Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/4M6IjdeVGJ1aeRg2PKwHonDq6BM.roa
File: 4M6IjdeVGJ1aeRg2PKwHonDq6BM.roa (raw, json)
Hash identifier: CtkTzPsETO4hp/k2CgyRwxxSQYTsGk0i6sJn9kSm7LU=
Subject key identifier: E0:CE:88:8D:D7:95:18:9D:5A:79:18:36:3C:AC:07:A2:70:EA:E8:13
Certificate issuer: /CN=a633725cd5dd91cf190ab3a99526e898357856ef
Certificate serial: 018F77812E6C3D46B6F853F9599CBF09E69F
Authority key identifier: A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/4M6IjdeVGJ1aeRg2PKwHonDq6BM.roa
Signing time: Tue 14 May 2024 14:28:25 +0000
ROA not before: Tue 14 May 2024 14:28:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15495
IP address blocks: 91.213.221.0/24 maxlen: 24
128.246.0.0/16 maxlen: 24
141.6.0.0/16 maxlen: 24
193.23.152.0/22 maxlen: 24
195.234.178.0/24 maxlen: 24
2a03:5680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:81:2e:6c:3d:46:b6:f8:53:f9:59:9c:bf:09:e6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a633725cd5dd91cf190ab3a99526e898357856ef
Validity
Not Before: May 14 14:28:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0ce888dd795189d5a7918363cac07a270eae813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f9:f8:39:44:9e:03:ce:bd:ab:0a:e2:48:6a:
1f:c7:ea:9d:e5:ee:18:ea:33:8e:35:47:02:9b:f7:
a1:72:c1:3b:e5:4b:4b:0f:68:7a:42:69:44:9e:19:
2d:0b:d4:c5:50:8c:29:22:6d:0f:43:f2:f5:f1:4e:
43:ba:da:ea:94:39:f5:ac:25:42:c1:8e:63:47:0a:
1e:27:61:b6:03:c3:8e:bb:62:c9:63:42:c3:f0:1e:
99:ce:be:fe:6b:73:39:23:55:8f:98:db:98:fd:78:
d6:8b:52:1a:df:56:eb:27:4b:d3:31:14:fa:68:bb:
c9:62:2c:40:73:d8:46:71:96:5d:24:eb:53:04:c7:
81:fa:16:88:1d:3d:be:66:bd:9b:f8:a1:75:fb:a7:
03:e3:87:1b:2a:5d:1b:c5:6e:67:ca:49:74:9c:43:
43:b9:ee:05:6e:85:f1:4d:fc:5a:03:54:ce:cf:c1:
29:5d:d8:13:b6:86:df:a4:dd:2b:5f:35:4e:06:a2:
d8:c2:7d:c3:45:90:7d:da:48:23:45:56:8b:a9:94:
4d:94:f2:8b:2d:1b:5e:28:23:41:15:74:d8:83:19:
0a:49:eb:49:c3:58:28:0f:18:e2:cf:ed:4d:58:8d:
8d:2f:c6:c0:9c:05:bf:19:a7:80:e4:b3:3f:16:24:
68:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CE:88:8D:D7:95:18:9D:5A:79:18:36:3C:AC:07:A2:70:EA:E8:13
X509v3 Authority Key Identifier:
keyid:A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/4M6IjdeVGJ1aeRg2PKwHonDq6BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.221.0/24
128.246.0.0/16
141.6.0.0/16
193.23.152.0/22
195.234.178.0/24
IPv6:
2a03:5680::/32
Signature Algorithm: sha256WithRSAEncryption
3e:f2:e6:19:0e:18:6f:08:17:fd:36:32:03:73:99:47:b1:72:
2d:af:f9:ba:70:08:c5:c0:8b:ac:0e:d2:5c:d7:53:cf:9e:6c:
dc:40:de:f4:51:f0:6c:20:86:a0:ea:07:0a:06:24:d9:be:df:
98:72:3a:30:7d:ac:3d:7e:c5:83:c3:7b:5b:4d:d3:15:47:08:
35:fd:c9:84:d0:3a:fd:ab:13:1b:46:1c:72:bd:a7:c1:62:1c:
51:bd:32:e8:c3:22:54:d9:56:bd:d9:2b:67:6f:a1:06:51:c5:
f5:32:19:b5:c3:01:99:03:33:3a:2c:6c:ae:f6:aa:e8:ad:58:
51:7c:b7:d4:2a:5a:0b:6c:d3:65:42:2e:25:23:49:05:0a:df:
a2:70:49:3d:51:4a:85:0e:2e:72:72:bc:5c:8f:cf:8a:59:41:
22:0c:17:e4:9e:40:f0:19:a5:c7:1e:f7:b0:b9:b9:aa:8f:31:
39:ba:a2:bb:b9:2e:91:49:2e:e7:2a:58:84:59:6b:99:b7:01:
1e:8d:24:c3:62:fa:41:88:e3:56:5e:76:7f:79:20:c6:9d:62:
1c:55:8e:64:e9:e4:3f:34:3a:9f:f4:cc:43:0d:7b:9c:bc:45:
37:d1:35:f0:93:a4:84:e2:83:d2:27:04:92:9c:72:ac:be:f6:
02:59:1b:ad
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY93gS5sPUa2+FP5WZy/CeafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzM3MjVjZDVkZDkxY2YxOTBhYjNhOTk1MjZlODk4MzU3
ODU2ZWYwHhcNMjQwNTE0MTQyODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNlODg4ZGQ3OTUxODlkNWE3OTE4MzYzY2FjMDdhMjcwZWFlODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvn4OUSeA869qwriSGofx+qd5e4Y
6jOONUcCm/ehcsE75UtLD2h6QmlEnhktC9TFUIwpIm0PQ/L18U5DutrqlDn1rCVC
wY5jRwoeJ2G2A8OOu2LJY0LD8B6Zzr7+a3M5I1WPmNuY/XjWi1Ia31brJ0vTMRT6
aLvJYixAc9hGcZZdJOtTBMeB+haIHT2+Zr2b+KF1+6cD44cbKl0bxW5nykl0nEND
ue4FboXxTfxaA1TOz8EpXdgTtobfpN0rXzVOBqLYwn3DRZB92kgjRVaLqZRNlPKL
LRteKCNBFXTYgxkKSetJw1goDxjiz+1NWI2NL8bAnAW/GaeA5LM/FiRouwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFODOiI3XlRidWnkYNjysB6Jw6ugTMB8GA1UdIwQY
MBaAFKYzclzV3ZHPGQqzqZUm6Jg1eFbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAt
YzBiODEzYjRlYzdlLzEvNE02SWpkZVZHSjFhZVJnMlBLd0hvbkRxNkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAtYzBiODEzYjRlYzdl
LzEvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcAwQAW9XdAwMA
gPYDAwCNBgMEAsEXmAMEAMPqsjANBAIAAjAHAwUAKgNWgDANBgkqhkiG9w0BAQsF
AAOCAQEAPvLmGQ4YbwgX/TYyA3OZR7FyLa/5unAIxcCLrA7SXNdTz55s3EDe9FHw
bCCGoOoHCgYk2b7fmHI6MH2sPX7Fg8N7W03TFUcINf3JhNA6/asTG0Yccr2nwWIc
Ub0y6MMiVNlWvdkrZ2+hBlHF9TIZtcMBmQMzOixsrvaq6K1YUXy31CpaC2zTZUIu
JSNJBQrfonBJPVFKhQ4ucnK8XI/PillBIgwX5J5A8Bmlxx73sLm5qo8xObqiu7ku
kUku5ypYhFlrmbcBHo0kw2L6QYjjVl52f3kgxp1iHFWOZOnkPzQ6n/TMQw17nLxF
N9E18JOkhOKD0icEkpxyrL72AlkbrQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:05 2024 by rpki-client on console-fra.rpki-client.org