Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/4iSJOpsUYY0XrNAh3sSL9vr_ybQ.roa
File: 4iSJOpsUYY0XrNAh3sSL9vr_ybQ.roa (raw, json)
Hash identifier: tztbQEDAKZ2/qCY3qKaLIFB7WmoM4ic2//X3ycQe93U=
Subject key identifier: E2:24:89:3A:9B:14:61:8D:17:AC:D0:21:DE:C4:8B:F6:FA:FF:C9:B4
Certificate issuer: /CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Certificate serial: 019325158EB9E21810DB73F8D2EF220177EE
Authority key identifier: 7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/4iSJOpsUYY0XrNAh3sSL9vr_ybQ.roa
Signing time: Wed 13 Nov 2024 10:33:10 +0000
ROA not before: Wed 13 Nov 2024 10:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35790
IP address blocks: 185.31.140.0/22 maxlen: 24
185.57.84.0/22 maxlen: 24
185.105.244.0/22 maxlen: 24
185.217.224.0/22 maxlen: 24
213.204.192.0/20 maxlen: 24
213.204.208.0/20 maxlen: 24
213.204.224.0/20 maxlen: 24
213.204.240.0/21 maxlen: 24
213.204.248.0/22 maxlen: 24
213.204.252.0/22 maxlen: 24
2a0b:cdc0::/29 maxlen: 29
2a0b:cdc0::/32 maxlen: 32
2a0b:cdc1::/32 maxlen: 32
2a0b:cdc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:15:8e:b9:e2:18:10:db:73:f8:d2:ef:22:01:77:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Validity
Not Before: Nov 13 10:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e224893a9b14618d17acd021dec48bf6faffc9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e4:92:1a:37:54:18:5d:e2:92:dd:ed:db:ee:
c9:47:8b:98:94:20:5b:38:ad:f8:2b:45:73:2b:78:
66:1c:5e:12:9d:90:75:b5:f7:74:c9:97:81:42:de:
ee:d9:e0:e6:80:80:3c:28:6e:f2:d3:34:72:fb:f0:
75:44:d0:5a:fd:3c:a2:87:84:fb:02:b0:d9:8c:85:
e6:44:be:0f:e3:2d:a2:75:8f:e0:f0:db:cd:09:16:
87:d0:5b:6c:d6:eb:3e:52:12:4f:6b:1c:3e:52:9a:
5b:ce:77:9c:1f:14:fd:19:4f:54:be:25:77:96:08:
00:cc:48:b8:50:8a:5c:93:cd:1a:e9:2d:3d:9e:04:
b8:b6:c0:a4:a4:ad:f4:3b:c1:89:3f:e8:0b:e1:46:
af:7b:59:c0:3e:49:93:55:a7:a9:7d:d3:f3:70:03:
3d:14:3b:64:29:86:6f:50:2a:47:a2:ff:dc:30:db:
29:dd:75:d5:68:4e:22:5c:13:9f:f8:24:b2:57:b4:
4f:7b:15:0e:b9:e1:8a:1d:c9:f7:0e:49:50:d6:68:
5e:0a:07:db:28:10:ca:51:13:8e:d2:8f:47:a0:c3:
46:38:98:dc:d7:75:09:6e:d1:0e:2d:92:06:fb:30:
4a:b5:1e:f0:eb:fa:94:ab:38:56:ad:0d:a0:d9:82:
cd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:24:89:3A:9B:14:61:8D:17:AC:D0:21:DE:C4:8B:F6:FA:FF:C9:B4
X509v3 Authority Key Identifier:
keyid:7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/4iSJOpsUYY0XrNAh3sSL9vr_ybQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.140.0/22
185.57.84.0/22
185.105.244.0/22
185.217.224.0/22
213.204.192.0/18
IPv6:
2a0b:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:aa:bc:48:9c:e2:81:79:29:bb:44:fd:54:92:6a:fd:12:4f:
d1:a1:bf:f9:bc:5c:b7:8f:fe:9a:c1:69:cd:6c:4b:10:09:41:
6f:34:94:ac:50:72:3e:07:06:63:c5:92:a4:da:a9:15:c6:d3:
80:e3:7f:cc:b7:6e:ff:c3:2a:7b:5a:1f:ee:88:ce:ff:29:c6:
05:e6:1e:86:b7:4f:e0:dd:43:e6:dd:ce:f9:91:af:85:15:41:
4d:e5:ae:66:7a:00:19:31:82:03:a2:03:2a:ee:a3:18:f4:18:
08:f2:19:57:45:e5:17:46:b5:15:78:8a:b3:50:79:01:c5:2a:
b9:44:40:fd:df:82:7e:45:b4:bf:5b:fb:fb:29:81:92:53:88:
4e:5a:0a:b2:43:48:3d:f3:1e:24:a6:2c:63:e4:32:09:06:62:
8f:c8:19:5f:6d:12:90:5b:23:06:d1:ba:50:3f:f9:69:a6:c3:
9a:e6:4a:1a:cb:0c:a0:95:a6:9e:b6:73:e2:bb:d8:da:0a:e4:
b5:e6:69:ad:ae:6e:34:c7:eb:14:ec:50:ca:72:06:a9:cd:a9:
80:f7:c5:8a:13:bc:29:c1:52:d4:43:23:45:72:94:9d:ec:b0:
53:6c:b8:dc:0b:ac:2a:7d:5e:15:1c:d9:7e:87:a1:da:42:a4:
87:bb:62:2a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZMlFY654hgQ23P40u8iAXfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjFiODM3OGU4ZjM2OGFlNDk5OGQ1MWMzYTlhY2U2NDE0
OGQ2Y2QwHhcNMjQxMTEzMTAzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjI0ODkzYTliMTQ2MThkMTdhY2QwMjFkZWM0OGJmNmZhZmZjOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuSSGjdUGF3ikt3t2+7JR4uYlCBb
OK34K0VzK3hmHF4SnZB1tfd0yZeBQt7u2eDmgIA8KG7y0zRy+/B1RNBa/Tyih4T7
ArDZjIXmRL4P4y2idY/g8NvNCRaH0Fts1us+UhJPaxw+UppbznecHxT9GU9UviV3
lggAzEi4UIpck80a6S09ngS4tsCkpK30O8GJP+gL4Uave1nAPkmTVaepfdPzcAM9
FDtkKYZvUCpHov/cMNsp3XXVaE4iXBOf+CSyV7RPexUOueGKHcn3DklQ1mheCgfb
KBDKUROO0o9HoMNGOJjc13UJbtEOLZIG+zBKtR7w6/qUqzhWrQ2g2YLNPwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOIkiTqbFGGNF6zQId7Ei/b6/8m0MB8GA1UdIwQY
MBaAFH1huDeOjzaK5JmNUcOprOZBSNbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQt
ZDE2ZTRhZTYxZjgwLzEvNGlTSk9wc1VZWTBYck5BaDNzU0w5dnJfeWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQtZDE2ZTRhZTYxZjgw
LzEvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuR+MAwQC
uTlUAwQCuWn0AwQCudngAwQG1czAMA0EAgACMAcDBQMqC83AMA0GCSqGSIb3DQEB
CwUAA4IBAQA6qrxInOKBeSm7RP1Ukmr9Ek/Rob/5vFy3j/6awWnNbEsQCUFvNJSs
UHI+BwZjxZKk2qkVxtOA43/Mt27/wyp7Wh/uiM7/KcYF5h6Gt0/g3UPm3c75ka+F
FUFN5a5megAZMYIDogMq7qMY9BgI8hlXReUXRrUVeIqzUHkBxSq5RED934J+RbS/
W/v7KYGSU4hOWgqyQ0g98x4kpixj5DIJBmKPyBlfbRKQWyMG0bpQP/lppsOa5koa
ywyglaaetnPiu9jaCuS15mmtrm40x+sU7FDKcgapzamA98WKE7wpwVLUQyNFcpSd
7LBTbLjcC6wqfV4VHNl+h6HaQqSHu2Iq
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:13 2024 by rpki-client on console-fra.rpki-client.org