Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/4u_o3_CaD9nQ7VmDs75ugIo7ZHM.roa
File: 4u_o3_CaD9nQ7VmDs75ugIo7ZHM.roa (raw, json)
Hash identifier: Kau78RAbIyY3sNEvNtwWjbwSK66eBfq9PTgEPW5KdL4=
Subject key identifier: E2:EF:E8:DF:F0:9A:0F:D9:D0:ED:59:83:B3:BE:6E:80:8A:3B:64:73
Certificate issuer: /CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Certificate serial: 0190A27B659CE897ADCE2E68F7F3CD553F06
Authority key identifier: F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/4u_o3_CaD9nQ7VmDs75ugIo7ZHM.roa
Signing time: Thu 11 Jul 2024 15:48:34 +0000
ROA not before: Thu 11 Jul 2024 15:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 46.218.0.0/16 maxlen: 24
77.104.0.0/18 maxlen: 24
82.101.0.0/18 maxlen: 24
83.145.64.0/18 maxlen: 24
89.224.0.0/14 maxlen: 24
89.226.0.0/16 maxlen: 24
92.102.0.0/15 maxlen: 24
185.204.172.0/22 maxlen: 24
195.167.192.0/20 maxlen: 24
195.167.224.0/20 maxlen: 24
195.248.0.0/19 maxlen: 19
212.99.0.0/17 maxlen: 24
212.103.0.0/19 maxlen: 24
213.30.128.0/18 maxlen: 24
213.244.0.0/19 maxlen: 24
217.66.112.0/20 maxlen: 24
2a02:e000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:7b:65:9c:e8:97:ad:ce:2e:68:f7:f3:cd:55:3f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Validity
Not Before: Jul 11 15:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2efe8dff09a0fd9d0ed5983b3be6e808a3b6473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:84:c6:24:72:61:5e:6c:f3:70:ec:72:ce:
59:db:bb:e7:18:9f:94:5c:e5:9e:e9:5f:88:5f:3d:
a0:ae:7f:a8:c6:e4:8b:bb:99:e7:8d:30:ca:5f:44:
c9:81:82:81:42:6c:2c:58:b1:fc:67:c6:dd:63:e0:
69:d9:d6:60:c9:c9:ea:ef:ed:81:19:99:60:66:4e:
2a:69:4c:71:29:b8:a1:9a:37:f6:57:be:96:08:ee:
7e:fc:b5:93:2f:54:23:7c:55:a4:81:f1:0e:b3:4e:
a5:7c:63:08:fe:c6:89:f5:b4:44:b5:52:4f:fc:fa:
e9:d4:5c:4a:ce:25:f5:f9:30:0a:66:50:2b:71:28:
e3:44:27:a5:f9:70:c7:70:da:d4:f2:90:c5:56:3c:
25:fd:f1:c9:b1:41:6f:63:d6:15:ab:a7:85:c8:c0:
ff:ae:3c:81:8e:6f:65:ee:3f:a6:3a:f1:ea:4e:07:
de:e1:e8:45:ae:cf:ed:67:9f:b3:bc:00:71:30:60:
9a:29:1c:04:cd:bc:e6:6f:43:c9:e5:a1:85:52:75:
0f:a6:96:22:e4:f7:4b:67:fe:89:7b:66:a0:2c:38:
70:7b:03:37:b7:26:89:65:97:b0:ed:20:ff:b2:dc:
69:62:24:ab:36:14:3c:fc:34:95:fe:3d:b9:86:96:
32:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EF:E8:DF:F0:9A:0F:D9:D0:ED:59:83:B3:BE:6E:80:8A:3B:64:73
X509v3 Authority Key Identifier:
keyid:F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/4u_o3_CaD9nQ7VmDs75ugIo7ZHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.218.0.0/16
77.104.0.0/18
82.101.0.0/18
83.145.64.0/18
89.224.0.0/14
92.102.0.0/15
185.204.172.0/22
195.167.192.0/20
195.167.224.0/20
195.248.0.0/19
212.99.0.0/17
212.103.0.0/19
213.30.128.0/18
213.244.0.0/19
217.66.112.0/20
IPv6:
2a02:e000::/29
Signature Algorithm: sha256WithRSAEncryption
39:30:f9:d4:a4:91:54:2d:30:34:06:6b:1d:fc:b1:80:71:4e:
08:a7:2b:73:ba:86:70:a2:55:92:eb:f5:ca:69:0c:ff:09:db:
17:54:a0:62:fd:8b:dd:8c:8c:0b:62:38:93:a4:d1:e6:99:60:
2e:8d:7a:b0:0c:a6:e8:57:2c:f2:fc:24:8a:f5:e1:93:a2:2e:
37:a4:bb:16:61:dc:4e:eb:16:ca:4c:63:a9:a9:a9:ba:26:7a:
d5:8b:1f:52:bd:2c:5d:33:10:58:1f:c9:8d:a0:86:0c:6e:c1:
7d:8b:b1:ae:ae:08:b1:0c:0c:63:1e:c9:d1:19:d5:ca:cc:a1:
cb:1c:01:61:ed:5c:1c:71:a5:53:4e:51:8b:ae:c6:96:81:32:
19:96:7f:94:73:1c:ad:74:db:46:0e:4b:3f:8d:0b:d6:d4:1b:
3c:47:9a:5c:68:97:9b:e8:b2:07:e4:4f:58:f8:d1:88:f2:58:
3b:41:9b:6c:6c:9e:44:10:1f:d7:67:1f:68:0f:af:01:91:5a:
6b:9c:b4:cb:f5:3d:28:0d:fb:3d:87:f7:c0:b7:87:af:64:01:
32:32:9e:1c:59:b1:93:db:96:ed:8c:ec:15:fd:25:bb:30:d5:
81:eb:e7:99:02:c9:b0:2a:cd:4f:e9:ec:21:df:4c:9e:9e:ca:
d6:ff:f9:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZCie2Wc6Jetzi5o9/PNVT8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTI4MTBmNDliMzZmZGQ2NDFjMzI2YmQxZGU0ZTQyZDEy
OGIwNDYwHhcNMjQwNzExMTU0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVmZThkZmYwOWEwZmQ5ZDBlZDU5ODNiM2JlNmU4MDhhM2I2NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/SExiRyYV5s83Dscs5Z27vnGJ+U
XOWe6V+IXz2grn+oxuSLu5nnjTDKX0TJgYKBQmwsWLH8Z8bdY+Bp2dZgycnq7+2B
GZlgZk4qaUxxKbihmjf2V76WCO5+/LWTL1QjfFWkgfEOs06lfGMI/saJ9bREtVJP
/Prp1FxKziX1+TAKZlArcSjjRCel+XDHcNrU8pDFVjwl/fHJsUFvY9YVq6eFyMD/
rjyBjm9l7j+mOvHqTgfe4ehFrs/tZ5+zvABxMGCaKRwEzbzmb0PJ5aGFUnUPppYi
5PdLZ/6Je2agLDhwewM3tyaJZZew7SD/stxpYiSrNhQ8/DSV/j25hpYykwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOLv6N/wmg/Z0O1Zg7O+boCKO2RzMB8GA1UdIwQY
MBaAFPLigQ9Js2/dZBwya9HeTkLRKLBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAt
NTBkMmI3MGJjZjMxLzEvNHVfbzNfQ2FEOW5RN1ZtRHM3NXVnSW83WkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAtNTBkMmI3MGJjZjMx
LzEvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBdBAIAATBXAwMALtoDBAZN
aAADBAZSZQADBAZTkUADAwJZ4AMDAVxmAwQCucysAwQEw6fAAwQEw6fgAwQFw/gA
AwQH1GMAAwQF1GcAAwQG1R6AAwQF1fQAAwQE2UJwMA0EAgACMAcDBQMqAuAAMA0G
CSqGSIb3DQEBCwUAA4IBAQA5MPnUpJFULTA0Bmsd/LGAcU4IpytzuoZwolWS6/XK
aQz/CdsXVKBi/YvdjIwLYjiTpNHmmWAujXqwDKboVyzy/CSK9eGToi43pLsWYdxO
6xbKTGOpqam6JnrVix9SvSxdMxBYH8mNoIYMbsF9i7GurgixDAxjHsnRGdXKzKHL
HAFh7VwccaVTTlGLrsaWgTIZln+UcxytdNtGDks/jQvW1Bs8R5pcaJeb6LIH5E9Y
+NGI8lg7QZtsbJ5EEB/XZx9oD68BkVprnLTL9T0oDfs9h/fAt4evZAEyMp4cWbGT
25btjOwV/SW7MNWB6+eZAsmwKs1P6ewh30yensrW//nv
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:36 2024 by rpki-client on console-fra.rpki-client.org