Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/4i708Iz4CDWz3ckfhiuWoEg-lko.roa
File: 4i708Iz4CDWz3ckfhiuWoEg-lko.roa (raw, json)
Hash identifier: FHWW8DwCPme3QQCP1mGjDSWsHs46295mpXS9eJioV+I=
Subject key identifier: E2:2E:F4:F0:8C:F8:08:35:B3:DD:C9:1F:86:2B:96:A0:48:3E:96:4A
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 01925199875E8563F10A14CB295236DD5705
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/4i708Iz4CDWz3ckfhiuWoEg-lko.roa
Signing time: Thu 03 Oct 2024 08:57:48 +0000
ROA not before: Thu 03 Oct 2024 08:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42905
IP address blocks: 81.163.216.0/21 maxlen: 21
81.163.216.0/22 maxlen: 22
81.163.216.0/24 maxlen: 24
81.163.217.0/24 maxlen: 24
81.163.218.0/24 maxlen: 24
81.163.219.0/24 maxlen: 24
81.163.220.0/24 maxlen: 24
81.163.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:99:87:5e:85:63:f1:0a:14:cb:29:52:36:dd:57:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Oct 3 08:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e22ef4f08cf80835b3ddc91f862b96a0483e964a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ad:a5:22:01:65:b6:11:8f:c6:b2:7d:ce:f4:
a2:50:e3:6e:25:1b:6b:39:15:5b:82:f8:7f:b7:81:
a7:c0:21:2e:e4:a4:95:64:19:5b:eb:56:68:07:ff:
14:c5:47:10:ca:09:f8:0c:07:5f:65:18:7e:0d:a5:
bd:d2:82:33:d8:8b:54:4f:95:19:14:85:34:40:94:
ce:a2:4b:54:27:f8:d2:da:15:a0:98:cb:84:07:b6:
41:92:83:04:a6:fb:92:f6:86:ea:ec:f4:87:1d:46:
2f:a7:19:38:2d:b2:e6:48:96:5b:a4:d2:f1:4f:48:
24:6b:51:4b:0b:cb:e2:69:37:36:7e:1a:26:5b:32:
fe:b4:a9:ef:56:0b:a4:9d:43:ab:f4:2d:00:68:63:
89:27:6c:37:9f:ca:e8:8d:8b:83:e0:fe:50:5d:bb:
98:58:2d:e4:05:a7:df:4e:8c:09:c5:2a:14:cc:dc:
85:b1:e9:d6:a7:2d:fc:ca:03:11:2a:82:f3:6e:51:
d9:fb:dc:c2:f5:6d:b1:58:d3:a3:af:dd:6e:76:31:
67:1f:63:73:94:4c:bc:4b:4c:66:4e:a4:6b:e7:d1:
d5:7b:ad:fd:67:98:06:7b:83:5a:9c:31:ef:3d:9c:
b9:48:71:4d:e4:67:7f:eb:20:9b:79:de:f7:59:01:
bc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2E:F4:F0:8C:F8:08:35:B3:DD:C9:1F:86:2B:96:A0:48:3E:96:4A
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/4i708Iz4CDWz3ckfhiuWoEg-lko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.216.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:51:f4:9f:79:b1:82:c9:8b:ea:1a:ed:96:4f:c6:86:95:5f:
b5:ca:a1:7b:84:87:dc:17:20:14:bf:0e:3e:d2:79:0f:cb:84:
14:a4:2d:68:fb:ce:e2:a9:87:0d:0b:f5:d0:0c:c8:0b:67:80:
b6:82:f5:19:45:92:95:3f:91:3f:bd:a1:a7:22:ab:93:0f:c7:
17:fe:b5:67:cb:6a:43:96:63:fa:5e:3a:17:44:fb:09:c1:49:
3a:95:40:65:d2:7d:5c:58:5a:ba:ba:21:d8:f4:17:bc:1c:57:
f7:c9:ef:6e:bf:eb:47:3c:12:63:f6:ab:28:bd:5a:64:5d:04:
d6:57:3b:f9:2f:64:9a:e5:59:ff:0f:7f:84:ac:52:36:06:ec:
7f:90:53:61:d4:8f:ad:16:be:73:15:0e:9d:97:98:23:b6:00:
f5:de:64:32:84:10:f0:75:fa:d4:c6:e4:c3:d9:ff:6c:12:af:
57:59:11:7a:13:94:a4:74:80:e3:72:a4:ab:51:da:ae:a0:dc:
30:db:a4:3d:1e:9e:ce:e4:f0:72:8a:28:90:f6:f5:6e:f3:93:
75:71:2a:f5:0f:29:13:c5:ca:d5:58:d9:b3:72:66:ad:f9:0c:
ac:8c:6d:f4:de:d3:0e:25:50:2c:8e:56:ec:99:d6:b2:42:8b:
35:78:61:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRmYdehWPxChTLKVI23VcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjQxMDAzMDg1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjJlZjRmMDhjZjgwODM1YjNkZGM5MWY4NjJiOTZhMDQ4M2U5NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq2lIgFlthGPxrJ9zvSiUONuJRtr
ORVbgvh/t4GnwCEu5KSVZBlb61ZoB/8UxUcQygn4DAdfZRh+DaW90oIz2ItUT5UZ
FIU0QJTOoktUJ/jS2hWgmMuEB7ZBkoMEpvuS9obq7PSHHUYvpxk4LbLmSJZbpNLx
T0gka1FLC8viaTc2fhomWzL+tKnvVguknUOr9C0AaGOJJ2w3n8rojYuD4P5QXbuY
WC3kBaffTowJxSoUzNyFsenWpy38ygMRKoLzblHZ+9zC9W2xWNOjr91udjFnH2Nz
lEy8S0xmTqRr59HVe639Z5gGe4NanDHvPZy5SHFN5Gd/6yCbed73WQG8RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIu9PCM+Ag1s93JH4YrlqBIPpZKMB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvNGk3MDhJejRDRFd6M2NrZmhpdVdvRWctbGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTctODA5NWYzMjk3MTc5
LzEvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUaPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCnUfSfebGCyYvqGu2WT8aGlV+1yqF7hIfcFyAUvw4+
0nkPy4QUpC1o+87iqYcNC/XQDMgLZ4C2gvUZRZKVP5E/vaGnIquTD8cX/rVny2pD
lmP6XjoXRPsJwUk6lUBl0n1cWFq6uiHY9Be8HFf3ye9uv+tHPBJj9qsovVpkXQTW
Vzv5L2Sa5Vn/D3+ErFI2Bux/kFNh1I+tFr5zFQ6dl5gjtgD13mQyhBDwdfrUxuTD
2f9sEq9XWRF6E5SkdIDjcqSrUdquoNww26Q9Hp7O5PByiiiQ9vVu85N1cSr1DykT
xcrVWNmzcmat+QysjG303tMOJVAsjlbsmdayQos1eGF6
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:18 2024 by rpki-client on console-fra.rpki-client.org