Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/vL7sgOo_tCyPmZO0rLYLZVChUZg.roa
File: vL7sgOo_tCyPmZO0rLYLZVChUZg.roa (raw, json)
Hash identifier: CRrAJsjLt/Y5GhpRgUJA9xcGbVWv0/R7BK5vbyE82jw=
Subject key identifier: BC:BE:EC:80:EA:3F:B4:2C:8F:99:93:B4:AC:B6:0B:65:50:A1:51:98
Certificate issuer: /CN=b321cb828908f430749ee3a5f2a62de5f822f7d1
Certificate serial: 018CC8012457D3AFD092B1FE748669961958
Authority key identifier: B3:21:CB:82:89:08:F4:30:74:9E:E3:A5:F2:A6:2D:E5:F8:22:F7:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syHLgokI9DB0nuOl8qYt5fgi99E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/vL7sgOo_tCyPmZO0rLYLZVChUZg.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41789
IP address blocks: 91.142.145.0/24 maxlen: 24
91.142.144.0/24 maxlen: 24
91.142.150.0/24 maxlen: 24
91.142.149.0/24 maxlen: 24
91.142.148.0/24 maxlen: 24
91.142.147.0/24 maxlen: 24
91.142.152.0/21 maxlen: 21
91.142.151.0/24 maxlen: 24
91.142.146.0/24 maxlen: 24
91.142.158.0/24 maxlen: 24
46.16.11.0/24 maxlen: 24
46.16.10.0/24 maxlen: 24
46.16.9.0/24 maxlen: 24
46.16.8.0/24 maxlen: 24
46.227.24.0/24 maxlen: 24
46.227.31.0/24 maxlen: 24
46.227.30.0/24 maxlen: 24
46.227.29.0/24 maxlen: 24
46.227.28.0/24 maxlen: 24
46.227.27.0/24 maxlen: 24
46.227.26.0/24 maxlen: 24
46.227.25.0/24 maxlen: 24
159.255.0.0/20 maxlen: 20
159.255.16.0/24 maxlen: 24
159.255.17.0/24 maxlen: 24
159.255.23.0/24 maxlen: 24
159.255.19.0/24 maxlen: 24
159.255.18.0/24 maxlen: 24
159.255.22.0/24 maxlen: 24
159.255.21.0/24 maxlen: 24
159.255.20.0/24 maxlen: 24
159.255.29.0/24 maxlen: 24
159.255.28.0/24 maxlen: 24
159.255.31.0/24 maxlen: 24
159.255.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/syHLgokI9DB0nuOl8qYt5fgi99E.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/syHLgokI9DB0nuOl8qYt5fgi99E.mft
rsync://rpki.ripe.net/repository/DEFAULT/syHLgokI9DB0nuOl8qYt5fgi99E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:24:57:d3:af:d0:92:b1:fe:74:86:69:96:19:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b321cb828908f430749ee3a5f2a62de5f822f7d1
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcbeec80ea3fb42c8f9993b4acb60b6550a15198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ed:90:54:5a:38:55:d1:b7:04:1b:d6:89:37:
fd:94:b9:8c:30:7a:76:b3:44:b0:85:80:d9:6c:83:
b0:e4:43:50:83:7f:dd:f6:82:c7:13:ae:12:8b:13:
69:88:7b:ca:65:4d:43:0e:00:02:fc:f4:ab:86:ca:
b1:c2:77:e7:ec:c3:38:c7:3a:df:9c:79:1f:a4:71:
43:4b:14:e1:84:9c:ab:0d:08:40:f3:e2:5a:92:75:
c2:e8:33:d0:47:59:5e:36:f6:55:5d:07:dd:5b:d0:
e7:c9:c2:48:e8:1a:98:5e:4f:c4:56:2a:29:32:8a:
e6:26:2a:00:60:ee:c9:94:78:76:e8:e6:0c:8d:a8:
88:d7:ce:38:85:46:83:0f:31:c7:fc:b6:05:fa:27:
62:08:34:fb:86:e0:3f:8a:8a:97:d4:19:3f:99:0c:
82:3a:c0:3c:99:19:24:e6:b6:23:02:78:57:85:62:
79:1a:00:84:a5:f1:83:49:e9:0d:a6:38:4a:84:4a:
57:2b:62:fa:13:8f:06:28:ff:23:25:45:36:a7:04:
1d:a7:69:0f:c5:0c:92:dc:0d:1c:68:1a:e4:ce:ff:
9f:55:49:13:34:65:1c:6c:fb:6f:20:4a:53:fc:a0:
ae:37:77:e9:b4:2e:7b:c5:2c:2b:95:21:55:68:2a:
0a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BE:EC:80:EA:3F:B4:2C:8F:99:93:B4:AC:B6:0B:65:50:A1:51:98
X509v3 Authority Key Identifier:
keyid:B3:21:CB:82:89:08:F4:30:74:9E:E3:A5:F2:A6:2D:E5:F8:22:F7:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syHLgokI9DB0nuOl8qYt5fgi99E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/vL7sgOo_tCyPmZO0rLYLZVChUZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ccaa1a-9daa-44b8-9e26-87f341888560/1/syHLgokI9DB0nuOl8qYt5fgi99E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.8.0/22
46.227.24.0/21
91.142.144.0/20
159.255.0.0-159.255.23.255
159.255.28.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:c4:1b:8d:6a:5b:8c:5d:cb:74:bd:c0:cc:a8:81:0f:64:ca:
7c:46:7b:1e:42:56:97:c2:67:0c:4a:9f:67:fc:93:f1:5a:82:
76:ed:00:4d:07:00:0b:4c:7c:89:3d:b9:49:56:31:33:9c:a4:
f7:15:61:32:68:bc:17:f4:d0:66:f6:f2:ad:08:98:ed:59:19:
f6:a8:3d:ec:4d:48:a6:90:83:9e:78:4a:56:9d:96:6e:b3:bb:
31:49:64:5c:3f:8a:dd:1e:d0:73:98:3c:82:8a:cb:f0:9e:44:
8f:5f:17:e5:54:19:53:5d:08:20:21:fb:6f:19:1c:cd:c6:80:
4c:d5:a7:ab:6e:6a:02:f9:39:bf:62:85:d2:6e:80:5a:e2:44:
01:74:77:ed:bc:bb:9c:82:ad:fa:d2:52:de:d1:d2:2a:ae:88:
37:86:4e:a2:cb:5a:54:ab:a0:92:8d:90:7b:33:81:59:5a:bc:
ae:ce:e5:a4:6e:40:dc:64:ba:b3:af:f1:ab:ed:7c:c7:cd:1b:
7b:47:97:65:d8:08:88:ef:83:b1:19:c6:14:3a:13:b7:33:b0:
1a:2c:4f:bd:2b:46:81:fe:f0:15:fb:e7:3c:17:df:d2:22:17:
55:9b:1f:5c:2c:59:c1:db:c7:d2:7b:07:d8:53:5c:70:5a:73:
69:92:1b:12
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzIASRX06/QkrH+dIZplhlYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjFjYjgyODkwOGY0MzA3NDllZTNhNWYyYTYyZGU1Zjgy
MmY3ZDEwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2JlZWM4MGVhM2ZiNDJjOGY5OTkzYjRhY2I2MGI2NTUwYTE1MTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie2QVFo4VdG3BBvWiTf9lLmMMHp2
s0SwhYDZbIOw5ENQg3/d9oLHE64SixNpiHvKZU1DDgAC/PSrhsqxwnfn7MM4xzrf
nHkfpHFDSxThhJyrDQhA8+JaknXC6DPQR1leNvZVXQfdW9DnycJI6BqYXk/EViop
MormJioAYO7JlHh26OYMjaiI1844hUaDDzHH/LYF+idiCDT7huA/ioqX1Bk/mQyC
OsA8mRkk5rYjAnhXhWJ5GgCEpfGDSekNpjhKhEpXK2L6E48GKP8jJUU2pwQdp2kP
xQyS3A0caBrkzv+fVUkTNGUcbPtvIEpT/KCuN3fptC57xSwrlSFVaCoKhQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLy+7IDqP7Qsj5mTtKy2C2VQoVGYMB8GA1UdIwQY
MBaAFLMhy4KJCPQwdJ7jpfKmLeX4IvfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lITGdva0k5REIwbnVPbDhxWXQ1ZmdpOTlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jY2FhMWEtOWRhYS00NGI4LTllMjYt
ODdmMzQxODg4NTYwLzEvdkw3c2dPb190Q3lQbVpPMHJMWUxaVkNoVVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jY2FhMWEtOWRhYS00NGI4LTllMjYtODdmMzQxODg4NTYw
LzEvc3lITGdva0k5REIwbnVPbDhxWXQ1ZmdpOTlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQCLhAIAwQD
LuMYAwQEW46QMAsDAwCf/wMEA5//EAMEAp//HDANBgkqhkiG9w0BAQsFAAOCAQEA
T8QbjWpbjF3LdL3AzKiBD2TKfEZ7HkJWl8JnDEqfZ/yT8VqCdu0ATQcAC0x8iT25
SVYxM5yk9xVhMmi8F/TQZvbyrQiY7VkZ9qg97E1IppCDnnhKVp2WbrO7MUlkXD+K
3R7Qc5g8gorL8J5Ej18X5VQZU10IICH7bxkczcaATNWnq25qAvk5v2KF0m6AWuJE
AXR37by7nIKt+tJS3tHSKq6IN4ZOostaVKugko2QezOBWVq8rs7lpG5A3GS6s6/x
q+18x80be0eXZdgIiO+DsRnGFDoTtzOwGixPvStGgf7wFfvnPBff0iIXVZsfXCxZ
wdvH0nsH2FNccFpzaZIbEg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:46:35 2024 by rpki-client on console-fra.rpki-client.org