Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ckEG2hwoZ1z6GOyZS435szyVXsk.roa
File: ckEG2hwoZ1z6GOyZS435szyVXsk.roa (raw, json)
Hash identifier: YQQRC0LtxY8ZSfOY9BuTcn2djaIggfX/IpYDNYpE23k=
Subject key identifier: 72:41:06:DA:1C:28:67:5C:FA:18:EC:99:4B:8D:F9:B3:3C:95:5E:C9
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018D17E6B3CBBB49E5023B3933CDCBFFF594
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ckEG2hwoZ1z6GOyZS435szyVXsk.roa
Signing time: Wed 17 Jan 2024 14:50:11 +0000
ROA not before: Wed 17 Jan 2024 14:50:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 43.239.88.0/22 maxlen: 22
45.43.88.0/22 maxlen: 22
45.43.92.0/22 maxlen: 22
91.210.64.0/22 maxlen: 22
103.206.232.0/22 maxlen: 22
107.181.156.0/22 maxlen: 22
155.254.40.0/22 maxlen: 22
155.254.44.0/22 maxlen: 22
155.254.50.0/23 maxlen: 23
155.254.52.0/22 maxlen: 22
155.254.56.0/22 maxlen: 22
185.135.212.0/22 maxlen: 22
198.105.96.0/22 maxlen: 22
198.105.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:e6:b3:cb:bb:49:e5:02:3b:39:33:cd:cb:ff:f5:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 17 14:50:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=724106da1c28675cfa18ec994b8df9b33c955ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e1:55:e8:ae:bb:b9:10:07:98:c5:de:0c:83:
22:30:d6:89:12:df:83:7c:aa:e7:bf:42:f2:0e:f7:
d1:b2:bc:ff:2f:1b:31:ae:7f:c9:6c:a8:e1:c1:6d:
a0:20:c6:17:c1:c7:0f:18:77:73:d2:91:3b:64:39:
0e:92:94:48:66:2d:a6:10:4d:bf:e3:6d:d1:5a:4d:
09:42:6b:da:c2:d5:26:b4:e6:f4:3e:52:ac:55:bd:
b1:ca:3c:0f:84:ce:23:5b:e4:e8:5b:a1:36:1a:d9:
2b:42:29:01:d8:12:aa:01:94:e4:4f:a1:bc:98:59:
d2:e1:4e:ac:aa:18:fe:7e:26:4e:8d:e2:96:4a:44:
69:28:69:38:c5:7d:12:1a:ec:2e:2c:90:bd:51:05:
23:ef:24:a1:53:4e:a3:4e:85:a8:38:f8:73:95:40:
da:0a:d1:6c:83:aa:4d:17:a3:e3:cf:b0:00:fc:c5:
96:e6:18:79:78:c6:03:f4:8e:96:30:40:3a:ca:22:
43:93:9e:72:4b:c0:04:79:d0:2c:93:8d:95:15:0f:
98:75:a1:24:cc:e1:a0:16:65:7d:6e:60:6c:50:54:
18:e0:dd:02:65:aa:bd:76:d9:69:67:b3:f7:91:94:
d3:26:7f:db:d4:bb:2a:a0:2c:83:f8:aa:e1:41:93:
0e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:41:06:DA:1C:28:67:5C:FA:18:EC:99:4B:8D:F9:B3:3C:95:5E:C9
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ckEG2hwoZ1z6GOyZS435szyVXsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
45.43.88.0/21
91.210.64.0/22
103.206.232.0/22
107.181.156.0/22
155.254.40.0/21
155.254.50.0-155.254.59.255
185.135.212.0/22
198.105.96.0/22
198.105.104.0/22
Signature Algorithm: sha256WithRSAEncryption
33:c2:01:7b:0b:fd:32:f5:2d:15:3a:ef:04:b1:c8:d7:88:87:
03:f3:cc:58:43:25:c2:da:79:c3:63:ec:0c:32:c4:c9:e4:5c:
f2:ed:50:9a:3e:f6:1c:d1:b2:1b:72:e9:71:e8:28:c6:a6:a2:
5d:3b:41:5b:4a:4a:c0:76:6d:6e:d9:a7:0d:2b:f1:a5:0e:69:
65:4e:50:fa:a2:ba:a5:ae:43:3d:17:06:1f:34:1f:b1:c2:3d:
42:6a:a5:2f:9e:8c:4c:cf:20:90:f2:8e:18:58:39:96:5e:0b:
ef:14:c3:89:bf:8f:37:b4:59:2e:a1:e1:6e:f8:b0:1a:ac:13:
0d:9f:b9:cc:89:9f:29:c6:b9:9b:a6:12:68:2a:af:1e:cd:e1:
9f:a4:6d:bc:b9:49:28:37:d3:1c:38:9e:a5:54:f0:a3:f8:37:
dd:c4:96:7c:71:87:76:87:98:65:83:64:67:c1:d1:7f:e6:cb:
af:b8:c4:a7:46:e8:f0:46:4c:bf:c6:20:54:c1:47:b5:0b:95:
46:f2:0a:92:bb:fa:2d:53:09:3d:44:cc:c4:1b:99:d9:fd:2c:
72:c6:74:ba:02:58:a4:8d:55:6e:0b:18:39:09:32:91:40:10:
4c:8c:40:e2:53:7c:b4:a7:8e:db:d3:1e:2b:5d:d6:a8:7d:bc:
4b:e8:06:ea
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY0X5rPLu0nlAjs5M83L//WUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTE3MTQ1MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQxMDZkYTFjMjg2NzVjZmExOGVjOTk0YjhkZjliMzNjOTU1ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouFV6K67uRAHmMXeDIMiMNaJEt+D
fKrnv0LyDvfRsrz/Lxsxrn/JbKjhwW2gIMYXwccPGHdz0pE7ZDkOkpRIZi2mEE2/
423RWk0JQmvawtUmtOb0PlKsVb2xyjwPhM4jW+ToW6E2GtkrQikB2BKqAZTkT6G8
mFnS4U6sqhj+fiZOjeKWSkRpKGk4xX0SGuwuLJC9UQUj7yShU06jToWoOPhzlUDa
CtFsg6pNF6Pjz7AA/MWW5hh5eMYD9I6WMEA6yiJDk55yS8AEedAsk42VFQ+YdaEk
zOGgFmV9bmBsUFQY4N0CZaq9dtlpZ7P3kZTTJn/b1LsqoCyD+KrhQZMOYQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFHJBBtocKGdc+hjsmUuN+bM8lV7JMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvY2tFRzJod29aMXo2R095WlM0MzVzenlWWHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCK+9YAwQD
LStYAwQCW9JAAwQCZ87oAwQCa7WcAwQDm/4oMAwDBAGb/jIDBAKb/jgDBAK5h9QD
BALGaWADBALGaWgwDQYJKoZIhvcNAQELBQADggEBADPCAXsL/TL1LRU67wSxyNeI
hwPzzFhDJcLaecNj7AwyxMnkXPLtUJo+9hzRshty6XHoKMamol07QVtKSsB2bW7Z
pw0r8aUOaWVOUPqiuqWuQz0XBh80H7HCPUJqpS+ejEzPIJDyjhhYOZZeC+8Uw4m/
jze0WS6h4W74sBqsEw2fucyJnynGuZumEmgqrx7N4Z+kbby5SSg30xw4nqVU8KP4
N93Elnxxh3aHmGWDZGfB0X/my6+4xKdG6PBGTL/GIFTBR7ULlUbyCpK7+i1TCT1E
zMQbmdn9LHLGdLoCWKSNVW4LGDkJMpFAEEyMQOJTfLSnjtvTHitd1qh9vEvoBuo=
-----END CERTIFICATE-----
Generated at Tue Apr 30 06:15:33 2024 by rpki-client on console-fra.rpki-client.org