Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/4NuVu3Nq-e8MRvvtx94wEBMAJpI.roa
File: 4NuVu3Nq-e8MRvvtx94wEBMAJpI.roa (raw, json)
Hash identifier: BwZ4AypkDlEs/INH5WMO4BX3aWqiH8F0IX2ATDMf6q0=
Subject key identifier: E0:DB:95:BB:73:6A:F9:EF:0C:46:FB:ED:C7:DE:30:10:13:00:26:92
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 0192A9DD2D29E2F3CBF7D1A4A4000AD544FC
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/4NuVu3Nq-e8MRvvtx94wEBMAJpI.roa
Signing time: Sun 20 Oct 2024 12:18:17 +0000
ROA not before: Sun 20 Oct 2024 12:18:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 14.102.9.0/24 maxlen: 24
14.102.11.0/24 maxlen: 24
91.200.254.0/24 maxlen: 24
110.172.191.0/24 maxlen: 24
114.69.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a9:dd:2d:29:e2:f3:cb:f7:d1:a4:a4:00:0a:d5:44:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Oct 20 12:18:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0db95bb736af9ef0c46fbedc7de301013002692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1a:6c:fa:82:94:04:31:0f:1f:69:13:57:86:
d6:a9:11:3c:b5:2f:ce:89:9a:02:15:c9:0f:0b:46:
02:19:2e:f1:01:5d:00:bb:ce:de:b9:74:5c:8e:12:
8a:bc:84:c0:98:42:90:7c:56:9f:27:e1:fa:2c:e5:
e5:52:12:54:27:80:eb:60:74:1f:23:cd:d3:90:73:
a7:a0:b7:1a:4c:0c:48:5d:e0:cb:63:b1:6f:e2:cb:
35:f4:63:97:c0:03:53:64:55:7e:f0:4e:79:5f:40:
85:99:22:4b:a8:7c:36:ba:53:f4:e1:db:82:75:df:
d0:f7:1e:88:af:40:1c:76:2f:17:12:c1:d9:86:a8:
a9:12:d4:5d:ba:6e:30:39:4d:31:b2:f8:13:d8:d8:
93:97:3f:17:db:8a:79:0d:db:bc:04:9f:10:27:f6:
c5:66:ee:12:f8:9c:6d:0e:f2:24:10:53:5d:c9:1b:
75:7c:0b:6a:08:aa:dd:77:a9:27:af:38:1d:52:90:
41:f0:9e:73:1b:50:4f:55:07:5a:98:7e:41:51:23:
07:47:04:d2:d3:49:0c:c0:ed:1c:eb:90:b1:b1:b1:
51:ef:ef:5c:e1:ea:3e:75:8d:a1:7c:c8:e9:e8:1e:
31:44:56:1e:43:73:c4:25:ce:08:6b:c4:08:d9:52:
8d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DB:95:BB:73:6A:F9:EF:0C:46:FB:ED:C7:DE:30:10:13:00:26:92
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/4NuVu3Nq-e8MRvvtx94wEBMAJpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.9.0/24
14.102.11.0/24
91.200.254.0/24
110.172.191.0/24
114.69.245.0/24
Signature Algorithm: sha256WithRSAEncryption
40:38:12:7c:0c:7c:0a:5a:3b:b2:b5:e7:24:64:34:76:3c:e0:
97:8c:12:4b:cd:3a:83:dc:ed:fe:3e:67:83:11:33:d8:d0:8b:
1f:37:50:15:56:e9:08:aa:ec:20:27:1d:6c:98:9e:55:cb:d1:
0d:69:c3:9b:70:b9:52:fc:76:d7:a7:36:5a:dd:69:75:ed:09:
32:ef:03:36:d8:f0:e2:21:87:8b:81:fb:be:84:80:5d:8c:b5:
f1:48:23:2f:c3:bd:61:06:71:92:8b:00:5b:21:e7:15:fc:ff:
f9:d4:d0:d6:1f:02:8c:b8:d5:03:a5:a1:d3:f8:69:a4:a5:1d:
10:28:4d:0f:57:12:11:d4:39:77:7c:01:a0:19:03:b2:9a:92:
8d:87:cd:e3:b3:42:5b:28:4b:9d:8c:c1:28:ba:21:4a:6f:99:
10:fa:9a:34:a8:f3:be:ae:7e:e7:f9:3a:05:dc:5b:29:8f:31:
1f:cb:24:6a:51:2e:dd:d6:a7:60:44:54:48:01:2e:14:f6:73:
cf:90:16:3d:5d:0f:d6:cc:45:1e:fb:4a:a3:34:7a:a5:85:77:
fc:80:68:d5:27:b0:14:8d:24:3e:3a:fc:53:bf:4d:f7:c5:76:
f1:14:48:32:97:58:5b:bc:71:a3:00:8e:5f:be:20:fb:d1:f0:
9a:a8:6b:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKp3S0p4vPL99GkpAAK1UT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjQxMDIwMTIxODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGRiOTViYjczNmFmOWVmMGM0NmZiZWRjN2RlMzAxMDEzMDAyNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixps+oKUBDEPH2kTV4bWqRE8tS/O
iZoCFckPC0YCGS7xAV0Au87euXRcjhKKvITAmEKQfFafJ+H6LOXlUhJUJ4DrYHQf
I83TkHOnoLcaTAxIXeDLY7Fv4ss19GOXwANTZFV+8E55X0CFmSJLqHw2ulP04duC
dd/Q9x6Ir0Acdi8XEsHZhqipEtRdum4wOU0xsvgT2NiTlz8X24p5Ddu8BJ8QJ/bF
Zu4S+JxtDvIkEFNdyRt1fAtqCKrdd6knrzgdUpBB8J5zG1BPVQdamH5BUSMHRwTS
00kMwO0c65CxsbFR7+9c4eo+dY2hfMjp6B4xRFYeQ3PEJc4Ia8QI2VKNTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFODblbtzavnvDEb77cfeMBATACaSMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvNE51VnUzTnEtZThNUnZ2dHg5NHdFQk1BSnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQADmYJAwQA
DmYLAwQAW8j+AwQAbqy/AwQAckX1MA0GCSqGSIb3DQEBCwUAA4IBAQBAOBJ8DHwK
WjuyteckZDR2POCXjBJLzTqD3O3+PmeDETPY0IsfN1AVVukIquwgJx1smJ5Vy9EN
acObcLlS/HbXpzZa3Wl17Qky7wM22PDiIYeLgfu+hIBdjLXxSCMvw71hBnGSiwBb
IecV/P/51NDWHwKMuNUDpaHT+GmkpR0QKE0PVxIR1Dl3fAGgGQOympKNh83js0Jb
KEudjMEouiFKb5kQ+po0qPO+rn7n+ToF3FspjzEfyyRqUS7d1qdgRFRIAS4U9nPP
kBY9XQ/WzEUe+0qjNHqlhXf8gGjVJ7AUjSQ+OvxTv033xXbxFEgyl1hbvHGjAI5f
viD70fCaqGte
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:18 2024 by rpki-client on console-fra.rpki-client.org