Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/4lBwqt2Ms7GJz3gsaHTtEAnOsww.roa
File: 4lBwqt2Ms7GJz3gsaHTtEAnOsww.roa (raw, json)
Hash identifier: Wu7rXBNr+LL+xhV7M4Zpr8SEYHIkN0CJADUYPwdrh/c=
Subject key identifier: E2:50:70:AA:DD:8C:B3:B1:89:CF:78:2C:68:74:ED:10:09:CE:B3:0C
Certificate issuer: /CN=86758d8a7ed21a74172cceec338c64d36b0378d4
Certificate serial: 018FE7BE1E55723850CBDA708F2598EDFAF7
Authority key identifier: 86:75:8D:8A:7E:D2:1A:74:17:2C:CE:EC:33:8C:64:D3:6B:03:78:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnWNin7SGnQXLM7sM4xk02sDeNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/4lBwqt2Ms7GJz3gsaHTtEAnOsww.roa
Signing time: Wed 05 Jun 2024 09:32:27 +0000
ROA not before: Wed 05 Jun 2024 09:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48704
IP address blocks: 78.41.141.0/24 maxlen: 24
185.171.220.0/22 maxlen: 24
2a0d:9d40::/29 maxlen: 48
2a14:5e40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/hnWNin7SGnQXLM7sM4xk02sDeNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/hnWNin7SGnQXLM7sM4xk02sDeNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hnWNin7SGnQXLM7sM4xk02sDeNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:be:1e:55:72:38:50:cb:da:70:8f:25:98:ed:fa:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86758d8a7ed21a74172cceec338c64d36b0378d4
Validity
Not Before: Jun 5 09:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e25070aadd8cb3b189cf782c6874ed1009ceb30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:80:fb:09:e4:d6:24:83:5e:77:81:e6:a3:13:
a1:f1:d9:d1:75:d2:72:e7:d8:36:30:16:4f:ba:ef:
b3:dc:01:7d:b1:91:d5:b3:cd:d3:de:fb:f9:36:7a:
f8:ca:23:25:2e:97:0d:cc:ff:ee:7a:2a:19:60:5a:
27:e2:b5:d6:66:36:4b:73:db:8c:36:aa:46:a6:1b:
cf:1e:36:11:45:0d:e9:c7:19:08:73:62:45:6e:d6:
d4:67:b0:e3:5e:61:c6:aa:21:bd:35:84:82:c4:d8:
30:81:aa:88:a2:ff:5c:99:ee:63:0d:d4:35:8d:b8:
45:04:1f:b9:a3:01:e7:6a:cc:d2:2a:94:b1:25:62:
3c:a1:e5:1d:bd:d5:f1:2f:e6:fb:cf:27:c7:ba:79:
0d:a7:41:fd:2e:6d:b1:1f:d4:d3:1b:41:e8:17:36:
c4:9a:91:66:9f:4c:7b:a1:bf:65:90:45:13:ee:2f:
47:e1:0c:81:63:cc:fb:d7:b0:64:8f:ae:97:d3:3d:
fb:52:4f:fa:11:a1:76:8d:97:74:f9:21:a5:61:f7:
9b:02:d1:f8:e6:53:e2:e6:74:dc:c1:03:c8:b8:e3:
be:12:75:f2:2f:7b:a2:e4:d7:c0:e1:1f:a6:78:44:
4b:c8:21:7e:6e:7e:30:65:07:24:c6:87:39:9d:f3:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:50:70:AA:DD:8C:B3:B1:89:CF:78:2C:68:74:ED:10:09:CE:B3:0C
X509v3 Authority Key Identifier:
keyid:86:75:8D:8A:7E:D2:1A:74:17:2C:CE:EC:33:8C:64:D3:6B:03:78:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnWNin7SGnQXLM7sM4xk02sDeNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/4lBwqt2Ms7GJz3gsaHTtEAnOsww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e55a9b-2fa0-4af4-90dd-cdacb8467187/1/hnWNin7SGnQXLM7sM4xk02sDeNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.141.0/24
185.171.220.0/22
IPv6:
2a0d:9d40::/29
2a14:5e40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:bc:b7:e2:32:1d:a2:ef:5b:6c:d5:81:b0:d3:87:3b:94:e7:
a9:89:19:e9:19:4c:50:87:51:ea:0e:15:99:57:58:43:9b:24:
e8:48:73:e5:5d:63:15:ce:0f:43:c8:ae:93:ec:96:e3:c9:10:
2a:fb:d8:4f:ea:45:af:13:89:07:7b:10:58:d7:3f:21:a7:03:
40:88:43:b7:f3:29:8c:47:bc:7e:80:39:bb:ea:ba:3c:32:4c:
eb:c7:6e:e6:f0:10:2a:52:3b:0a:ee:96:91:7b:37:fe:22:ad:
a8:d7:fe:7b:66:33:54:90:98:0c:1c:af:3a:1a:6b:dc:4e:20:
79:ca:65:4f:f9:97:24:fc:6c:7f:ba:55:21:d9:8f:fb:35:b6:
09:91:e4:d4:11:e6:02:2f:61:24:25:c3:66:56:22:d0:27:74:
e0:58:b8:b0:eb:de:e3:04:0b:24:29:e9:03:ae:62:ce:ea:18:
e8:0e:6c:1f:00:16:77:88:26:2f:0d:af:0e:01:72:e8:43:e7:
eb:b2:9a:30:4e:49:b5:2e:ba:c3:33:e7:a2:95:35:57:94:5c:
8c:e5:7d:63:f1:e0:b4:d0:b2:b5:8f:51:82:9d:24:22:13:e7:
db:4c:73:df:97:94:e2:6b:d1:21:6d:63:92:1c:94:63:0a:4a:
77:20:c8:13
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY/nvh5VcjhQy9pwjyWY7fr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NzU4ZDhhN2VkMjFhNzQxNzJjY2VlYzMzOGM2NGQzNmIw
Mzc4ZDQwHhcNMjQwNjA1MDkzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjUwNzBhYWRkOGNiM2IxODljZjc4MmM2ODc0ZWQxMDA5Y2ViMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4D7CeTWJINed4HmoxOh8dnRddJy
59g2MBZPuu+z3AF9sZHVs83T3vv5Nnr4yiMlLpcNzP/ueioZYFon4rXWZjZLc9uM
NqpGphvPHjYRRQ3pxxkIc2JFbtbUZ7DjXmHGqiG9NYSCxNgwgaqIov9cme5jDdQ1
jbhFBB+5owHnaszSKpSxJWI8oeUdvdXxL+b7zyfHunkNp0H9Lm2xH9TTG0HoFzbE
mpFmn0x7ob9lkEUT7i9H4QyBY8z717Bkj66X0z37Uk/6EaF2jZd0+SGlYfebAtH4
5lPi5nTcwQPIuOO+EnXyL3ui5NfA4R+meERLyCF+bn4wZQckxoc5nfM9QwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOJQcKrdjLOxic94LGh07RAJzrMMMB8GA1UdIwQY
MBaAFIZ1jYp+0hp0FyzO7DOMZNNrA3jUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG5XTmluN1NHblFYTE03c000eGswMnNEZU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNTVhOWItMmZhMC00YWY0LTkwZGQt
Y2RhY2I4NDY3MTg3LzEvNGxCd3F0Mk1zN0dKejNnc2FIVHRFQW5Pc3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNTVhOWItMmZhMC00YWY0LTkwZGQtY2RhY2I4NDY3MTg3
LzEvaG5XTmluN1NHblFYTE03c000eGswMnNEZU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQATimNAwQC
uavcMBQEAgACMA4DBQMqDZ1AAwUDKhReQDANBgkqhkiG9w0BAQsFAAOCAQEADLy3
4jIdou9bbNWBsNOHO5TnqYkZ6RlMUIdR6g4VmVdYQ5sk6Ehz5V1jFc4PQ8iuk+yW
48kQKvvYT+pFrxOJB3sQWNc/IacDQIhDt/MpjEe8foA5u+q6PDJM68du5vAQKlI7
Cu6WkXs3/iKtqNf+e2YzVJCYDByvOhpr3E4gecplT/mXJPxsf7pVIdmP+zW2CZHk
1BHmAi9hJCXDZlYi0Cd04Fi4sOve4wQLJCnpA65izuoY6A5sHwAWd4gmLw2vDgFy
6EPn67KaME5JtS66wzPnopU1V5RcjOV9Y/HgtNCytY9Rgp0kIhPn20xz35eU4mvR
IW1jkhyUYwpKdyDIEw==
-----END CERTIFICATE-----
Generated at Wed Jun 26 01:02:11 2024 by rpki-client on console-fra.rpki-client.org