ1eKeT5r85Wfh
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:04:32 2024 by rpki-client on console-ams.rpki-client.org