Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/S94wqkVgjqoj_VVwqnHmJMne7Go.roa
File: S94wqkVgjqoj_VVwqnHmJMne7Go.roa (raw, json)
Hash identifier: Os6aIKCnDcu9mIZzYgVcwi7p9fbo3zrMX/xDjAtnI98=
Subject key identifier: 4B:DE:30:AA:45:60:8E:AA:23:FD:55:70:AA:71:E6:24:C9:DE:EC:6A
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018E07C3AF6DC8DA4058F83D514A7D8C36A9
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/S94wqkVgjqoj_VVwqnHmJMne7Go.roa
Signing time: Mon 04 Mar 2024 04:40:48 +0000
ROA not before: Mon 04 Mar 2024 04:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 5.35.192.0/21 maxlen: 24
84.234.16.0/20 maxlen: 24
85.204.160.0/22 maxlen: 24
194.88.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 07:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:07:c3:af:6d:c8:da:40:58:f8:3d:51:4a:7d:8c:36:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 4 04:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bde30aa45608eaa23fd5570aa71e624c9deec6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1f:9b:b3:74:03:20:6c:b8:41:e8:f7:b5:95:
4b:11:e8:7a:44:2f:3a:6b:31:84:21:9a:49:6d:b8:
f8:c5:a2:87:c5:e9:46:60:a2:d2:8b:46:84:ee:ef:
d8:a6:88:48:a0:6d:07:f3:39:d4:0f:1f:97:a0:b3:
a5:42:4f:bb:d5:5a:a0:2d:c4:10:4e:15:20:cd:9c:
a5:6a:09:00:7c:e6:e2:c0:a3:9a:50:dc:20:e3:a3:
7b:ca:2a:a8:47:68:8d:18:ad:00:7e:22:c4:83:5f:
63:e2:dd:15:43:ab:fd:d8:5f:0a:ed:9a:0a:5a:03:
ff:8e:d7:0c:d4:68:1e:cf:cc:fc:e9:74:c5:56:f4:
1c:bd:74:0c:6b:f7:05:2f:73:c8:3a:5e:4e:22:cc:
1c:b5:aa:b9:a8:ba:45:f8:5e:3c:53:cb:2c:3b:25:
bf:b1:4d:ec:2d:93:0b:99:53:11:ea:62:c9:38:b9:
0d:05:f0:a5:32:03:0a:ac:2f:fe:9a:e1:31:5f:c2:
cd:de:8c:4f:66:e2:3d:ee:11:46:c2:b3:65:d3:b8:
4e:82:2e:b4:6c:a8:a5:46:64:c5:62:46:b8:fe:f4:
b6:8c:ad:e3:cf:ad:03:96:a5:1b:35:53:a4:d3:dd:
e0:c4:e1:57:c8:05:a6:58:86:d0:67:bf:ee:32:7a:
36:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DE:30:AA:45:60:8E:AA:23:FD:55:70:AA:71:E6:24:C9:DE:EC:6A
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/S94wqkVgjqoj_VVwqnHmJMne7Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
84.234.16.0/20
85.204.160.0/22
194.88.96.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:72:ff:e0:6d:ef:82:dc:c9:46:d9:f8:49:80:8c:75:8a:1b:
68:50:59:79:ba:51:8e:a1:2f:6e:88:b8:69:40:39:87:38:2b:
a0:b8:57:c9:3d:81:ca:5f:63:79:9b:3b:65:f2:ab:28:56:35:
a1:ef:cc:a0:19:8a:fa:9e:6a:8e:b0:0e:a9:a5:b8:6e:f2:36:
b9:65:70:11:32:b0:6c:1d:ea:06:5d:a2:a5:6a:c8:e4:a2:7f:
d0:73:e0:60:08:c3:b5:d2:e0:43:4d:d6:3c:d6:da:7f:23:fd:
7a:9d:ba:d2:65:6c:be:9a:32:43:e7:9a:22:26:d5:dd:2c:dc:
74:16:39:d7:cd:a9:10:31:86:6d:b4:b7:7b:c8:46:23:aa:5d:
64:f5:b4:14:a0:0c:5d:d2:b4:2a:e6:cf:25:2f:68:db:83:fe:
1f:62:6f:0e:96:96:34:17:36:e7:83:c3:98:cb:de:1b:e5:62:
7f:75:da:28:32:ca:2f:87:12:b2:1d:8d:84:3e:b3:95:3a:b1:
2a:54:0c:04:56:c8:7e:55:52:5d:fe:2b:d0:35:c4:59:50:38:
c0:24:70:fd:2c:e6:88:70:17:f8:18:5d:a3:32:38:68:9b:ba:
48:34:9e:80:29:51:2e:f6:20:4c:4d:2b:ec:21:5d:40:a8:fa:
5a:7b:ba:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4Hw69tyNpAWPg9UUp9jDapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMzA0MDQ0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRlMzBhYTQ1NjA4ZWFhMjNmZDU1NzBhYTcxZTYyNGM5ZGVlYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh+bs3QDIGy4Qej3tZVLEeh6RC86
azGEIZpJbbj4xaKHxelGYKLSi0aE7u/YpohIoG0H8znUDx+XoLOlQk+71VqgLcQQ
ThUgzZylagkAfObiwKOaUNwg46N7yiqoR2iNGK0AfiLEg19j4t0VQ6v92F8K7ZoK
WgP/jtcM1Ggez8z86XTFVvQcvXQMa/cFL3PIOl5OIswctaq5qLpF+F48U8ssOyW/
sU3sLZMLmVMR6mLJOLkNBfClMgMKrC/+muExX8LN3oxPZuI97hFGwrNl07hOgi60
bKilRmTFYka4/vS2jK3jz60DlqUbNVOk093gxOFXyAWmWIbQZ7/uMno2HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEveMKpFYI6qI/1VcKpx5iTJ3uxqMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUzk0d3FrVmdqcW9qX1ZWd3FuSG1KTW5lN0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSPAAwQE
VOoQAwQCVcygAwQDwlhgMA0GCSqGSIb3DQEBCwUAA4IBAQAfcv/gbe+C3MlG2fhJ
gIx1ihtoUFl5ulGOoS9uiLhpQDmHOCuguFfJPYHKX2N5mztl8qsoVjWh78ygGYr6
nmqOsA6ppbhu8ja5ZXARMrBsHeoGXaKlasjkon/Qc+BgCMO10uBDTdY81tp/I/16
nbrSZWy+mjJD55oiJtXdLNx0FjnXzakQMYZttLd7yEYjql1k9bQUoAxd0rQq5s8l
L2jbg/4fYm8OlpY0Fzbng8OYy94b5WJ/ddooMsovhxKyHY2EPrOVOrEqVAwEVsh+
VVJd/ivQNcRZUDjAJHD9LOaIcBf4GF2jMjhom7pINJ6AKVEu9iBMTSvsIV1AqPpa
e7rk
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:16:55 2024 by rpki-client on console-ams.rpki-client.org