Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/48uPEurPgSALH0LbZUPOR68wy_U.roa
File: 48uPEurPgSALH0LbZUPOR68wy_U.roa (raw, json)
Hash identifier: J/fW5io5h7uYUjmVy7Q6nf8eAXy2MA1smGgNjABO2VU=
Subject key identifier: E3:CB:8F:12:EA:CF:81:20:0B:1F:42:DB:65:43:CE:47:AF:30:CB:F5
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018EC228E2D90E262C68882B3953A09D777F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/48uPEurPgSALH0LbZUPOR68wy_U.roa
Signing time: Tue 09 Apr 2024 09:20:43 +0000
ROA not before: Tue 09 Apr 2024 09:20:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203963
IP address blocks: 37.49.148.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
176.46.157.0/24 maxlen: 24
176.46.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:28:e2:d9:0e:26:2c:68:88:2b:39:53:a0:9d:77:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Apr 9 09:20:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3cb8f12eacf81200b1f42db6543ce47af30cbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:33:b9:3e:66:b2:02:4d:f7:1d:00:8d:36:62:
50:1f:e1:9e:52:a6:78:32:ab:2a:20:20:5d:87:6b:
d6:08:60:c0:90:33:4a:bc:73:53:0c:c5:4c:13:f1:
56:68:fd:e8:dd:62:95:fd:b1:91:8c:ea:4c:95:0f:
91:39:07:6a:49:17:d4:55:30:d1:64:db:6a:10:8e:
b3:e3:c3:46:a6:34:93:9e:05:8c:48:20:da:ca:30:
23:bf:07:88:87:1f:4f:c5:82:22:95:3b:8f:08:4b:
93:64:34:ae:66:43:01:ac:1a:d6:66:2a:53:eb:4b:
76:4a:76:6d:df:32:48:a3:ed:e5:6d:eb:9f:c7:34:
02:18:e1:44:a9:5a:88:1a:e0:82:d1:e7:50:15:67:
eb:45:73:64:4a:2f:a8:fe:b4:f0:90:28:e7:8d:0d:
0e:78:b6:82:31:98:7a:d1:bf:e6:46:db:2f:95:bb:
1f:60:ae:2c:27:ad:98:92:f5:1f:69:0e:4e:c5:2c:
08:d1:23:2d:88:5e:d2:c5:85:d2:31:98:bc:e8:dd:
8c:84:32:0b:eb:77:e1:4b:69:17:14:25:17:4a:b1:
bf:ff:c1:2e:bb:14:31:cb:c0:0d:ed:40:ab:5c:49:
35:b8:85:9b:90:18:0a:e6:d1:df:47:4d:73:7f:53:
e6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CB:8F:12:EA:CF:81:20:0B:1F:42:DB:65:43:CE:47:AF:30:CB:F5
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/48uPEurPgSALH0LbZUPOR68wy_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/24
94.74.137.0/24
94.74.156.0/24
94.74.158.0/23
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
109.203.163.0/24
176.46.136.0/24
176.46.138.0/23
176.46.141.0-176.46.142.255
176.46.144.0/24
176.46.148.0-176.46.150.255
176.46.152.0-176.46.158.255
Signature Algorithm: sha256WithRSAEncryption
00:a7:8a:0c:3f:79:63:e9:bf:26:85:ab:df:23:15:b9:08:03:
5e:ad:80:28:37:3d:e5:29:cd:a1:2c:86:3d:c9:17:9e:8f:ab:
e1:b9:90:58:31:65:50:24:19:d2:ad:58:97:9c:21:e7:b9:b9:
11:66:d7:52:53:93:d1:94:a4:ea:2e:6b:e6:8a:74:5c:9d:98:
1f:37:c1:de:31:dc:d6:0e:f7:a5:b0:78:f7:67:9f:de:24:4b:
10:dc:c4:ef:79:16:99:0a:6c:ad:b7:22:9c:cc:57:1c:44:88:
14:21:db:0c:80:db:57:70:47:ce:48:df:bc:dd:34:72:25:f2:
0c:ae:ff:64:76:fe:cc:f2:a7:ae:77:e3:84:dd:8a:b6:0c:62:
c4:58:de:7d:05:db:8e:c2:49:87:ba:9f:2b:0e:89:95:10:b2:
e1:b0:11:ab:76:9b:6c:3f:66:10:92:ed:0b:7e:0d:37:ca:ed:
80:be:3b:96:a4:04:19:bd:80:d2:20:1c:fb:9a:fe:e9:21:0e:
97:e6:29:a2:2d:3d:d3:80:28:e0:9d:d1:b5:d8:70:7d:44:41:
42:5c:77:2f:11:93:06:77:57:e7:68:c9:44:7c:59:f0:3b:dd:
21:96:f5:17:0b:b3:76:f8:fd:14:d9:e5:d4:12:58:3a:1c:e9:
3d:53:8f:d9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY7CKOLZDiYsaIgrOVOgnXd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwNDA5MDkyMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NiOGYxMmVhY2Y4MTIwMGIxZjQyZGI2NTQzY2U0N2FmMzBjYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizO5PmayAk33HQCNNmJQH+GeUqZ4
MqsqICBdh2vWCGDAkDNKvHNTDMVME/FWaP3o3WKV/bGRjOpMlQ+ROQdqSRfUVTDR
ZNtqEI6z48NGpjSTngWMSCDayjAjvweIhx9PxYIilTuPCEuTZDSuZkMBrBrWZipT
60t2SnZt3zJIo+3lbeufxzQCGOFEqVqIGuCC0edQFWfrRXNkSi+o/rTwkCjnjQ0O
eLaCMZh60b/mRtsvlbsfYK4sJ62YkvUfaQ5OxSwI0SMtiF7SxYXSMZi86N2MhDIL
63fhS2kXFCUXSrG//8EuuxQxy8AN7UCrXEk1uIWbkBgK5tHfR01zf1PmowIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFOPLjxLqz4EgCx9C22VDzkevMMv1MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvNDh1UEV1clBnU0FMSDBMYlpVUE9SNjh3eV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACUx
lAMEAF5KiQMEAF5KnAMEAV5KngMEAF5KpAMEAF5KqQMEAF5KqwMEAF5KtgMEAF5K
uwMEAF5KvwMEAG3LowMEALAuiAMEAbAuijAMAwQAsC6NAwQAsC6OAwQAsC6QMAwD
BAKwLpQDBACwLpYwDAMEA7AumAMEALAunjANBgkqhkiG9w0BAQsFAAOCAQEAAKeK
DD95Y+m/JoWr3yMVuQgDXq2AKDc95SnNoSyGPckXno+r4bmQWDFlUCQZ0q1Yl5wh
57m5EWbXUlOT0ZSk6i5r5op0XJ2YHzfB3jHc1g73pbB492ef3iRLENzE73kWmQps
rbcinMxXHESIFCHbDIDbV3BHzkjfvN00ciXyDK7/ZHb+zPKnrnfjhN2KtgxixFje
fQXbjsJJh7qfKw6JlRCy4bARq3abbD9mEJLtC34NN8rtgL47lqQEGb2A0iAc+5r+
6SEOl+Ypoi0904Ao4J3RtdhwfURBQlx3LxGTBndX52jJRHxZ8DvdIZb1Fwuzdvj9
FNnl1BJYOhzpPVOP2Q==
-----END CERTIFICATE-----
Generated at Sun Jun 2 17:10:19 2024 by rpki-client on console-fra.rpki-client.org