Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/RcGN8Nr7boON4mG039b0K9U580U.roa
File: RcGN8Nr7boON4mG039b0K9U580U.roa (raw, json)
Hash identifier: j0UZjLPUR9kkJFY5iqz+WAUVeQi8WsQup+QY3NC9CZs=
Subject key identifier: 45:C1:8D:F0:DA:FB:6E:83:8D:E2:61:B4:DF:D6:F4:2B:D5:39:F3:45
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018CC500B959EF56A62D9CA22E1F637D29CC
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/RcGN8Nr7boON4mG039b0K9U580U.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25804
IP address blocks: 178.79.218.0/23 maxlen: 23
46.228.144.0/24 maxlen: 24
178.79.198.0/23 maxlen: 23
46.183.88.0/24 maxlen: 24
2a02:3d0:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b9:59:ef:56:a6:2d:9c:a2:2e:1f:63:7d:29:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45c18df0dafb6e838de261b4dfd6f42bd539f345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:45:74:6a:de:6e:0f:64:50:55:1c:9d:df:
52:bd:2a:e5:76:de:51:c6:88:41:2b:22:2a:95:c1:
9e:86:85:4e:8a:94:21:46:0f:e3:4d:4f:ca:cf:c2:
b2:5f:19:4d:3e:ca:f3:0c:0e:87:7b:ee:67:3e:21:
2c:3d:2b:96:75:2d:a1:ba:ee:68:b0:c4:7a:e6:3b:
f0:11:20:73:02:a5:05:44:4f:27:9d:f1:97:07:27:
a4:10:b9:14:f4:cf:65:76:42:1f:1d:f2:26:eb:c7:
22:65:92:7a:fc:12:7a:f9:b8:57:a5:95:a8:07:3a:
43:93:91:fa:43:e0:4b:3e:bb:2c:32:91:5a:04:b5:
0c:d9:c5:a2:35:4e:3c:8e:1b:0b:0b:fe:29:9f:26:
22:a2:90:af:91:ab:4a:18:a7:b2:e8:bb:da:1b:2a:
3a:2d:64:0b:74:7a:51:4c:a5:96:3a:b9:99:3f:47:
e8:5d:c0:40:e1:d4:b5:f1:89:44:33:0f:49:2d:92:
50:c6:dc:d9:92:30:f5:ed:69:78:65:8b:26:a3:9d:
bf:cb:8c:03:29:a7:39:ac:c8:c2:fa:a0:1a:4b:b8:
6f:d3:f6:4b:b2:8b:40:06:44:9a:9e:bb:a3:06:40:
12:2b:6f:84:51:50:c4:c9:bf:31:a8:ec:4e:b8:ce:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C1:8D:F0:DA:FB:6E:83:8D:E2:61:B4:DF:D6:F4:2B:D5:39:F3:45
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/RcGN8Nr7boON4mG039b0K9U580U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.88.0/24
46.228.144.0/24
178.79.198.0/23
178.79.218.0/23
IPv6:
2a02:3d0:8::/48
Signature Algorithm: sha256WithRSAEncryption
80:ef:ed:d1:33:c3:66:3f:53:be:32:f9:06:2d:4a:fa:2b:4a:
24:d1:16:43:e4:b4:d6:3f:ba:d1:78:ef:62:bd:45:5c:6b:be:
c4:92:84:cd:15:d4:f1:78:13:7d:30:09:89:0b:38:a0:c3:de:
b6:ec:b2:cd:8b:6d:72:f9:e0:1e:53:6a:c0:0d:c3:57:10:e6:
a6:27:76:cb:10:59:c7:5e:57:ad:01:d5:82:22:fa:9d:99:11:
cc:bb:9d:bb:fc:53:d9:42:1c:00:ec:a6:02:93:0f:d5:ef:05:
17:8c:e6:50:0e:5b:8a:9e:58:8e:d5:2f:a2:f4:89:c1:cf:8d:
12:b6:57:03:99:0e:e8:e0:d0:28:4b:81:8b:ff:eb:f0:80:f7:
f5:15:2b:31:23:ee:32:8c:69:56:c4:00:78:03:97:58:40:52:
4b:30:02:48:b7:9b:b3:6f:1e:5e:5a:9d:07:d2:4b:2e:e0:50:
5d:cb:bd:f3:e3:90:28:3d:71:86:02:99:f8:bc:9c:f7:14:c1:
e4:65:b2:26:2b:26:87:c3:7b:a0:e9:0c:d6:e6:1f:42:99:c6:
6a:5f:ac:f5:9a:3b:72:8e:e9:d8:10:a0:26:93:0b:69:0d:b0:
eb:f3:97:79:ec:10:6b:dd:3b:e0:83:3e:a3:6d:6d:dc:ba:0d:
a6:fb:fe:58
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFALlZ71amLZyiLh9jfSnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWMxOGRmMGRhZmI2ZTgzOGRlMjYxYjRkZmQ2ZjQyYmQ1MzlmMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFZFdGrebg9kUFUcnd9SvSrldt5R
xohBKyIqlcGehoVOipQhRg/jTU/Kz8KyXxlNPsrzDA6He+5nPiEsPSuWdS2huu5o
sMR65jvwESBzAqUFRE8nnfGXByekELkU9M9ldkIfHfIm68ciZZJ6/BJ6+bhXpZWo
BzpDk5H6Q+BLPrssMpFaBLUM2cWiNU48jhsLC/4pnyYiopCvkatKGKey6LvaGyo6
LWQLdHpRTKWWOrmZP0foXcBA4dS18YlEMw9JLZJQxtzZkjD17Wl4ZYsmo52/y4wD
Kac5rMjC+qAaS7hv0/ZLsotABkSanrujBkASK2+EUVDEyb8xqOxOuM6/cwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEXBjfDa+26DjeJhtN/W9CvVOfNFMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvUmNHTjhOcjdib09ONG1HMDM5YjBLOVU1ODBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALrdYAwQA
LuSQAwQBsk/GAwQBsk/aMA8EAgACMAkDBwAqAgPQAAgwDQYJKoZIhvcNAQELBQAD
ggEBAIDv7dEzw2Y/U74y+QYtSvorSiTRFkPktNY/utF472K9RVxrvsSShM0V1PF4
E30wCYkLOKDD3rbsss2LbXL54B5TasANw1cQ5qYndssQWcdeV60B1YIi+p2ZEcy7
nbv8U9lCHADspgKTD9XvBReM5lAOW4qeWI7VL6L0icHPjRK2VwOZDujg0ChLgYv/
6/CA9/UVKzEj7jKMaVbEAHgDl1hAUkswAki3m7NvHl5anQfSSy7gUF3LvfPjkCg9
cYYCmfi8nPcUweRlsiYrJofDe6DpDNbmH0KZxmpfrPWaO3KO6dgQoCaTC2kNsOvz
l3nsEGvdO+CDPqNtbdy6Dab7/lg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:06 2024 by rpki-client on console-fra.rpki-client.org