Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/pV7BgLEpkKIUOsd_C8oI71baT0E.roa
File: pV7BgLEpkKIUOsd_C8oI71baT0E.roa (raw, json)
Hash identifier: e82zWH3DcCWUToFk2WxN4dwREQt8fQvLpApgEhOpjg4=
Subject key identifier: A5:5E:C1:80:B1:29:90:A2:14:3A:C7:7F:0B:CA:08:EF:56:DA:4F:41
Certificate issuer: /CN=40d933e82474650c6aa3e9cbf0574d27286592e7
Certificate serial: 018F85BF66ABBBC44DB246EF83FB55E39C4E
Authority key identifier: 40:D9:33:E8:24:74:65:0C:6A:A3:E9:CB:F0:57:4D:27:28:65:92:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/pV7BgLEpkKIUOsd_C8oI71baT0E.roa
Signing time: Fri 17 May 2024 08:51:04 +0000
ROA not before: Fri 17 May 2024 08:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207044
IP address blocks: 46.183.108.0/22 maxlen: 24
87.120.240.0/22 maxlen: 24
87.120.248.0/22 maxlen: 24
87.121.252.0/22 maxlen: 24
88.151.24.0/21 maxlen: 24
89.184.36.0/22 maxlen: 24
89.184.60.0/22 maxlen: 24
91.92.28.0/22 maxlen: 24
94.156.28.0/22 maxlen: 24
94.156.148.0/22 maxlen: 24
94.156.204.0/22 maxlen: 24
94.156.228.0/22 maxlen: 24
109.106.120.0/22 maxlen: 22
109.106.120.0/23 maxlen: 23
185.167.196.0/22 maxlen: 24
213.133.64.0/21 maxlen: 24
2a0b:ae00::/29 maxlen: 29
2a0b:ae00:1000::/38 maxlen: 38
2a0b:ae00:1400::/38 maxlen: 38
2a0b:ae00:1800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:bf:66:ab:bb:c4:4d:b2:46:ef:83:fb:55:e3:9c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d933e82474650c6aa3e9cbf0574d27286592e7
Validity
Not Before: May 17 08:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a55ec180b12990a2143ac77f0bca08ef56da4f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:67:03:3f:c3:ec:5d:c5:5c:a3:67:d5:ad:1e:
14:69:92:8b:18:d3:c6:0a:7b:d5:55:be:9a:b2:26:
6f:ea:9e:da:21:db:20:84:c2:35:ad:4c:fc:c2:95:
ed:07:d4:0d:8c:30:32:7b:9d:4a:6b:a1:e9:7c:3f:
5f:fb:c6:72:5f:19:74:9b:3d:ff:91:c6:02:e2:a8:
c0:c6:89:69:30:05:77:69:9d:14:6a:47:5b:2c:34:
34:07:2b:3c:bf:33:c6:ae:ff:0c:97:9b:3e:cb:bb:
08:41:3e:46:d3:ae:ba:8a:62:7a:02:67:0a:11:64:
7e:ff:7b:52:08:35:31:e6:d7:3c:d8:bf:e6:9e:a3:
35:33:b2:3b:f1:ba:e0:7c:fd:36:05:73:5d:33:d5:
a8:94:3c:ba:92:4d:5f:25:8f:33:93:d4:cb:c5:a5:
f6:7c:68:f9:21:37:5d:7b:fb:da:0e:3f:5d:e8:13:
bb:0e:11:3e:4a:d1:e9:f8:a9:a6:5a:27:13:75:6e:
13:c9:2a:60:36:94:aa:aa:4b:ad:99:00:d7:f6:79:
ab:58:4c:bd:84:12:76:ab:b1:d4:0e:fb:ff:81:4d:
3b:3b:59:eb:7a:84:fa:25:86:31:15:9a:7f:8f:60:
c6:64:5f:51:58:73:e8:26:7c:04:dd:6a:da:88:31:
eb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5E:C1:80:B1:29:90:A2:14:3A:C7:7F:0B:CA:08:EF:56:DA:4F:41
X509v3 Authority Key Identifier:
keyid:40:D9:33:E8:24:74:65:0C:6A:A3:E9:CB:F0:57:4D:27:28:65:92:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/pV7BgLEpkKIUOsd_C8oI71baT0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.108.0/22
87.120.240.0/22
87.120.248.0/22
87.121.252.0/22
88.151.24.0/21
89.184.36.0/22
89.184.60.0/22
91.92.28.0/22
94.156.28.0/22
94.156.148.0/22
94.156.204.0/22
94.156.228.0/22
109.106.120.0/22
185.167.196.0/22
213.133.64.0/21
IPv6:
2a0b:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
a9:46:7d:dc:c0:b3:ee:82:ed:83:c8:d4:b4:1d:ce:5c:4d:fb:
d1:0b:47:8a:b6:27:74:c6:a1:b8:57:69:26:d4:ee:f2:b6:20:
4c:d0:9b:33:b2:f6:56:70:d9:11:9e:ef:ac:c8:03:a3:16:4f:
b6:48:a7:80:ed:26:0d:f7:a1:32:5c:8b:9e:d6:0c:87:c6:6d:
9b:8d:8b:9a:e0:d5:db:93:ed:1e:72:68:d7:a3:72:d0:fb:0b:
26:4d:7d:6b:b9:0b:84:91:27:ac:62:55:8d:79:6e:d5:56:6e:
17:fe:0e:d1:19:71:1c:b5:6f:6a:34:99:d7:9d:f3:e0:27:68:
32:e0:23:2d:b3:01:9e:18:e6:2a:84:33:83:63:0c:6d:b8:6e:
00:2b:72:55:0d:78:3d:ee:bd:dc:10:a9:79:37:56:1c:a5:8b:
0f:09:e4:07:c1:2f:ec:8c:d1:bb:a6:b0:df:db:ea:d4:f3:d4:
15:5e:31:34:be:2b:ad:dc:dd:d7:d7:b5:1b:c4:d6:a2:bb:a3:
da:77:f1:ac:7f:47:b1:ea:44:84:71:20:a8:86:2d:14:61:6d:
7e:a9:87:8f:06:7e:8a:3b:8e:60:86:3b:7c:33:ad:b1:ff:55:
3c:0e:c5:2e:4e:6f:ad:52:99:74:35:8d:d6:63:0c:63:76:d6:
fd:d7:66:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAY+Fv2aru8RNskbvg/tV45xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDkzM2U4MjQ3NDY1MGM2YWEzZTljYmYwNTc0ZDI3Mjg2
NTkyZTcwHhcNMjQwNTE3MDg1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVlYzE4MGIxMjk5MGEyMTQzYWM3N2YwYmNhMDhlZjU2ZGE0ZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWcDP8PsXcVco2fVrR4UaZKLGNPG
CnvVVb6asiZv6p7aIdsghMI1rUz8wpXtB9QNjDAye51Ka6HpfD9f+8ZyXxl0mz3/
kcYC4qjAxolpMAV3aZ0UakdbLDQ0Bys8vzPGrv8Ml5s+y7sIQT5G0666imJ6AmcK
EWR+/3tSCDUx5tc82L/mnqM1M7I78brgfP02BXNdM9WolDy6kk1fJY8zk9TLxaX2
fGj5ITdde/vaDj9d6BO7DhE+StHp+KmmWicTdW4TySpgNpSqqkutmQDX9nmrWEy9
hBJ2q7HUDvv/gU07O1nreoT6JYYxFZp/j2DGZF9RWHPoJnwE3WraiDHr4QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFKVewYCxKZCiFDrHfwvKCO9W2k9BMB8GA1UdIwQY
MBaAFEDZM+gkdGUMaqPpy/BXTScoZZLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5rejZDUjBaUXhxby1uTDhGZE5KeWhsa3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zODc5ZGQtZWY5NS00NWU2LTg3Njct
ZTY4MWViYmE0YTRhLzEvcFY3QmdMRXBrS0lVT3NkX0M4b0k3MWJhVDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zODc5ZGQtZWY5NS00NWU2LTg3NjctZTY4MWViYmE0YTRh
LzEvUU5rejZDUjBaUXhxby1uTDhGZE5KeWhsa3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAi63bAME
Ald48AMEAld4+AMEAld5/AMEA1iXGAMEAlm4JAMEAlm4PAMEAltcHAMEAl6cHAME
Al6clAMEAl6czAMEAl6c5AMEAm1qeAMEArmnxAMEA9WFQDANBAIAAjAHAwUDKguu
ADANBgkqhkiG9w0BAQsFAAOCAQEAqUZ93MCz7oLtg8jUtB3OXE370QtHirYndMah
uFdpJtTu8rYgTNCbM7L2VnDZEZ7vrMgDoxZPtkingO0mDfehMlyLntYMh8Ztm42L
muDV25PtHnJo16Ny0PsLJk19a7kLhJEnrGJVjXlu1VZuF/4O0RlxHLVvajSZ153z
4CdoMuAjLbMBnhjmKoQzg2MMbbhuACtyVQ14Pe693BCpeTdWHKWLDwnkB8Ev7IzR
u6aw39vq1PPUFV4xNL4rrdzd19e1G8TWoruj2nfxrH9HsepEhHEgqIYtFGFtfqmH
jwZ+ijuOYIY7fDOtsf9VPA7FLk5vrVKZdDWN1mMMY3bW/ddmTw==
-----END CERTIFICATE-----
Generated at Tue Jun 25 03:26:21 2024 by rpki-client on console-fra.rpki-client.org