Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/4H_0LDcB0uqiWR96COsCXUzjlmc.roa
File: 4H_0LDcB0uqiWR96COsCXUzjlmc.roa (raw, json)
Hash identifier: 99ELlRZ8r0KzcCajERUtuHFA2JgDcldtUIOtMi9qSgQ=
Subject key identifier: E0:7F:F4:2C:37:01:D2:EA:A2:59:1F:7A:08:EB:02:5D:4C:E3:96:67
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 018CC6B9106BFD3488EAD46FD3B1B3664FA6
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/4H_0LDcB0uqiWR96COsCXUzjlmc.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133499
IP address blocks: 77.95.116.0/22 maxlen: 32
89.44.245.0/24 maxlen: 32
89.34.7.0/24 maxlen: 32
94.177.52.0/22 maxlen: 32
185.221.221.0/24 maxlen: 32
94.176.216.0/22 maxlen: 32
78.138.30.0/24 maxlen: 32
185.243.108.0/22 maxlen: 32
185.223.58.0/23 maxlen: 32
103.204.212.0/22 maxlen: 32
94.176.163.0/24 maxlen: 32
89.44.115.0/24 maxlen: 32
188.241.146.0/24 maxlen: 32
78.138.16.0/24 maxlen: 32
89.41.62.0/24 maxlen: 32
188.214.93.0/24 maxlen: 32
89.32.129.0/24 maxlen: 32
31.14.219.0/24 maxlen: 32
185.225.104.0/22 maxlen: 32
31.14.236.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:10:6b:fd:34:88:ea:d4:6f:d3:b1:b3:66:4f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e07ff42c3701d2eaa2591f7a08eb025d4ce39667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ea:ac:9c:60:69:66:cf:4a:ad:2e:d4:b2:47:
e3:3f:f9:e5:d5:09:ea:43:d0:d6:1f:35:c3:12:6a:
50:d7:a5:86:4f:ac:27:ac:06:0f:75:a9:3b:37:95:
5b:d5:54:eb:a7:84:6c:7b:bf:c8:29:61:b0:dc:e6:
27:07:c4:3d:fb:d3:4b:3f:95:a9:f8:99:89:51:71:
10:06:08:d9:e8:81:bc:0b:51:89:7f:19:53:17:15:
3d:4d:fd:3d:7f:17:ee:cc:25:3b:0d:3c:fc:c6:33:
15:e2:ff:f9:84:1e:67:d0:f2:fb:8c:c5:52:ba:93:
69:95:69:1b:89:6c:a9:37:5a:3e:36:4e:ac:69:af:
d2:ae:bd:22:e6:12:95:5a:de:a4:67:83:71:2a:4d:
8a:5b:a3:0a:d1:44:3d:1a:24:79:fe:89:69:89:be:
39:7e:d0:36:f7:68:71:bc:fa:85:9d:47:9a:a6:b9:
71:5e:ac:39:e4:c1:73:0a:bb:e8:45:52:ed:85:34:
71:02:4a:d2:18:89:54:b1:d1:ca:69:7a:fe:2e:a1:
21:7e:b2:5b:cc:20:7f:df:21:87:09:1c:c3:0d:53:
56:50:a0:7c:cb:3c:cc:02:86:26:03:fd:23:0f:6c:
f1:8c:aa:0c:10:e7:27:59:39:00:75:92:60:b4:20:
8d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7F:F4:2C:37:01:D2:EA:A2:59:1F:7A:08:EB:02:5D:4C:E3:96:67
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/4H_0LDcB0uqiWR96COsCXUzjlmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.219.0/24
31.14.236.0/23
77.95.116.0/22
78.138.16.0/24
78.138.30.0/24
89.32.129.0/24
89.34.7.0/24
89.41.62.0/24
89.44.115.0/24
89.44.245.0/24
94.176.163.0/24
94.176.216.0/22
94.177.52.0/22
103.204.212.0/22
185.221.221.0/24
185.223.58.0/23
185.225.104.0/22
185.243.108.0/22
188.214.93.0/24
188.241.146.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ce:0f:cf:28:42:ff:40:ac:26:b7:e7:23:10:eb:4c:bc:66:
37:03:bf:83:5e:60:76:94:0b:b5:03:f0:67:f5:83:54:54:f9:
91:c9:f3:68:bc:9a:ba:9d:f5:d8:6c:e7:6c:e8:87:9c:81:34:
9e:06:3e:e9:73:3d:88:ca:aa:08:b4:f6:9b:ea:0c:be:19:70:
08:a1:c1:64:48:db:37:12:52:c3:fe:58:af:c2:21:4c:53:95:
62:43:80:ad:7b:1c:42:6e:5b:83:37:5e:e7:bc:77:2b:57:99:
dc:e2:32:c0:19:e5:79:a5:1e:c2:0c:51:f9:3c:08:ac:b7:68:
c2:cc:59:ed:d2:d7:65:1b:15:e6:7b:af:02:00:29:06:f7:68:
fb:74:05:6d:4f:16:28:6e:36:9a:aa:fb:97:df:84:f1:f1:14:
88:55:51:39:30:09:ec:aa:0c:40:5d:a1:a8:f0:92:d6:3b:bb:
65:cd:df:bc:0f:64:76:97:9a:7e:ef:97:42:55:51:48:ff:0a:
98:e7:0d:75:84:ff:b9:3b:c1:25:37:12:d1:3b:1f:49:64:a9:
ed:3e:3c:78:10:8f:97:c4:53:d7:d7:6f:a5:cb:61:51:b9:16:
6d:49:f7:18:fb:8f:84:b9:0a:bf:c2:c3:81:6c:52:b4:05:d5:
80:9f:6e:09
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzGuRBr/TSI6tRv07GzZk+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdmZjQyYzM3MDFkMmVhYTI1OTFmN2EwOGViMDI1ZDRjZTM5NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuqsnGBpZs9KrS7UskfjP/nl1Qnq
Q9DWHzXDEmpQ16WGT6wnrAYPdak7N5Vb1VTrp4Rse7/IKWGw3OYnB8Q9+9NLP5Wp
+JmJUXEQBgjZ6IG8C1GJfxlTFxU9Tf09fxfuzCU7DTz8xjMV4v/5hB5n0PL7jMVS
upNplWkbiWypN1o+Nk6saa/Srr0i5hKVWt6kZ4NxKk2KW6MK0UQ9GiR5/olpib45
ftA292hxvPqFnUeaprlxXqw55MFzCrvoRVLthTRxAkrSGIlUsdHKaXr+LqEhfrJb
zCB/3yGHCRzDDVNWUKB8yzzMAoYmA/0jD2zxjKoMEOcnWTkAdZJgtCCNIQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFOB/9Cw3AdLqolkfegjrAl1M45ZnMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvNEhfMExEY0IwdXFpV1I5NkNPc0NYVXpqbG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAHw7b
AwQBHw7sAwQCTV90AwQATooQAwQATooeAwQAWSCBAwQAWSIHAwQAWSk+AwQAWSxz
AwQAWSz1AwQAXrCjAwQCXrDYAwQCXrE0AwQCZ8zUAwQAud3dAwQBud86AwQCueFo
AwQCufNsAwQAvNZdAwQAvPGSMA0GCSqGSIb3DQEBCwUAA4IBAQBczg/PKEL/QKwm
t+cjEOtMvGY3A7+DXmB2lAu1A/Bn9YNUVPmRyfNovJq6nfXYbOds6IecgTSeBj7p
cz2IyqoItPab6gy+GXAIocFkSNs3ElLD/livwiFMU5ViQ4CtexxCbluDN17nvHcr
V5nc4jLAGeV5pR7CDFH5PAist2jCzFnt0tdlGxXme68CACkG92j7dAVtTxYobjaa
qvuX34Tx8RSIVVE5MAnsqgxAXaGo8JLWO7tlzd+8D2R2l5p+75dCVVFI/wqY5w11
hP+5O8ElNxLROx9JZKntPjx4EI+XxFPX12+ly2FRuRZtSfcY+4+EuQq/wsOBbFK0
BdWAn24J
-----END CERTIFICATE-----
Generated at Fri May 24 13:06:11 2024 by rpki-client on console-ams.rpki-client.org