Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Sn5rMJFzBRKO-muU43nfawra2E.roa
File: 4Sn5rMJFzBRKO-muU43nfawra2E.roa (raw, json)
Hash identifier: BpTzuIAlTWbDuYvLW2Z7bfCLkKNBqK4FLOwlJYoxt3w=
Subject key identifier: E1:29:F9:AC:C2:45:CC:14:4A:3B:E9:AE:53:8D:E7:7D:AC:2B:6B:61
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018E66F9D545955DC3B2419C182B2762AEAE
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Sn5rMJFzBRKO-muU43nfawra2E.roa
Signing time: Fri 22 Mar 2024 16:23:52 +0000
ROA not before: Fri 22 Mar 2024 16:23:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 192.145.70.0/24 maxlen: 24
2a0a:8f40:4::/48 maxlen: 48
2a0a:8f40:5::/48 maxlen: 48
2a0a:8f40:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:f9:d5:45:95:5d:c3:b2:41:9c:18:2b:27:62:ae:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 22 16:23:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e129f9acc245cc144a3be9ae538de77dac2b6b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ae:87:23:d8:7c:dd:75:cd:e6:7a:06:60:f2:
f3:c7:68:fa:3d:12:41:0b:a4:5f:ad:55:df:bb:f5:
ad:96:25:c7:c9:6a:5b:80:9c:d5:db:17:c9:08:9d:
f9:80:bf:f7:29:d1:e2:47:23:f9:95:3f:51:34:f3:
bc:11:e9:ad:3c:05:bc:f0:9d:82:9f:0e:7b:8e:83:
33:3c:ac:1d:51:ba:1e:34:3d:66:3b:a6:dc:be:71:
4c:a1:f9:e6:cc:15:bf:07:6f:e5:28:36:aa:1e:0b:
7f:5e:68:fe:ee:be:46:22:87:e7:87:a7:38:d1:ef:
0e:ac:38:10:54:86:25:5d:7a:0a:8d:0d:f4:de:e5:
2c:ef:ed:20:59:6c:43:2b:b8:be:db:81:90:0c:fd:
c5:db:43:82:e1:72:5c:8f:6c:93:26:76:7a:8e:3c:
58:46:8d:9a:51:b5:5d:0c:94:c8:4d:d5:26:89:5a:
ef:88:2d:36:21:2d:3b:e7:3c:c7:2c:62:4a:1d:96:
22:48:05:27:b3:08:af:75:20:dc:22:c2:2f:c2:1b:
93:09:0e:f0:6c:8c:4b:7c:7c:54:12:85:ef:1b:28:
39:e7:47:0c:ed:cc:66:af:c3:75:88:a9:27:cf:d8:
92:19:8c:8d:8e:b3:45:7b:5b:f8:4f:b0:d3:2b:0b:
f1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:29:F9:AC:C2:45:CC:14:4A:3B:E9:AE:53:8D:E7:7D:AC:2B:6B:61
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Sn5rMJFzBRKO-muU43nfawra2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.70.0/24
IPv6:
2a0a:8f40:4::-2a0a:8f40:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:95:7a:01:a3:00:b6:5c:95:c2:d1:89:b3:ed:6c:b3:0f:78:
87:d6:1e:99:d3:3d:b8:d9:d6:31:a1:a2:6a:48:83:75:3c:9a:
a3:78:28:8b:eb:28:64:3e:0f:99:fe:46:29:ee:66:3f:37:fa:
6b:e2:a0:8f:59:06:ed:4a:f3:10:df:62:5a:67:cf:42:7a:36:
50:3d:37:ec:96:b4:b7:78:49:9c:bd:26:ea:ca:56:7b:b6:4f:
57:3c:74:75:a3:a6:25:e9:4f:7f:9e:b2:3d:63:95:1b:4d:b3:
88:df:3d:c5:c1:af:54:7d:32:36:02:78:2b:ee:63:c4:6e:8d:
ba:b6:17:74:44:37:78:21:52:8f:f5:0d:32:3d:21:d8:36:71:
8b:85:4d:63:7d:fb:12:f8:53:0d:26:e0:63:bb:10:5a:95:d9:
14:8f:a3:be:e1:55:7c:db:c2:9d:96:c5:39:45:60:d6:2f:93:
cc:27:ec:a3:9b:72:98:b4:2b:f4:cc:b7:eb:e3:44:ec:05:2a:
d2:53:0b:5a:be:ff:de:d9:44:70:fc:40:3a:83:be:36:85:45:
71:f0:0e:7c:b3:63:86:67:56:46:67:0e:fe:c1:72:91:04:ca:
8b:4b:fa:fc:fe:70:47:d1:82:2c:42:9d:ad:5d:99:a2:89:ee:
f0:73:e2:f7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY5m+dVFlV3DskGcGCsnYq6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMzIyMTYyMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI5ZjlhY2MyNDVjYzE0NGEzYmU5YWU1MzhkZTc3ZGFjMmI2YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq6HI9h83XXN5noGYPLzx2j6PRJB
C6RfrVXfu/WtliXHyWpbgJzV2xfJCJ35gL/3KdHiRyP5lT9RNPO8EemtPAW88J2C
nw57joMzPKwdUboeND1mO6bcvnFMofnmzBW/B2/lKDaqHgt/Xmj+7r5GIofnh6c4
0e8OrDgQVIYlXXoKjQ303uUs7+0gWWxDK7i+24GQDP3F20OC4XJcj2yTJnZ6jjxY
Ro2aUbVdDJTITdUmiVrviC02IS075zzHLGJKHZYiSAUnswivdSDcIsIvwhuTCQ7w
bIxLfHxUEoXvGyg550cM7cxmr8N1iKknz9iSGYyNjrNFe1v4T7DTKwvxCwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOEp+azCRcwUSjvprlON532sK2thMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNFNuNXJNSkZ6QlJLTy1tdVU0M25mYXdyYTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAwJFGMBoE
AgACMBQwEgMHAioKj0AABAMHACoKj0AABjANBgkqhkiG9w0BAQsFAAOCAQEAIZV6
AaMAtlyVwtGJs+1ssw94h9YemdM9uNnWMaGiakiDdTyao3goi+soZD4Pmf5GKe5m
Pzf6a+Kgj1kG7UrzEN9iWmfPQno2UD037Ja0t3hJnL0m6spWe7ZPVzx0daOmJelP
f56yPWOVG02ziN89xcGvVH0yNgJ4K+5jxG6NurYXdEQ3eCFSj/UNMj0h2DZxi4VN
Y337EvhTDSbgY7sQWpXZFI+jvuFVfNvCnZbFOUVg1i+TzCfso5tymLQr9My36+NE
7AUq0lMLWr7/3tlEcPxAOoO+NoVFcfAOfLNjhmdWRmcO/sFykQTKi0v6/P5wR9GC
LEKdrV2Zoonu8HPi9w==
-----END CERTIFICATE-----
Generated at Thu May 2 03:36:49 2024 by rpki-client on console-ams.rpki-client.org