Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/4WpPrtCE_7rknq0aVZe7A_ulG4U.roa
File: 4WpPrtCE_7rknq0aVZe7A_ulG4U.roa (raw, json)
Hash identifier: x5ojkzK45OALUxTmtNfEYqD//j0ZQux2Ceu/uvGos/I=
Subject key identifier: E1:6A:4F:AE:D0:84:FF:BA:E4:9E:AD:1A:55:97:BB:03:FB:A5:1B:85
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348ACC164A587F8816107AC4A36E2FB
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/4WpPrtCE_7rknq0aVZe7A_ulG4U.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211249
IP address blocks: 193.140.4.0/22 maxlen: 22
193.140.2.0/23 maxlen: 23
193.140.1.0/24 maxlen: 24
193.255.112.0/21 maxlen: 21
95.183.138.0/23 maxlen: 23
194.27.96.0/22 maxlen: 22
194.27.92.0/22 maxlen: 22
194.27.100.0/23 maxlen: 23
95.183.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ac:c1:64:a5:87:f8:81:61:07:ac:4a:36:e2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e16a4faed084ffbae49ead1a5597bb03fba51b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:69:72:ac:3b:1d:37:a9:6a:de:ce:85:66:9d:
35:ad:dd:aa:96:25:02:08:a1:77:bb:e8:5b:66:b3:
ba:37:5a:9d:3f:c0:40:76:e5:2c:0b:23:54:ff:d5:
25:37:88:9a:ec:ef:5c:8d:79:7e:f7:e1:cd:f6:29:
bf:4f:4d:06:18:ad:c6:f3:88:16:c7:7d:db:5b:9a:
3a:dc:fa:07:af:33:a7:25:8a:de:52:1d:54:69:65:
ad:25:83:a5:42:82:ab:57:c7:37:85:d5:92:e5:40:
58:8d:dd:20:bd:c0:8b:82:18:8b:78:86:10:c8:1d:
5b:38:a3:f2:01:9e:d2:83:28:7f:45:4a:76:46:5c:
46:83:31:f5:5a:1c:4e:95:f7:8b:15:f5:fc:86:2a:
98:24:b7:1d:12:8e:14:12:1d:f3:48:66:ca:ed:39:
14:d8:05:6b:49:2e:95:98:98:d5:79:57:59:4a:90:
0f:84:eb:9b:5f:93:c8:89:ce:89:f6:45:b2:9b:06:
8d:ee:b1:f3:b2:39:05:a1:68:d5:6f:9b:dc:1b:b6:
d3:3a:47:da:e0:50:fb:7c:6c:57:95:75:5f:c2:50:
61:4c:dc:6a:2b:44:17:0c:6a:39:4e:1c:b3:dd:0b:
f8:3e:df:35:f4:04:30:ee:78:47:3c:07:f8:05:da:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6A:4F:AE:D0:84:FF:BA:E4:9E:AD:1A:55:97:BB:03:FB:A5:1B:85
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/4WpPrtCE_7rknq0aVZe7A_ulG4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.183.138.0/23
95.183.192.0/22
193.140.1.0-193.140.7.255
193.255.112.0/21
194.27.92.0-194.27.101.255
Signature Algorithm: sha256WithRSAEncryption
ae:a9:b7:0a:f3:2f:e2:82:6e:3d:cd:91:13:e0:64:6d:1e:85:
6b:65:49:58:de:4b:16:b8:e2:a3:fa:b0:09:93:42:ab:3a:ef:
5a:7d:98:f3:10:76:ad:d0:e7:26:bf:ab:5b:07:5c:05:bf:2e:
08:7d:35:bb:10:6e:26:71:09:35:af:5b:ee:bc:ba:a9:04:0d:
43:b7:e5:fe:5a:3e:a4:fd:64:95:70:18:79:97:1b:63:95:45:
60:63:94:7c:b8:9b:08:90:72:70:e4:9a:c4:20:47:e0:c5:27:
94:1f:5d:a4:6b:8d:89:66:49:4f:93:92:5d:1c:72:bc:92:56:
6e:9b:ff:04:7a:4a:3d:d8:ed:b0:74:62:25:1c:bb:47:ec:c9:
79:bf:dc:fe:74:28:4f:bd:9b:e2:fe:3d:7e:25:7c:bd:41:91:
2f:78:c1:95:f8:b3:5c:b6:3c:9b:d4:40:04:27:e3:64:ad:c7:
e2:73:36:9e:d2:aa:e2:36:08:ee:7e:a9:89:90:e8:c1:6b:09:
46:23:fe:ee:14:ca:23:db:90:e1:48:ff:dd:ff:b9:f3:8e:ca:
c4:e4:93:81:30:ed:f7:9b:23:b8:96:e1:41:bc:35:f9:31:63:
83:94:59:b0:6c:e3:63:de:11:f8:91:4a:3b:86:d2:b5:52:12:
00:0b:fa:61
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDSKzBZKWH+IFhB6xKNuL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTZhNGZhZWQwODRmZmJhZTQ5ZWFkMWE1NTk3YmIwM2ZiYTUxYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2lyrDsdN6lq3s6FZp01rd2qliUC
CKF3u+hbZrO6N1qdP8BAduUsCyNU/9UlN4ia7O9cjXl+9+HN9im/T00GGK3G84gW
x33bW5o63PoHrzOnJYreUh1UaWWtJYOlQoKrV8c3hdWS5UBYjd0gvcCLghiLeIYQ
yB1bOKPyAZ7Sgyh/RUp2RlxGgzH1WhxOlfeLFfX8hiqYJLcdEo4UEh3zSGbK7TkU
2AVrSS6VmJjVeVdZSpAPhOubX5PIic6J9kWymwaN7rHzsjkFoWjVb5vcG7bTOkfa
4FD7fGxXlXVfwlBhTNxqK0QXDGo5Thyz3Qv4Pt819AQw7nhHPAf4BdrxRQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOFqT67QhP+65J6tGlWXuwP7pRuFMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvNFdwUHJ0Q0VfN3JrbnEwYVZaZTdBX3VsRzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBX7eKAwQC
X7fAMAwDBADBjAEDBAPBjAADBAPB/3AwDAMEAsIbXAMEAcIbZDANBgkqhkiG9w0B
AQsFAAOCAQEArqm3CvMv4oJuPc2RE+BkbR6Fa2VJWN5LFrjio/qwCZNCqzrvWn2Y
8xB2rdDnJr+rWwdcBb8uCH01uxBuJnEJNa9b7ry6qQQNQ7fl/lo+pP1klXAYeZcb
Y5VFYGOUfLibCJBycOSaxCBH4MUnlB9dpGuNiWZJT5OSXRxyvJJWbpv/BHpKPdjt
sHRiJRy7R+zJeb/c/nQoT72b4v49fiV8vUGRL3jBlfizXLY8m9RABCfjZK3H4nM2
ntKq4jYI7n6piZDowWsJRiP+7hTKI9uQ4Uj/3f+5847KxOSTgTDt95sjuJbhQbw1
+TFjg5RZsGzjY94R+JFKO4bStVISAAv6YQ==
-----END CERTIFICATE-----
Generated at Sat Jun 22 09:45:19 2024 by rpki-client on console-ams.rpki-client.org