Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/S8tTdwURDIz1AKxs2wZJuokbzB8.roa
File: S8tTdwURDIz1AKxs2wZJuokbzB8.roa (raw, json)
Hash identifier: +02bZflBdKT9SkgtnnAxKpbiMzhqWRJ2sLaUifv+12U=
Subject key identifier: 4B:CB:53:77:05:11:0C:8C:F5:00:AC:6C:DB:06:49:BA:89:1B:CC:1F
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 019146A194CDDD86F7E7E1B59E284D3C4B28
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/S8tTdwURDIz1AKxs2wZJuokbzB8.roa
Signing time: Mon 12 Aug 2024 12:47:59 +0000
ROA not before: Mon 12 Aug 2024 12:47:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43205
IP address blocks: 37.143.192.0/18 maxlen: 18
46.40.64.0/18 maxlen: 18
46.40.75.0/24 maxlen: 24
46.47.64.0/18 maxlen: 18
46.237.64.0/18 maxlen: 18
78.128.88.0/22 maxlen: 22
78.128.90.0/24 maxlen: 24
91.139.128.0/17 maxlen: 17
93.155.128.0/17 maxlen: 17
109.121.192.0/18 maxlen: 18
158.58.192.0/18 maxlen: 18
178.169.128.0/17 maxlen: 17
185.4.80.0/22 maxlen: 22
188.254.128.0/17 maxlen: 17
193.24.240.0/22 maxlen: 22
212.43.32.0/19 maxlen: 19
212.75.0.0/19 maxlen: 19
213.214.64.0/19 maxlen: 19
2a02:6800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:a1:94:cd:dd:86:f7:e7:e1:b5:9e:28:4d:3c:4b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Aug 12 12:47:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bcb537705110c8cf500ac6cdb0649ba891bcc1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f2:ae:60:37:36:59:dd:56:dd:31:60:c2:06:
16:f4:96:7d:8a:d8:83:4d:c3:67:18:c8:15:4b:23:
52:15:2b:13:10:cf:a2:7d:1e:ad:37:76:55:4e:2c:
71:22:74:09:1b:6e:66:75:c4:d1:26:0b:43:ff:83:
fb:43:3f:58:0a:05:71:4d:31:94:c3:98:5e:2a:9d:
4b:cd:a7:05:17:dd:10:a7:2a:1e:5f:2f:ae:26:32:
81:2b:82:28:1d:3f:d7:6d:65:2a:a9:82:b2:6a:5e:
77:2a:c8:66:f0:61:ee:b7:6e:50:5d:d7:06:40:2d:
17:bf:3c:af:dc:aa:c2:51:93:cf:13:f9:5a:a0:fc:
58:2f:5a:4a:7c:22:f6:dd:52:3c:92:6f:12:4f:fc:
ce:9c:ec:80:3d:57:dd:cf:55:92:57:e2:29:d7:53:
ca:b1:d9:26:12:f9:ac:e2:0c:6c:3d:ae:99:ac:84:
36:2b:75:f9:cb:11:3f:6f:b8:55:d0:5d:fb:5d:7c:
70:32:e1:af:18:39:54:c6:98:f5:b3:e1:bc:a0:cd:
48:45:7a:e5:c5:1d:41:e7:b1:dd:9a:d2:fc:53:b5:
52:a2:ae:60:a0:45:90:3a:de:74:e5:26:7d:fa:50:
4a:ed:81:75:17:38:7a:bf:bd:84:70:00:88:4e:65:
ea:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CB:53:77:05:11:0C:8C:F5:00:AC:6C:DB:06:49:BA:89:1B:CC:1F
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/S8tTdwURDIz1AKxs2wZJuokbzB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.192.0/18
46.40.64.0/18
46.47.64.0/18
46.237.64.0/18
78.128.88.0/22
91.139.128.0/17
93.155.128.0/17
109.121.192.0/18
158.58.192.0/18
178.169.128.0/17
185.4.80.0/22
188.254.128.0/17
193.24.240.0/22
212.43.32.0/19
212.75.0.0/19
213.214.64.0/19
IPv6:
2a02:6800::/32
Signature Algorithm: sha256WithRSAEncryption
a7:b6:92:b2:51:18:37:e1:20:0c:aa:0c:87:b5:4d:61:06:4d:
42:b6:21:26:fc:5e:93:50:a6:e7:d7:4a:38:eb:e7:72:35:36:
13:63:81:d7:6d:5c:01:d8:f6:f4:e0:4b:6a:0e:e7:4c:76:cd:
45:7a:2d:0c:a7:a5:78:b4:1e:24:47:ad:83:74:44:a9:ca:c8:
9c:cf:b0:24:57:b3:8b:31:74:ad:d6:01:e5:ee:ea:4d:3c:bc:
b7:f9:1c:68:fb:c1:99:0c:c6:ec:53:d7:57:71:65:e2:81:87:
91:c7:d8:5d:d9:e4:3b:e3:69:57:92:d1:26:88:1c:2a:b7:c7:
2b:ad:98:88:14:bc:6e:02:35:2e:ff:fc:50:9b:b3:43:b4:0d:
16:97:3b:2c:bb:de:f0:13:7e:43:6a:5a:7e:86:c5:a3:84:4a:
c7:72:ca:64:78:55:ec:ed:46:9d:e9:c5:41:df:7f:85:66:39:
30:44:d7:88:26:4c:5b:45:dc:56:6c:3e:a0:41:f9:87:a7:9f:
b1:5c:07:9c:67:c4:8d:f0:a8:70:3b:1c:9b:14:d0:38:0f:e7:
b5:cb:1f:b7:a4:a4:88:54:a9:c2:1f:c0:65:6e:5a:37:f8:90:
a5:8c:93:32:85:1a:0f:52:4d:d1:d1:e7:35:6d:a1:e4:4d:4b:
4a:30:25:9f
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZFGoZTN3Yb35+G1nihNPEsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwODEyMTI0NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNiNTM3NzA1MTEwYzhjZjUwMGFjNmNkYjA2NDliYTg5MWJjYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/KuYDc2Wd1W3TFgwgYW9JZ9itiD
TcNnGMgVSyNSFSsTEM+ifR6tN3ZVTixxInQJG25mdcTRJgtD/4P7Qz9YCgVxTTGU
w5heKp1LzacFF90QpyoeXy+uJjKBK4IoHT/XbWUqqYKyal53Kshm8GHut25QXdcG
QC0Xvzyv3KrCUZPPE/laoPxYL1pKfCL23VI8km8ST/zOnOyAPVfdz1WSV+Ip11PK
sdkmEvms4gxsPa6ZrIQ2K3X5yxE/b7hV0F37XXxwMuGvGDlUxpj1s+G8oM1IRXrl
xR1B57HdmtL8U7VSoq5goEWQOt505SZ9+lBK7YF1Fzh6v72EcACITmXqTQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFEvLU3cFEQyM9QCsbNsGSbqJG8wfMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvUzh0VGR3VVJESXoxQUt4czJ3Wkp1b2tiekI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEBiWPwAME
Bi4oQAMEBi4vQAMEBi7tQAMEAk6AWAMEB1uLgAMEB12bgAMEBm15wAMEBp46wAME
B7KpgAMEArkEUAMEB7z+gAMEAsEY8AMEBdQrIAMEBdRLAAMEBdXWQDANBAIAAjAH
AwUAKgJoADANBgkqhkiG9w0BAQsFAAOCAQEAp7aSslEYN+EgDKoMh7VNYQZNQrYh
Jvxek1Cm59dKOOvncjU2E2OB121cAdj29OBLag7nTHbNRXotDKeleLQeJEetg3RE
qcrInM+wJFezizF0rdYB5e7qTTy8t/kcaPvBmQzG7FPXV3Fl4oGHkcfYXdnkO+Np
V5LRJogcKrfHK62YiBS8bgI1Lv/8UJuzQ7QNFpc7LLve8BN+Q2pafobFo4RKx3LK
ZHhV7O1GnenFQd9/hWY5METXiCZMW0XcVmw+oEH5h6efsVwHnGfEjfCocDscmxTQ
OA/ntcsft6SkiFSpwh/AZW5aN/iQpYyTMoUaD1JN0dHnNW2h5E1LSjAlnw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:14 2024 by rpki-client on console-ams.rpki-client.org