Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/bNdyqvjDyudGTle-mJQh2aDLim0.roa
File: bNdyqvjDyudGTle-mJQh2aDLim0.roa (raw, json)
Hash identifier: mqdII+E250kbNAdIEU/v/nbq2eA7UsZ6pLO+t2FnxVY=
Subject key identifier: 6C:D7:72:AA:F8:C3:CA:E7:46:4E:57:BE:98:94:21:D9:A0:CB:8A:6D
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018ED3CF5FF72EAA4558C505315D6F0DA819
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/bNdyqvjDyudGTle-mJQh2aDLim0.roa
Signing time: Fri 12 Apr 2024 19:36:06 +0000
ROA not before: Fri 12 Apr 2024 19:36:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 46.3.86.0/23 maxlen: 23
46.232.4.0/23 maxlen: 23
46.232.20.0/22 maxlen: 22
46.232.72.0/21 maxlen: 21
46.232.96.0/20 maxlen: 20
149.126.195.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.204.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:cf:5f:f7:2e:aa:45:58:c5:05:31:5d:6f:0d:a8:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Apr 12 19:36:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cd772aaf8c3cae7464e57be989421d9a0cb8a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4a:56:37:08:87:bd:ea:d3:91:65:cb:f6:c8:
b5:e8:aa:c8:c4:91:6d:55:d8:29:19:72:22:29:a3:
65:d5:16:fb:84:87:56:5e:46:b6:f8:31:dc:8a:ee:
36:99:07:5a:ad:7f:9d:b2:25:ca:02:b4:b2:bb:ce:
85:ea:19:1a:99:f5:50:31:06:37:f0:ad:e5:16:83:
f1:78:74:11:b0:42:1d:2a:fc:5c:cd:9b:96:ab:49:
14:e2:58:19:eb:cc:3a:18:b3:62:97:6a:1b:c2:f9:
2f:87:bb:50:5c:fb:41:e4:98:25:19:0f:85:71:d2:
ee:5d:5a:fa:a1:fd:17:f5:d7:22:24:23:05:ba:db:
c3:d5:8a:0c:66:07:bb:ed:9c:5c:1a:07:8f:7f:09:
6f:e6:43:88:c4:19:37:1c:cd:f2:41:c6:2e:0e:e2:
42:38:62:36:00:29:02:a6:97:51:3e:72:d0:84:88:
c1:fe:2b:27:af:58:5e:41:24:71:33:8f:6b:4b:d0:
fb:00:e0:d1:c3:b4:d8:7c:50:b7:7a:dc:38:94:89:
02:f3:46:8d:ed:26:0b:05:cf:3f:f2:93:f6:53:a2:
32:c4:20:60:ea:52:ea:9e:30:b8:9d:c9:c5:6e:e6:
d9:31:f3:af:8d:16:8a:13:52:88:c5:6c:e0:6d:92:
b8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D7:72:AA:F8:C3:CA:E7:46:4E:57:BE:98:94:21:D9:A0:CB:8A:6D
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/bNdyqvjDyudGTle-mJQh2aDLim0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.86.0/23
46.232.4.0/23
46.232.20.0/22
46.232.72.0/21
46.232.96.0/20
149.126.195.0-149.126.196.255
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0-149.126.206.255
149.126.208.0/24
149.126.210.0/24
149.126.214.0/24
149.126.224.0/23
Signature Algorithm: sha256WithRSAEncryption
06:ac:82:c5:f3:af:ba:2c:cb:d7:42:e8:d5:71:5d:1d:b6:6c:
1d:75:c6:a3:17:cc:fa:e8:c4:c3:68:44:86:90:47:00:69:f9:
77:14:c0:b2:51:be:2b:9e:d3:4a:59:e9:ce:41:00:27:48:d4:
93:92:5b:0e:5c:2d:26:98:f0:95:94:59:45:83:dd:77:bd:33:
c4:f1:82:ab:de:00:fd:c9:ba:54:30:e4:96:a7:54:a8:21:bb:
bb:83:c3:8d:69:b5:a6:32:4c:b0:aa:46:0e:ee:99:67:00:4d:
85:52:8a:e3:9e:f4:b4:a8:a3:bf:fd:33:8f:87:9d:a7:6c:ab:
0a:5b:5d:5b:6b:4d:7d:71:c5:d5:54:91:57:07:60:00:2d:04:
77:a3:9c:a0:39:50:e7:14:05:de:f6:fe:a3:e4:90:13:57:8d:
3e:47:7d:b2:17:2d:71:d2:76:56:9d:f0:d1:72:ad:f3:49:d8:
ef:e2:67:ed:d5:0c:39:e3:f0:e7:3f:4b:0d:81:2a:59:3c:1a:
6f:0e:32:0e:49:b2:f5:f4:58:d2:db:3c:66:66:ec:e8:1b:09:
ba:db:ac:47:f4:3c:8a:f4:85:ab:d8:47:31:d0:f6:5b:75:a6:
73:70:2d:10:fc:2e:e7:61:f2:2f:84:86:fc:ae:29:18:fb:eb:
25:82:e1:b3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY7Tz1/3LqpFWMUFMV1vDagZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwNDEyMTkzNjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q3NzJhYWY4YzNjYWU3NDY0ZTU3YmU5ODk0MjFkOWEwY2I4YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kpWNwiHverTkWXL9si16KrIxJFt
VdgpGXIiKaNl1Rb7hIdWXka2+DHciu42mQdarX+dsiXKArSyu86F6hkamfVQMQY3
8K3lFoPxeHQRsEIdKvxczZuWq0kU4lgZ68w6GLNil2obwvkvh7tQXPtB5JglGQ+F
cdLuXVr6of0X9dciJCMFutvD1YoMZge77ZxcGgePfwlv5kOIxBk3HM3yQcYuDuJC
OGI2ACkCppdRPnLQhIjB/isnr1heQSRxM49rS9D7AODRw7TYfFC3etw4lIkC80aN
7SYLBc8/8pP2U6IyxCBg6lLqnjC4ncnFbubZMfOvjRaKE1KIxWzgbZK4uQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGzXcqr4w8rnRk5XvpiUIdmgy4ptMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvYk5keXF2akR5dWRHVGxlLW1KUWgyYURMaW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBLgNWAwQB
LugEAwQCLugUAwQDLuhIAwQELuhgMAwDBACVfsMDBACVfsQDBACVfsYwDAMEAJV+
yQMEAJV+yjAMAwQClX7MAwQAlX7OAwQAlX7QAwQAlX7SAwQAlX7WAwQBlX7gMA0G
CSqGSIb3DQEBCwUAA4IBAQAGrILF86+6LMvXQujVcV0dtmwddcajF8z66MTDaESG
kEcAafl3FMCyUb4rntNKWenOQQAnSNSTklsOXC0mmPCVlFlFg913vTPE8YKr3gD9
ybpUMOSWp1SoIbu7g8ONabWmMkywqkYO7plnAE2FUorjnvS0qKO//TOPh52nbKsK
W11ba019ccXVVJFXB2AALQR3o5ygOVDnFAXe9v6j5JATV40+R32yFy1x0nZWnfDR
cq3zSdjv4mft1Qw54/DnP0sNgSpZPBpvDjIOSbL19FjS2zxmZuzoGwm626xH9DyK
9IWr2Ecx0PZbdaZzcC0Q/C7nYfIvhIb8rikY++slguGz
-----END CERTIFICATE-----
Generated at Sat May 4 04:59:56 2024 by rpki-client on console-fra.rpki-client.org