Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/4oVSksgDuDjoFJ2xFOwM0-YRg4g.roa
File: 4oVSksgDuDjoFJ2xFOwM0-YRg4g.roa (raw, json)
Hash identifier: DpV64PFqyAA4IGi4ghMntrrhrM9qSCLS6nZ/xvkq9xM=
Subject key identifier: E2:85:52:92:C8:03:B8:38:E8:14:9D:B1:14:EC:0C:D3:E6:11:83:88
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 018CC5DBE7E1D8876C208F63D8C60971A822
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/4oVSksgDuDjoFJ2xFOwM0-YRg4g.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35297
IP address blocks: 193.238.32.0/22 maxlen: 22
185.249.160.0/22 maxlen: 22
5.53.112.0/21 maxlen: 21
178.251.104.0/21 maxlen: 21
178.251.110.0/24 maxlen: 24
193.239.72.0/22 maxlen: 22
91.204.212.0/22 maxlen: 24
77.75.144.0/21 maxlen: 21
2a02:2000:face::/48 maxlen: 48
2a02:2000:4::/48 maxlen: 48
2a02:2000::/29 maxlen: 48
2a02:2000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e7:e1:d8:87:6c:20:8f:63:d8:c6:09:71:a8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2855292c803b838e8149db114ec0cd3e6118388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:4f:cf:97:b2:c7:48:70:9b:08:c3:c9:32:
c0:ec:63:38:e4:4f:a7:f4:ec:92:d9:4f:4c:dd:4b:
3e:dc:0a:9f:ee:e0:91:c3:5e:ab:f5:7c:c8:72:ff:
07:52:a6:e4:5e:95:51:b9:45:66:ac:1b:07:8f:fe:
b8:38:a0:c3:f8:4c:5d:07:c7:a8:5d:51:78:44:c0:
89:7b:3f:1b:0e:4e:ee:db:0b:38:5f:b4:1d:51:3e:
47:9d:e3:31:7e:f5:77:dd:12:0a:4a:f2:0a:c4:b0:
df:e0:64:fd:e1:18:3f:24:91:43:f9:f3:17:63:08:
f2:d1:a1:06:14:7a:3f:41:1e:3a:6f:f0:70:77:f2:
12:13:6b:ad:8b:9d:b6:b2:c0:87:9d:dc:59:bd:7e:
af:9a:8e:e3:1a:b7:fd:b4:c8:ec:2b:e6:53:bb:ef:
aa:0c:af:c8:96:b5:6e:98:0a:65:d7:02:c9:1a:00:
8e:ef:36:36:e0:04:54:fe:c9:86:55:e7:47:d5:df:
e3:3a:58:7a:f1:43:cb:0f:1c:24:3d:a5:e7:c4:42:
ed:bf:f6:b4:c5:a8:aa:72:e0:d0:38:a4:c6:8a:68:
32:62:dc:8e:a1:b5:08:59:b8:6e:e5:99:2c:19:92:
a6:c9:b7:22:bb:cd:b2:a6:f3:3f:ad:34:c3:6d:35:
2a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:85:52:92:C8:03:B8:38:E8:14:9D:B1:14:EC:0C:D3:E6:11:83:88
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/4oVSksgDuDjoFJ2xFOwM0-YRg4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.112.0/21
77.75.144.0/21
91.204.212.0/22
178.251.104.0/21
185.249.160.0/22
193.238.32.0/22
193.239.72.0/22
IPv6:
2a02:2000::/29
Signature Algorithm: sha256WithRSAEncryption
9f:2f:28:31:4a:ba:d5:c2:95:bf:40:4d:c4:ca:2c:7c:e4:8b:
7d:92:d4:45:05:f6:b1:26:e2:36:a6:f8:38:08:d1:02:0f:85:
f8:eb:8a:5a:56:50:57:8f:86:7f:e1:d8:ad:a2:98:a7:ae:cb:
fb:d6:72:ac:2f:6d:bd:e9:c1:30:24:0f:db:00:bc:43:13:d4:
bd:b7:63:a7:9b:75:33:f0:4a:3e:f3:d8:c3:bf:47:d3:aa:bf:
c0:0d:72:6f:a3:58:e7:db:8f:70:f7:92:58:b7:61:33:01:ba:
f5:24:f7:f8:33:a8:10:70:0e:31:25:f4:6b:85:52:5c:90:e5:
ef:cd:1f:ba:68:b3:24:a1:ba:6a:04:75:60:08:b2:95:f0:9b:
fb:58:80:8d:b7:67:fb:72:00:83:a0:87:e9:3f:41:72:f6:24:
d9:f7:f3:b5:56:f0:50:c9:50:85:40:7a:95:68:a0:fc:10:f6:
43:23:ee:b2:c2:70:05:22:7a:32:82:61:6b:7d:10:b0:e5:46:
3f:58:de:5d:ec:71:34:27:7e:8c:c6:73:cb:38:fb:00:62:de:
6a:8c:de:3e:3b:d6:77:5d:5d:0a:04:bb:63:d0:0b:c1:d7:78:
08:f3:72:e1:d7:7e:e9:48:77:05:7d:6f:23:de:f1:35:db:6e:
b6:81:0a:3e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzF2+fh2IdsII9j2MYJcagiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTJiMDNlMWIwMTcwOTYzODk0MGQ5NTkyOTgzY2RlNzdl
Y2FiNzcwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjg1NTI5MmM4MDNiODM4ZTgxNDlkYjExNGVjMGNkM2U2MTE4Mzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhJPz5eyx0hwmwjDyTLA7GM45E+n
9OyS2U9M3Us+3Aqf7uCRw16r9XzIcv8HUqbkXpVRuUVmrBsHj/64OKDD+ExdB8eo
XVF4RMCJez8bDk7u2ws4X7QdUT5HneMxfvV33RIKSvIKxLDf4GT94Rg/JJFD+fMX
Ywjy0aEGFHo/QR46b/Bwd/ISE2uti522ssCHndxZvX6vmo7jGrf9tMjsK+ZTu++q
DK/IlrVumApl1wLJGgCO7zY24ARU/smGVedH1d/jOlh68UPLDxwkPaXnxELtv/a0
xaiqcuDQOKTGimgyYtyOobUIWbhu5ZksGZKmybciu82ypvM/rTTDbTUqfwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOKFUpLIA7g46BSdsRTsDNPmEYOIMB8GA1UdIwQY
MBaAFIRSsD4bAXCWOJQNlZKYPN537Kt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQt
MjAwZmMyNzRjYjAxLzEvNG9WU2tzZ0R1RGpvRkoyeEZPd00wLVlSZzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQtMjAwZmMyNzRjYjAx
LzEvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBTVwAwQD
TUuQAwQCW8zUAwQDsvtoAwQCufmgAwQCwe4gAwQCwe9IMA0EAgACMAcDBQMqAiAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfLygxSrrVwpW/QE3Eyix85It9ktRFBfaxJuI2
pvg4CNECD4X464paVlBXj4Z/4ditopinrsv71nKsL2296cEwJA/bALxDE9S9t2On
m3Uz8Eo+89jDv0fTqr/ADXJvo1jn249w95JYt2EzAbr1JPf4M6gQcA4xJfRrhVJc
kOXvzR+6aLMkobpqBHVgCLKV8Jv7WICNt2f7cgCDoIfpP0Fy9iTZ9/O1VvBQyVCF
QHqVaKD8EPZDI+6ywnAFInoygmFrfRCw5UY/WN5d7HE0J36MxnPLOPsAYt5qjN4+
O9Z3XV0KBLtj0AvB13gI83Lh137pSHcFfW8j3vE12262gQo+
-----END CERTIFICATE-----
Generated at Mon Jun 3 09:56:57 2024 by rpki-client on console-fra.rpki-client.org