Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/M4-dilm0dE68cBNMCub-hgXflr0.roa
File: M4-dilm0dE68cBNMCub-hgXflr0.roa (raw, json)
Hash identifier: B16ZsOUbMWxJkpFgU7lcPBfy/4Y4N59Ws9HK+YOY/iM=
Subject key identifier: 33:8F:9D:8A:59:B4:74:4E:BC:70:13:4C:0A:E6:FE:86:05:DF:96:BD
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 018F4D11170D7B0893440C6927AC67B77897
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/M4-dilm0dE68cBNMCub-hgXflr0.roa
Signing time: Mon 06 May 2024 08:41:56 +0000
ROA not before: Mon 06 May 2024 08:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25091
IP address blocks: 5.144.32.0/21 maxlen: 24
46.20.240.0/20 maxlen: 24
85.8.128.0/24 maxlen: 24
91.247.176.0/24 maxlen: 24
185.60.52.0/22 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 02:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:11:17:0d:7b:08:93:44:0c:69:27:ac:67:b7:78:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: May 6 08:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=338f9d8a59b4744ebc70134c0ae6fe8605df96bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e1:2f:68:0f:f7:10:44:1c:05:19:7b:37:d3:
e9:ce:be:e6:53:07:32:60:3c:ed:29:21:0d:04:99:
ff:74:b6:2c:a5:80:49:f9:be:6a:0a:f0:dd:c8:4d:
87:8a:3f:f9:7d:ac:03:81:b1:65:c6:68:a0:5d:13:
cd:80:ef:c3:8e:e9:2f:93:73:ba:51:f9:92:dc:55:
07:c6:60:21:78:d6:b8:46:60:e6:28:90:82:11:1e:
25:fb:90:22:78:20:25:fa:0f:e4:ef:22:6a:f9:0e:
24:3f:ea:97:6b:c6:07:fd:52:4a:e5:91:32:4a:57:
83:59:4a:f1:90:5c:3c:f6:11:35:76:11:58:72:40:
f2:fe:d2:db:90:3b:2a:a3:cf:79:6b:1c:e6:98:3e:
79:fb:d4:03:cc:a9:bc:54:24:6b:a0:e4:c7:e6:52:
f0:b4:eb:8f:43:23:b1:38:a5:0f:b4:14:e7:35:dc:
a5:d7:d0:74:7f:ce:59:90:2d:45:15:d8:05:e2:ca:
d8:77:09:d8:1a:6d:e8:4a:cc:06:24:9f:29:b9:87:
d2:ac:b0:a9:11:5f:2a:58:f6:91:be:73:c9:56:0b:
72:bb:29:d6:89:c0:e1:37:fe:b1:cf:4b:58:ac:3b:
d9:66:99:85:46:29:9c:3e:ed:d3:1f:f6:b0:4d:1a:
a0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8F:9D:8A:59:B4:74:4E:BC:70:13:4C:0A:E6:FE:86:05:DF:96:BD
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/M4-dilm0dE68cBNMCub-hgXflr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
85.8.128.0/24
91.247.176.0/24
185.60.52.0/22
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
12:59:d9:4f:6b:fe:cc:b6:0f:dc:4b:b8:a8:ed:0e:16:ad:3f:
3a:81:76:02:d9:68:43:8d:cb:90:4b:5b:27:bf:a2:61:11:2d:
2b:5f:ae:be:c6:ef:93:1a:89:80:0f:87:bb:0f:d9:fa:fd:12:
65:a9:4d:ae:17:c7:48:83:03:4c:e9:5a:ab:62:2d:75:4d:b9:
eb:8b:5c:f5:9d:3c:ba:c9:20:72:01:3e:1d:f3:d2:ce:e6:b8:
8b:28:d0:8a:83:7b:74:3c:68:47:44:8b:c5:56:d0:74:1d:35:
b9:9c:74:c9:6b:3b:d9:13:28:4d:c7:5a:0c:a7:c0:0d:44:fd:
03:d8:62:80:14:b1:02:66:ac:cd:95:c0:8a:d7:5f:d6:af:75:
69:89:b3:13:bf:f1:90:19:f9:7f:ff:15:77:02:76:ae:e9:a3:
b5:b7:eb:50:e5:5d:7e:7f:bd:9e:93:ba:dd:bb:87:e6:04:46:
a9:84:48:20:2c:8f:47:3b:06:9a:86:2a:bd:cd:ca:3f:2d:a3:
2f:1c:50:21:bf:1c:9b:00:e3:4c:c4:06:f8:16:0b:de:79:ca:
d7:17:3f:b9:45:17:55:fa:50:97:c6:23:5c:35:d8:4d:ff:1a:
d4:8a:63:e4:2b:5f:4b:b8:69:28:b0:3f:61:f8:34:84:5a:61:
52:5b:f5:a7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY9NERcNewiTRAxpJ6xnt3iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjQwNTA2MDg0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhmOWQ4YTU5YjQ3NDRlYmM3MDEzNGMwYWU2ZmU4NjA1ZGY5NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OEvaA/3EEQcBRl7N9Ppzr7mUwcy
YDztKSENBJn/dLYspYBJ+b5qCvDdyE2Hij/5fawDgbFlxmigXRPNgO/Djukvk3O6
UfmS3FUHxmAheNa4RmDmKJCCER4l+5AieCAl+g/k7yJq+Q4kP+qXa8YH/VJK5ZEy
SleDWUrxkFw89hE1dhFYckDy/tLbkDsqo895axzmmD55+9QDzKm8VCRroOTH5lLw
tOuPQyOxOKUPtBTnNdyl19B0f85ZkC1FFdgF4srYdwnYGm3oSswGJJ8puYfSrLCp
EV8qWPaRvnPJVgtyuynWicDhN/6xz0tYrDvZZpmFRimcPu3TH/awTRqgdwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDOPnYpZtHROvHATTArm/oYF35a9MB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvTTQtZGlsbTBkRTY4Y0JOTUN1Yi1oZ1hmbHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZAgAwQE
LhTwAwQAVQiAAwQAW/ewAwQCuTw0MA0EAgACMAcDBQMqAiUoMA0GCSqGSIb3DQEB
CwUAA4IBAQASWdlPa/7Mtg/cS7io7Q4WrT86gXYC2WhDjcuQS1snv6JhES0rX66+
xu+TGomAD4e7D9n6/RJlqU2uF8dIgwNM6VqrYi11Tbnri1z1nTy6ySByAT4d89LO
5riLKNCKg3t0PGhHRIvFVtB0HTW5nHTJazvZEyhNx1oMp8ANRP0D2GKAFLECZqzN
lcCK11/Wr3VpibMTv/GQGfl//xV3Anau6aO1t+tQ5V1+f72ek7rdu4fmBEaphEgg
LI9HOwaahiq9zco/LaMvHFAhvxybAONMxAb4FgveecrXFz+5RRdV+lCXxiNcNdhN
/xrUimPkK19LuGkosD9h+DSEWmFSW/Wn
-----END CERTIFICATE-----
Generated at Sun May 19 07:17:44 2024 by rpki-client on console-ams.rpki-client.org