Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/4kCyuSPPrXsbU9QOAHaicAmHwD0.roa
File: 4kCyuSPPrXsbU9QOAHaicAmHwD0.roa (raw, json)
Hash identifier: UItrJSqbNqJpjVkVyURO/DW/ecr4i3goD+N+znJcDDg=
Subject key identifier: E2:40:B2:B9:23:CF:AD:7B:1B:53:D4:0E:00:76:A2:70:09:87:C0:3D
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 019424B38F30AE04183262660AEEE7E8DEC1
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/4kCyuSPPrXsbU9QOAHaicAmHwD0.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56910
IP address blocks: 31.177.56.0/21 maxlen: 24
86.106.173.0/24 maxlen: 24
91.220.184.0/24 maxlen: 24
185.4.236.0/22 maxlen: 24
185.36.232.0/22 maxlen: 24
185.106.36.0/22 maxlen: 24
185.109.16.0/22 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8f:30:ae:04:18:32:62:66:0a:ee:e7:e8:de:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e240b2b923cfad7b1b53d40e0076a2700987c03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2f:46:14:fe:e4:f2:65:fb:0e:d5:33:2c:34:
0f:e8:90:d2:29:29:86:e9:fb:86:74:fa:35:b2:6f:
de:7a:ec:c2:db:e8:27:eb:5a:14:ca:18:2a:3c:b7:
3c:ee:e4:fb:dc:c8:53:bf:5f:15:fd:72:33:22:2d:
75:0e:4e:23:47:77:b7:5a:8a:96:64:32:6c:78:82:
0b:38:7e:6d:13:ea:45:f4:78:f1:94:5a:62:95:46:
53:6f:fc:92:3b:81:a6:86:3d:e7:8d:a1:b9:1f:af:
6b:e9:42:44:5c:a4:e2:62:a2:af:9b:31:0a:86:92:
4d:9d:6e:a5:de:55:b4:a1:23:00:7f:0e:72:4b:8c:
6c:d1:82:0d:c0:27:e9:e3:53:b2:f1:7e:d6:68:a3:
95:68:9f:d7:94:01:56:7f:4c:8c:06:4c:0a:8b:c6:
81:20:7f:7d:32:30:b1:49:cd:61:0d:99:41:40:66:
bc:71:58:02:97:13:a2:f0:64:43:16:8f:1e:fd:6a:
70:8a:d5:d1:37:70:03:7b:1b:30:d7:92:60:47:52:
97:a2:d5:80:72:6d:79:c9:0b:94:70:58:ad:01:1a:
1f:08:3e:8b:0a:2a:21:cb:eb:e6:b3:32:66:ac:db:
1d:bd:36:e3:aa:ec:db:79:6c:c8:5e:d7:1e:de:01:
40:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:40:B2:B9:23:CF:AD:7B:1B:53:D4:0E:00:76:A2:70:09:87:C0:3D
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/4kCyuSPPrXsbU9QOAHaicAmHwD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
86.106.173.0/24
91.220.184.0/24
185.4.236.0/22
185.36.232.0/22
185.106.36.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
55:46:fd:88:1b:ee:5f:2d:96:3b:38:9c:35:d0:6a:dd:a1:ba:
a7:89:02:28:db:73:87:e2:9a:67:b0:6e:69:0a:29:53:b0:16:
14:b7:c0:64:a3:22:68:be:90:95:22:89:ad:98:b3:4f:1b:aa:
a6:43:78:3a:bc:e5:5b:ca:6c:0b:02:ec:04:7e:96:26:29:2e:
f3:70:ff:70:df:d5:0d:91:ee:ed:dc:10:3a:87:3b:8d:ed:ef:
f1:6e:ce:ce:2f:95:4d:8d:9d:b4:d1:8c:bd:db:4b:d1:93:84:
44:df:f9:fb:36:2b:98:0a:63:da:85:6e:27:3c:93:de:d2:f2:
52:4f:47:b7:64:d1:99:e1:90:e7:c3:7d:d3:2e:d3:3f:7e:73:
84:21:2a:25:d3:bf:99:5c:0d:03:44:a4:bc:7a:af:42:3f:96:
10:1e:0d:14:23:3a:af:b8:cf:b9:fd:fa:a1:f8:d3:32:20:cd:
d9:4d:1b:7d:c3:a1:10:1d:e9:16:4e:d7:ab:49:36:22:e9:b2:
12:c9:59:67:55:a5:4f:dc:1f:d5:fa:c1:39:1f:6b:dc:3f:4b:
0a:35:ab:93:f7:72:ab:1f:81:07:a4:fb:7d:8b:95:ab:a4:db:
14:55:7e:94:2a:78:e4:33:e3:4c:b7:4c:99:f1:1d:e7:47:85:
83:69:f3:33
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQks48wrgQYMmJmCu7n6N7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQwYjJiOTIzY2ZhZDdiMWI1M2Q0MGUwMDc2YTI3MDA5ODdjMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy9GFP7k8mX7DtUzLDQP6JDSKSmG
6fuGdPo1sm/eeuzC2+gn61oUyhgqPLc87uT73MhTv18V/XIzIi11Dk4jR3e3WoqW
ZDJseIILOH5tE+pF9HjxlFpilUZTb/ySO4Gmhj3njaG5H69r6UJEXKTiYqKvmzEK
hpJNnW6l3lW0oSMAfw5yS4xs0YINwCfp41Oy8X7WaKOVaJ/XlAFWf0yMBkwKi8aB
IH99MjCxSc1hDZlBQGa8cVgClxOi8GRDFo8e/WpwitXRN3ADexsw15JgR1KXotWA
cm15yQuUcFitARofCD6LCiohy+vmszJmrNsdvTbjquzbeWzIXtce3gFAgQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOJAsrkjz617G1PUDgB2onAJh8A9MB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvNGtDeXVTUFByWHNiVTlRT0FIYWljQW1Id0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDH7E4AwQA
VmqtAwQAW9y4AwQCuQTsAwQCuSToAwQCuWokAwQCuW0QAwQAvNZ/MA0EAgACMAcD
BQMqBD4AMA0GCSqGSIb3DQEBCwUAA4IBAQBVRv2IG+5fLZY7OJw10GrdobqniQIo
23OH4ppnsG5pCilTsBYUt8BkoyJovpCVIomtmLNPG6qmQ3g6vOVbymwLAuwEfpYm
KS7zcP9w39UNke7t3BA6hzuN7e/xbs7OL5VNjZ200Yy920vRk4RE3/n7NiuYCmPa
hW4nPJPe0vJST0e3ZNGZ4ZDnw33TLtM/fnOEISol07+ZXA0DRKS8eq9CP5YQHg0U
IzqvuM+5/fqh+NMyIM3ZTRt9w6EQHekWTterSTYi6bISyVlnVaVP3B/V+sE5H2vc
P0sKNauT93KrH4EHpPt9i5WrpNsUVX6UKnjkM+NMt0yZ8R3nR4WDafMz
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:23 2025 by rpki-client