Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/4AONvUIgu-UD4yMbZZAG5OP8h7c.roa
File: 4AONvUIgu-UD4yMbZZAG5OP8h7c.roa (raw, json)
Hash identifier: nyTeSKycaWs6mteM6cJP6/AmhK6OrW9T2hNwvkdjBLE=
Subject key identifier: E0:03:8D:BD:42:20:BB:E5:03:E3:23:1B:65:90:06:E4:E3:FC:87:B7
Certificate issuer: /CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Certificate serial: 018CC86F1269961D475F2DA592EBFE3C48B6
Authority key identifier: 65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/4AONvUIgu-UD4yMbZZAG5OP8h7c.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56510
IP address blocks: 91.235.174.0/24 maxlen: 24
195.88.202.0/23 maxlen: 23
195.69.225.0/24 maxlen: 24
188.227.204.0/22 maxlen: 22
185.38.103.0/24 maxlen: 24
2a02:7f84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/ZboV1Huk9EgnZEctjZcUah67v4Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/ZboV1Huk9EgnZEctjZcUah67v4Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:12:69:96:1d:47:5f:2d:a5:92:eb:fe:3c:48:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0038dbd4220bbe503e3231b659006e4e3fc87b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:52:c2:33:1f:be:9c:3c:da:58:62:03:b7:1f:
53:15:04:e7:60:e0:b7:72:20:ba:15:6f:04:e3:70:
ce:c3:c3:94:f5:5f:56:75:4b:db:a0:0b:05:e2:38:
43:fd:76:4a:32:54:a3:f6:7a:03:6d:9d:4c:c4:52:
59:d1:fd:b9:aa:23:a5:73:62:67:ff:ed:7f:de:78:
b0:c9:36:be:3d:28:21:7e:66:ce:32:6d:7e:d0:2a:
68:34:d3:f8:e0:5e:9d:f5:29:08:37:df:a0:50:1e:
e3:79:63:8c:e6:88:ed:c0:d0:7c:c0:5d:fc:93:7d:
8c:2d:30:bd:4e:ad:2d:31:1e:4c:e1:fc:4a:c7:ea:
b0:76:db:4c:cf:59:18:c5:fb:fd:fc:23:42:e7:1e:
d9:7a:b4:c5:c7:de:43:35:99:fc:80:83:c0:4e:37:
87:90:de:00:19:e6:3b:3a:c9:fb:99:5f:cc:81:c5:
85:4d:6d:45:45:a5:1c:25:92:20:b3:3f:52:a4:cf:
5c:40:ca:df:19:b6:fb:a8:8a:49:22:04:36:b6:16:
6f:25:51:28:f7:66:e4:d0:02:a6:32:9f:9e:83:f6:
f0:d0:5e:7d:b2:96:0b:be:fb:47:65:f9:fe:dd:31:
27:32:d6:b7:16:60:df:7f:6d:e9:df:99:67:e8:4c:
cb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:03:8D:BD:42:20:BB:E5:03:E3:23:1B:65:90:06:E4:E3:FC:87:B7
X509v3 Authority Key Identifier:
keyid:65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/4AONvUIgu-UD4yMbZZAG5OP8h7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/ZboV1Huk9EgnZEctjZcUah67v4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.174.0/24
185.38.103.0/24
188.227.204.0/22
195.69.225.0/24
195.88.202.0/23
IPv6:
2a02:7f84::/30
Signature Algorithm: sha256WithRSAEncryption
7d:11:58:95:6b:de:02:85:48:45:a9:7d:c0:8c:8e:62:0b:24:
76:88:eb:85:b0:18:33:bd:0b:1c:27:02:e0:b2:28:30:b4:b9:
a7:e8:1c:ed:0b:20:af:c0:e8:9f:c2:c9:83:0f:10:7a:5d:79:
19:a0:06:dd:15:18:9c:a1:07:b7:ff:04:d8:46:91:f8:d6:a2:
c3:41:fd:24:a3:19:64:8c:63:d2:0a:d3:4a:63:b4:d6:85:9f:
79:85:80:c6:af:a4:d8:5f:36:b4:c2:bd:51:fb:d6:ad:f1:28:
15:ce:bb:a2:81:d9:3a:60:d3:0a:eb:4b:54:10:e0:79:00:6e:
e4:55:dd:9a:43:96:e3:8b:5a:bf:8f:48:82:3d:55:34:92:b4:
09:65:c3:98:72:c4:b0:1a:74:07:a9:0d:ab:d8:5d:ea:e9:1c:
e0:75:46:91:cf:d6:ed:fa:dd:16:ec:da:7a:26:4c:65:1d:35:
94:26:4e:29:49:6c:cd:03:2d:f2:47:23:fc:67:3a:0e:17:91:
07:70:1c:b6:c8:d7:65:7c:e4:84:a9:f3:94:9f:82:e0:7a:2b:
84:70:30:bb:b2:9e:20:fa:99:9d:74:e4:63:b2:dc:88:02:27:
7e:09:4d:e6:75:2d:1a:d9:d4:be:e3:44:43:50:32:e8:06:65:
9d:88:f2:9a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzIbxJplh1HXy2lkuv+PEi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmExNWQ0N2JhNGY0NDgyNzY0NDcyZDhkOTcxNDZhMWVi
YmJmODYwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDAzOGRiZDQyMjBiYmU1MDNlMzIzMWI2NTkwMDZlNGUzZmM4N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVLCMx++nDzaWGIDtx9TFQTnYOC3
ciC6FW8E43DOw8OU9V9WdUvboAsF4jhD/XZKMlSj9noDbZ1MxFJZ0f25qiOlc2Jn
/+1/3niwyTa+PSghfmbOMm1+0CpoNNP44F6d9SkIN9+gUB7jeWOM5ojtwNB8wF38
k32MLTC9Tq0tMR5M4fxKx+qwdttMz1kYxfv9/CNC5x7ZerTFx95DNZn8gIPATjeH
kN4AGeY7Osn7mV/MgcWFTW1FRaUcJZIgsz9SpM9cQMrfGbb7qIpJIgQ2thZvJVEo
92bk0AKmMp+eg/bw0F59spYLvvtHZfn+3TEnMta3FmDff23p35ln6EzLowIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOADjb1CILvlA+MjG2WQBuTj/Ie3MB8GA1UdIwQY
MBaAFGW6FdR7pPRIJ2RHLY2XFGoeu7+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJvVjFIdWs5RWduWkVjdGpaY1VhaDY3djRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zMDkwZGMtN2QyOC00MjI4LTgzODAt
ZmUzYjkxOGMzMDk3LzEvNEFPTnZVSWd1LVVENHlNYlpaQUc1T1A4aDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zMDkwZGMtN2QyOC00MjI4LTgzODAtZmUzYjkxOGMzMDk3
LzEvWmJvVjFIdWs5RWduWkVjdGpaY1VhaDY3djRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW+uuAwQA
uSZnAwQCvOPMAwQAw0XhAwQBw1jKMA0EAgACMAcDBQIqAn+EMA0GCSqGSIb3DQEB
CwUAA4IBAQB9EViVa94ChUhFqX3AjI5iCyR2iOuFsBgzvQscJwLgsigwtLmn6Bzt
CyCvwOifwsmDDxB6XXkZoAbdFRicoQe3/wTYRpH41qLDQf0koxlkjGPSCtNKY7TW
hZ95hYDGr6TYXza0wr1R+9at8SgVzruigdk6YNMK60tUEOB5AG7kVd2aQ5bji1q/
j0iCPVU0krQJZcOYcsSwGnQHqQ2r2F3q6RzgdUaRz9bt+t0W7Np6JkxlHTWUJk4p
SWzNAy3yRyP8ZzoOF5EHcBy2yNdlfOSEqfOUn4LgeiuEcDC7sp4g+pmddORjstyI
Aid+CU3mdS0a2dS+40RDUDLoBmWdiPKa
-----END CERTIFICATE-----
Generated at Wed Nov 27 06:04:12 2024 by rpki-client on console-fra.rpki-client.org