Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/4xR4eGEXe-tI0qLdkog-e1ZMAHc.roa
File: 4xR4eGEXe-tI0qLdkog-e1ZMAHc.roa (raw, json)
Hash identifier: g1YXwBwJnGFm9ATlUeYg5d350ihtXbCuma0eNf4KT40=
Subject key identifier: E3:14:78:78:61:17:7B:EB:48:D2:A2:DD:92:88:3E:7B:56:4C:00:77
Certificate issuer: /CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Certificate serial: 018CC9BCE71955D2799741F7563DAFBAEA70
Authority key identifier: 6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/4xR4eGEXe-tI0qLdkog-e1ZMAHc.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62434
IP address blocks: 194.49.177.0/24 maxlen: 24
194.49.178.0/24 maxlen: 24
194.49.205.0/24 maxlen: 24
194.49.207.0/24 maxlen: 24
194.49.218.0/24 maxlen: 24
194.49.221.0/24 maxlen: 24
194.49.220.0/24 maxlen: 24
194.49.134.0/24 maxlen: 24
193.28.131.0/24 maxlen: 24
193.28.132.0/24 maxlen: 24
193.28.130.0/24 maxlen: 24
194.49.171.0/24 maxlen: 24
2001:67c:194c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e7:19:55:d2:79:97:41:f7:56:3d:af:ba:ea:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e314787861177beb48d2a2dd92883e7b564c0077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8a:1d:c7:f6:d6:ff:95:82:9f:d9:06:81:ad:
40:b8:4a:84:3b:de:80:c2:52:5c:49:c6:7b:62:ec:
6d:00:96:7b:6d:95:33:ae:ac:57:f3:93:b5:43:ec:
a6:67:3c:ee:44:65:37:b4:01:6a:00:c2:2d:77:7a:
17:e5:4c:11:67:e1:00:ff:62:b3:14:85:37:38:1f:
ea:fd:04:73:9d:c9:39:a8:d1:2f:3f:71:91:7d:43:
29:0f:df:18:66:73:4e:5d:d5:d2:25:6a:e3:e9:d2:
72:57:84:a2:4b:03:32:e3:92:f3:3f:1f:76:8d:6f:
5a:a4:a6:ea:5d:74:aa:d6:d2:69:c8:38:d0:21:15:
46:10:62:5d:0a:2f:bf:cc:ca:c0:f3:78:6a:53:d1:
18:24:68:93:2d:3f:8a:a1:39:37:55:63:57:f2:c2:
3b:a5:7c:c4:6a:08:0a:a8:8e:21:9e:50:65:b4:e2:
04:30:87:3c:c4:0d:7b:fa:e4:11:e7:23:37:90:53:
47:7e:38:ef:94:aa:3e:79:c6:a7:34:62:2b:4e:bd:
b3:19:7d:16:62:63:e7:03:d9:31:01:3b:f8:9f:22:
87:00:eb:ef:b4:02:52:7b:43:35:8f:08:76:d2:74:
0f:d1:35:7d:7b:a7:62:23:26:39:7d:a4:52:10:1e:
be:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:14:78:78:61:17:7B:EB:48:D2:A2:DD:92:88:3E:7B:56:4C:00:77
X509v3 Authority Key Identifier:
keyid:6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/4xR4eGEXe-tI0qLdkog-e1ZMAHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.130.0-193.28.132.255
194.49.134.0/24
194.49.171.0/24
194.49.177.0-194.49.178.255
194.49.205.0/24
194.49.207.0/24
194.49.218.0/24
194.49.220.0/23
IPv6:
2001:67c:194c::/48
Signature Algorithm: sha256WithRSAEncryption
40:13:55:74:15:5d:62:fb:16:9a:e6:c4:bb:bc:e1:60:85:2a:
e1:81:6d:2e:2a:f0:7b:45:c4:d1:19:08:a4:70:73:fb:3f:8f:
99:1a:30:44:e6:ea:9d:50:47:88:c2:1a:26:95:db:7e:a9:af:
d9:e1:f8:ed:b4:bc:1b:16:7e:4c:5b:a1:f8:7b:1b:98:be:e7:
6e:c0:37:77:1b:e7:c4:7e:74:0f:23:95:bb:a6:6d:9c:45:2c:
4a:ee:4c:38:1e:f8:4c:a4:62:47:16:ea:04:f1:ca:b4:43:e1:
1e:89:26:f6:ad:ce:54:41:0c:37:29:0e:c3:de:dd:3a:55:66:
35:cd:38:44:cf:3b:91:4a:2a:ef:1c:99:e2:dc:21:86:57:eb:
fe:cc:f0:13:1c:eb:91:fe:4d:7b:88:53:c7:a0:72:10:96:c4:
c5:11:00:8c:e1:e5:bc:d4:42:52:be:f3:ad:df:7f:6f:68:36:
dc:27:a2:cd:7b:b6:10:dd:28:33:0b:6d:fb:a5:75:8d:42:5e:
e3:e4:24:27:8e:9e:5d:9e:99:97:86:d6:03:c2:9b:8a:d6:69:
cf:7c:ad:01:09:2c:5b:c0:9a:5c:81:ff:b9:42:53:15:1a:d4:
be:91:47:c0:06:6d:dd:54:2b:83:4f:d7:57:4c:f0:73:93:aa:
23:c6:29:f7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzJvOcZVdJ5l0H3Vj2vuupwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGM4NjdjOTc5ODcxYzdhZGIwOWY3YzYyMTliYTViMDY0
NTkzMWMwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzE0Nzg3ODYxMTc3YmViNDhkMmEyZGQ5Mjg4M2U3YjU2NGMwMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYodx/bW/5WCn9kGga1AuEqEO96A
wlJcScZ7YuxtAJZ7bZUzrqxX85O1Q+ymZzzuRGU3tAFqAMItd3oX5UwRZ+EA/2Kz
FIU3OB/q/QRznck5qNEvP3GRfUMpD98YZnNOXdXSJWrj6dJyV4SiSwMy45LzPx92
jW9apKbqXXSq1tJpyDjQIRVGEGJdCi+/zMrA83hqU9EYJGiTLT+KoTk3VWNX8sI7
pXzEaggKqI4hnlBltOIEMIc8xA17+uQR5yM3kFNHfjjvlKo+ecanNGIrTr2zGX0W
YmPnA9kxATv4nyKHAOvvtAJSe0M1jwh20nQP0TV9e6diIyY5faRSEB6+/wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFOMUeHhhF3vrSNKi3ZKIPntWTAB3MB8GA1UdIwQY
MBaAFGoMhnyXmHHHrbCffGIZulsGRZMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUt
ZTQ1ODYzZWFjMmI0LzEvNHhSNGVHRVhlLXRJMHFMZGtvZy1lMVpNQUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUtZTQ1ODYzZWFjMmI0
LzEvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBGBAIAATBAMAwDBAHBHIID
BADBHIQDBADCMYYDBADCMaswDAMEAMIxsQMEAMIxsgMEAMIxzQMEAMIxzwMEAMIx
2gMEAcIx3DAPBAIAAjAJAwcAIAEGfBlMMA0GCSqGSIb3DQEBCwUAA4IBAQBAE1V0
FV1i+xaa5sS7vOFghSrhgW0uKvB7RcTRGQikcHP7P4+ZGjBE5uqdUEeIwhomldt+
qa/Z4fjttLwbFn5MW6H4exuYvuduwDd3G+fEfnQPI5W7pm2cRSxK7kw4HvhMpGJH
FuoE8cq0Q+EeiSb2rc5UQQw3KQ7D3t06VWY1zThEzzuRSirvHJni3CGGV+v+zPAT
HOuR/k17iFPHoHIQlsTFEQCM4eW81EJSvvOt339vaDbcJ6LNe7YQ3SgzC237pXWN
Ql7j5CQnjp5dnpmXhtYDwpuK1mnPfK0BCSxbwJpcgf+5QlMVGtS+kUfABm3dVCuD
T9dXTPBzk6ojxin3
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:34:01 2024 by rpki-client on console-fra.rpki-client.org