Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/4iHRyEi4oML9qF8_4SWac0QPN7E.roa
File: 4iHRyEi4oML9qF8_4SWac0QPN7E.roa (raw, json)
Hash identifier: rRiJg8iO1A+UhEODSfZ94GbymzhOMFniuGiiIyh2vxk=
Subject key identifier: E2:21:D1:C8:48:B8:A0:C2:FD:A8:5F:3F:E1:25:9A:73:44:0F:37:B1
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 0190E1572BF99E6768DA738CF9B15304E5A9
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/4iHRyEi4oML9qF8_4SWac0QPN7E.roa
Signing time: Tue 23 Jul 2024 20:45:04 +0000
ROA not before: Tue 23 Jul 2024 20:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214529
IP address blocks: 84.247.29.0/24 maxlen: 24
84.247.55.0/24 maxlen: 24
84.247.56.0/24 maxlen: 24
86.107.31.0/24 maxlen: 24
89.40.77.0/24 maxlen: 24
94.176.128.0/24 maxlen: 24
188.211.27.0/24 maxlen: 24
188.211.30.0/24 maxlen: 24
188.211.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e1:57:2b:f9:9e:67:68:da:73:8c:f9:b1:53:04:e5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jul 23 20:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e221d1c848b8a0c2fda85f3fe1259a73440f37b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dc:9c:c8:10:19:26:7b:b1:7d:de:47:30:31:
fb:8c:9a:67:a5:10:9e:11:94:5e:fe:ff:60:e0:4a:
15:99:64:2b:81:b6:7c:7a:94:c0:a4:ec:29:7a:12:
e1:a4:08:1f:5d:80:89:e2:c4:5d:c8:48:d3:e2:83:
fb:44:fe:85:ee:c9:f4:2f:e6:51:21:08:d0:3f:b3:
3f:b2:f9:56:72:ad:6e:a7:ee:66:ae:cc:44:2c:3f:
d9:23:82:a7:ed:57:f1:cf:50:f3:17:33:f0:73:55:
35:6b:7b:7d:29:ee:94:70:58:97:ab:c7:3c:94:a2:
28:17:10:95:2c:32:9e:53:76:4f:be:d8:12:df:af:
6d:58:6a:80:5c:8c:4d:cb:33:49:16:bc:78:b8:ed:
05:76:90:16:da:6e:85:8c:8b:50:7a:38:25:2a:01:
0f:f7:17:01:18:87:91:8d:e3:49:d4:32:5d:d6:7c:
75:65:dc:0d:11:8d:55:a7:92:94:2c:84:0c:84:8c:
9b:9e:a2:56:05:cf:f1:d3:f4:1e:8d:32:5f:df:74:
ea:e3:20:a4:67:d5:1d:d1:fd:2b:bd:b4:9b:32:ed:
27:77:15:96:9e:7f:7a:b1:a5:2c:58:38:e4:f3:1b:
13:be:52:74:99:8f:e2:38:91:a1:e2:bc:bb:ec:9b:
7e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:21:D1:C8:48:B8:A0:C2:FD:A8:5F:3F:E1:25:9A:73:44:0F:37:B1
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/4iHRyEi4oML9qF8_4SWac0QPN7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.29.0/24
84.247.55.0-84.247.56.255
86.107.31.0/24
89.40.77.0/24
94.176.128.0/24
188.211.27.0/24
188.211.30.0/23
Signature Algorithm: sha256WithRSAEncryption
23:4e:c2:81:37:26:08:8d:b8:ae:ec:91:32:0a:d6:53:c4:8e:
51:33:3b:25:e7:3b:f9:82:9b:b1:b8:2b:e3:85:2c:8a:aa:86:
76:b4:69:eb:90:82:31:43:39:35:35:03:b7:4d:ed:2a:9f:13:
6f:a7:e4:bc:9e:95:76:d3:b0:a8:5c:b6:b2:3f:5b:17:ac:cc:
73:6c:71:98:81:59:bb:21:3f:cf:05:b8:ca:87:d1:d2:7d:bc:
62:1b:fb:7a:0d:14:a5:13:17:32:1b:2a:40:ce:6e:5c:12:fd:
e4:7c:69:20:2e:df:11:b5:f1:0c:23:fe:7a:c3:df:02:61:e5:
b1:75:df:0e:9e:04:16:09:e3:e4:a8:fc:6b:03:dd:39:8e:50:
d2:40:b4:c9:88:33:2a:15:d8:2d:b4:e6:98:30:83:bb:91:45:
7b:5e:e2:aa:4c:76:90:f0:3f:b0:87:4b:3c:c7:3a:31:77:8a:
c8:d9:e3:e6:c0:73:d1:bf:6c:e3:20:30:f0:64:f1:9a:71:b0:
d4:54:7f:13:06:31:d7:41:c2:a9:4a:29:17:de:7c:c3:32:6d:
cf:6e:aa:07:7a:a1:66:e2:62:b3:c6:49:af:3b:3a:0f:b0:b3:
72:c3:04:89:c3:70:a0:f1:e6:95:f9:f9:05:d3:73:20:8f:87:
4a:9f:6f:57
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZDhVyv5nmdo2nOM+bFTBOWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwNzIzMjA0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjIxZDFjODQ4YjhhMGMyZmRhODVmM2ZlMTI1OWE3MzQ0MGYzN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NycyBAZJnuxfd5HMDH7jJpnpRCe
EZRe/v9g4EoVmWQrgbZ8epTApOwpehLhpAgfXYCJ4sRdyEjT4oP7RP6F7sn0L+ZR
IQjQP7M/svlWcq1up+5mrsxELD/ZI4Kn7Vfxz1DzFzPwc1U1a3t9Ke6UcFiXq8c8
lKIoFxCVLDKeU3ZPvtgS369tWGqAXIxNyzNJFrx4uO0FdpAW2m6FjItQejglKgEP
9xcBGIeRjeNJ1DJd1nx1ZdwNEY1Vp5KULIQMhIybnqJWBc/x0/QejTJf33Tq4yCk
Z9Ud0f0rvbSbMu0ndxWWnn96saUsWDjk8xsTvlJ0mY/iOJGh4ry77Jt++QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOIh0chIuKDC/ahfP+ElmnNEDzexMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvNGlIUnlFaTRvTUw5cUY4XzRTV2FjMFFQTjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVPcdMAwD
BABU9zcDBABU9zgDBABWax8DBABZKE0DBABesIADBAC80xsDBAG80x4wDQYJKoZI
hvcNAQELBQADggEBACNOwoE3JgiNuK7skTIK1lPEjlEzOyXnO/mCm7G4K+OFLIqq
hna0aeuQgjFDOTU1A7dN7SqfE2+n5LyelXbTsKhctrI/WxeszHNscZiBWbshP88F
uMqH0dJ9vGIb+3oNFKUTFzIbKkDOblwS/eR8aSAu3xG18Qwj/nrD3wJh5bF13w6e
BBYJ4+So/GsD3TmOUNJAtMmIMyoV2C205pgwg7uRRXte4qpMdpDwP7CHSzzHOjF3
isjZ4+bAc9G/bOMgMPBk8ZpxsNRUfxMGMddBwqlKKRfefMMybc9uqgd6oWbiYrPG
Sa87Og+ws3LDBInDcKDx5pX5+QXTcyCPh0qfb1c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org