Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/4BNMvGoOImMvi43dSqoREoDa17I.roa
File: 4BNMvGoOImMvi43dSqoREoDa17I.roa (raw, json)
Hash identifier: azdbhYThtdkVS09xmxOWtVH0NQ5UTliRx5clg//W6+s=
Subject key identifier: E0:13:4C:BC:6A:0E:22:63:2F:8B:8D:DD:4A:AA:11:12:80:DA:D7:B2
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 018CC64A8A11E0320016C2FDA8E334058275
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/4BNMvGoOImMvi43dSqoREoDa17I.roa
Signing time: Mon 01 Jan 2024 18:30:22 +0000
ROA not before: Mon 01 Jan 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199881
IP address blocks: 185.22.131.0/24 maxlen: 24
2a00:6060:8000::/48 maxlen: 48
2a00:6060:b000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:8a:11:e0:32:00:16:c2:fd:a8:e3:34:05:82:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0134cbc6a0e22632f8b8ddd4aaa111280dad7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f6:cc:01:a2:ee:7b:2b:0b:18:07:d6:27:11:
d8:c7:82:98:c1:88:90:d7:a6:c0:0a:de:b5:5e:7a:
f9:01:f2:bf:4d:f9:6f:8c:95:c0:09:d5:42:86:49:
84:83:b9:6e:1a:72:d3:36:4e:f8:a9:cd:27:2e:79:
b4:84:16:b7:30:7d:c6:6b:45:8a:59:d8:bc:81:8e:
23:13:5b:6e:13:d5:df:1d:1d:e5:a9:0d:c7:f6:28:
9d:c8:e8:db:9c:ca:72:bd:77:f7:5c:df:52:cd:0a:
62:68:d4:31:6a:d2:05:88:2b:3a:af:ac:50:34:26:
8b:ec:08:c4:b5:1c:7f:b0:6b:03:3f:32:33:20:98:
18:98:08:c4:b7:7e:73:b7:09:44:c6:af:e8:90:5b:
9f:b0:5d:e5:c3:e6:54:ae:28:e5:7a:92:74:32:eb:
4e:58:36:6f:7a:90:ff:99:e8:a2:1d:32:d7:fb:dd:
cb:30:ca:7f:d5:0f:e7:ba:bc:b1:37:b3:01:a7:ed:
1f:72:9a:ff:c5:94:f4:fc:00:e4:49:12:0e:09:ba:
0a:39:04:32:8e:48:ab:51:58:27:d4:6d:2e:19:96:
73:49:ff:a3:dd:6e:4d:a8:dd:8d:eb:28:aa:dc:38:
74:ef:b7:a5:fa:73:98:12:37:43:e9:8e:a4:8b:97:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:13:4C:BC:6A:0E:22:63:2F:8B:8D:DD:4A:AA:11:12:80:DA:D7:B2
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/4BNMvGoOImMvi43dSqoREoDa17I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.131.0/24
IPv6:
2a00:6060:8000::/48
2a00:6060:b000::/48
Signature Algorithm: sha256WithRSAEncryption
8b:b9:57:52:15:d9:b2:31:35:86:0e:00:29:c2:da:19:98:f6:
9d:68:72:be:12:46:6e:20:b4:45:2a:59:60:01:af:16:84:1f:
0c:41:3f:4b:a6:10:c9:53:eb:f4:bf:4d:1a:d3:ca:ee:08:13:
c6:98:2a:cd:56:05:33:8f:32:11:59:90:9e:9f:dd:d0:4c:4a:
ff:ff:38:bd:83:be:76:2c:21:43:e5:30:56:e7:69:a3:ea:f2:
ad:52:56:9b:bd:0f:8c:d7:72:29:fc:5f:c0:66:a5:d4:27:9b:
49:fb:3e:d4:57:21:7f:61:98:a9:c2:f5:c3:0f:21:bc:11:85:
9f:1a:9a:d5:19:3d:e8:62:f0:e3:0e:80:f1:ec:f6:ae:62:8e:
97:06:50:c3:b6:d9:d9:11:68:0c:a3:48:d3:ad:03:cd:a1:11:
ed:54:03:fa:4f:90:06:94:c5:87:a6:f1:6a:71:22:76:d8:78:
4c:42:24:03:27:36:92:0f:e5:f0:f3:2c:17:24:48:f4:9c:d9:
ce:4e:ea:7f:96:6e:d3:1d:f9:d2:d4:a3:4e:6b:ac:9f:4c:80:
a2:ac:af:3b:a9:8c:ed:6f:bf:1b:4e:c4:40:6d:b4:57:e5:0b:
ab:e7:d0:aa:b5:ce:6a:4b:83:d6:7c:d9:a4:8f:6b:b3:d3:ec:
cd:04:e0:0b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGSooR4DIAFsL9qOM0BYJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjQwMTAxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDEzNGNiYzZhMGUyMjYzMmY4YjhkZGQ0YWFhMTExMjgwZGFkN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fbMAaLueysLGAfWJxHYx4KYwYiQ
16bACt61Xnr5AfK/TflvjJXACdVChkmEg7luGnLTNk74qc0nLnm0hBa3MH3Ga0WK
Wdi8gY4jE1tuE9XfHR3lqQ3H9iidyOjbnMpyvXf3XN9SzQpiaNQxatIFiCs6r6xQ
NCaL7AjEtRx/sGsDPzIzIJgYmAjEt35ztwlExq/okFufsF3lw+ZUrijlepJ0MutO
WDZvepD/meiiHTLX+93LMMp/1Q/nuryxN7MBp+0fcpr/xZT0/ADkSRIOCboKOQQy
jkirUVgn1G0uGZZzSf+j3W5NqN2N6yiq3Dh077el+nOYEjdD6Y6ki5eJHQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOATTLxqDiJjL4uN3UqqERKA2teyMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvNEJOTXZHb09JbU12aTQzZFNxb1JFb0RhMTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuRaDMBgE
AgACMBIDBwAqAGBggAADBwAqAGBgsAAwDQYJKoZIhvcNAQELBQADggEBAIu5V1IV
2bIxNYYOACnC2hmY9p1ocr4SRm4gtEUqWWABrxaEHwxBP0umEMlT6/S/TRrTyu4I
E8aYKs1WBTOPMhFZkJ6f3dBMSv//OL2DvnYsIUPlMFbnaaPq8q1SVpu9D4zXcin8
X8BmpdQnm0n7PtRXIX9hmKnC9cMPIbwRhZ8amtUZPehi8OMOgPHs9q5ijpcGUMO2
2dkRaAyjSNOtA82hEe1UA/pPkAaUxYem8WpxInbYeExCJAMnNpIP5fDzLBckSPSc
2c5O6n+WbtMd+dLUo05rrJ9MgKKsrzupjO1vvxtOxEBttFflC6vn0Kq1zmpLg9Z8
2aSPa7PT7M0E4As=
-----END CERTIFICATE-----
Generated at Wed Jun 26 01:06:10 2024 by rpki-client on console-fra.rpki-client.org