Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/D2vGzksMwrQHDMBjdx98D0jlQVw.roa
File: D2vGzksMwrQHDMBjdx98D0jlQVw.roa (raw, json)
Hash identifier: OCgNAqQRIuWHQm0qQLrPHYUEMhtIX3jWNRcABs+Ouxw=
Subject key identifier: 0F:6B:C6:CE:4B:0C:C2:B4:07:0C:C0:63:77:1F:7C:0F:48:E5:41:5C
Certificate issuer: /CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
Certificate serial: 018CC6B7B833D2C785CBA4BE2F53D83177F7
Authority key identifier: 7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/D2vGzksMwrQHDMBjdx98D0jlQVw.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203067
IP address blocks: 185.145.49.0/24 maxlen: 24
185.145.50.0/24 maxlen: 24
185.145.48.0/24 maxlen: 24
185.145.51.0/24 maxlen: 24
46.175.51.0/24 maxlen: 24
46.175.48.0/22 maxlen: 22
46.175.48.0/24 maxlen: 24
46.175.49.0/24 maxlen: 24
46.175.54.0/24 maxlen: 24
46.175.52.0/24 maxlen: 24
46.175.53.0/24 maxlen: 24
46.175.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 10:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b8:33:d2:c7:85:cb:a4:be:2f:53:d8:31:77:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f6bc6ce4b0cc2b4070cc063771f7c0f48e5415c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:dd:be:ce:fb:6e:91:8b:f2:1e:08:04:f7:
aa:be:af:26:78:1d:d6:7f:96:64:57:99:42:0e:d6:
0f:56:62:28:e7:84:eb:39:ff:1c:d8:63:36:2c:63:
fb:bd:69:bb:cd:69:24:17:f2:97:af:52:26:a3:52:
a6:37:86:b7:12:f1:6c:a7:d4:7a:1f:6c:a1:91:35:
e6:8c:b3:77:1d:7e:89:0b:fc:76:6f:30:98:58:29:
8b:96:85:3e:7c:5f:92:22:9d:6f:f9:7a:e1:94:84:
b2:4c:58:d0:c5:97:f1:d6:46:af:fa:aa:3d:5c:1d:
6f:ef:cb:41:26:46:7f:47:d8:72:92:47:0c:5c:68:
c6:67:a0:73:a5:90:6d:9d:71:23:d7:57:51:00:d5:
93:32:42:1c:15:a5:7c:26:54:1c:5b:32:51:9f:7c:
44:1b:ba:c5:07:0a:ca:48:27:4a:59:a6:4e:88:91:
66:88:80:3c:41:32:56:c4:26:9f:54:c8:2e:bc:aa:
7d:96:c0:1f:37:0e:62:38:b2:46:d3:ab:1d:15:fb:
7f:06:03:48:d6:15:8b:3c:8c:45:e1:d3:b8:1f:10:
b9:de:dd:a3:7d:2c:28:ac:1b:aa:bc:7f:8c:18:c3:
a5:70:8d:af:2f:ca:e2:b9:34:01:9f:96:53:16:ff:
9a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6B:C6:CE:4B:0C:C2:B4:07:0C:C0:63:77:1F:7C:0F:48:E5:41:5C
X509v3 Authority Key Identifier:
keyid:7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/D2vGzksMwrQHDMBjdx98D0jlQVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.48.0/21
185.145.48.0/22
Signature Algorithm: sha256WithRSAEncryption
89:d8:69:04:6b:44:af:2c:15:c5:96:74:ab:6d:45:73:5c:77:
8b:8d:b3:05:5c:50:f8:ac:83:7c:fd:36:54:3c:8b:61:a9:5b:
4b:e7:f3:c8:81:e0:08:e9:a2:13:79:6b:53:8e:30:0c:65:51:
e5:ca:9d:f9:1c:18:30:b3:60:7b:b5:7d:ad:cb:1d:34:61:0d:
3c:fb:ff:2e:bb:ec:47:bc:33:88:2c:6a:e2:f9:77:ca:05:77:
35:df:61:16:84:e1:bf:cf:a9:f5:bd:4f:7f:bb:ff:e0:29:c2:
d6:75:58:9b:df:5b:59:b2:ae:c0:ab:08:01:7e:fe:fb:d8:93:
bd:ce:4a:d7:f2:d8:07:eb:85:cc:cf:e0:36:70:5b:80:d4:e3:
e3:cb:8c:a7:6a:83:fd:4a:5e:89:80:50:f0:1d:7b:30:3b:94:
ba:33:33:ba:ec:cb:1a:b3:55:f1:13:ee:b7:9c:3b:4d:7f:8a:
ac:d2:fb:78:ac:83:7c:b5:01:dd:81:53:f2:a4:b8:7f:40:b1:
af:4a:0b:18:e6:32:1f:f5:36:85:f3:7b:74:c5:c5:3b:de:3c:
bf:60:76:f0:23:16:d9:57:f9:27:b3:46:df:34:e4:52:be:a4:
5e:16:bc:6d:b6:7f:c3:93:af:19:a8:22:e1:e2:c7:ff:49:a3:
7f:6c:60:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt7gz0seFy6S+L1PYMXf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzYyZDc4MzI4NDY1OWRjMDRlZWRhZjhiOGE2ZmU2ZTkz
MGJkMjcwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZiYzZjZTRiMGNjMmI0MDcwY2MwNjM3NzFmN2MwZjQ4ZTU0MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Ldvs77bpGL8h4IBPeqvq8meB3W
f5ZkV5lCDtYPVmIo54TrOf8c2GM2LGP7vWm7zWkkF/KXr1Imo1KmN4a3EvFsp9R6
H2yhkTXmjLN3HX6JC/x2bzCYWCmLloU+fF+SIp1v+XrhlISyTFjQxZfx1kav+qo9
XB1v78tBJkZ/R9hykkcMXGjGZ6BzpZBtnXEj11dRANWTMkIcFaV8JlQcWzJRn3xE
G7rFBwrKSCdKWaZOiJFmiIA8QTJWxCafVMguvKp9lsAfNw5iOLJG06sdFft/BgNI
1hWLPIxF4dO4HxC53t2jfSworBuqvH+MGMOlcI2vL8riuTQBn5ZTFv+a1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA9rxs5LDMK0BwzAY3cffA9I5UFcMB8GA1UdIwQY
MBaAFHo2LXgyhGWdwE7tr4uKb+bpML0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQt
ODY1MDMxZmEwYmY3LzEvRDJ2R3prc013clFIRE1CamR4OThEMGpsUVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQtODY1MDMxZmEwYmY3
LzEvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq8wAwQC
uZEwMA0GCSqGSIb3DQEBCwUAA4IBAQCJ2GkEa0SvLBXFlnSrbUVzXHeLjbMFXFD4
rIN8/TZUPIthqVtL5/PIgeAI6aITeWtTjjAMZVHlyp35HBgws2B7tX2tyx00YQ08
+/8uu+xHvDOILGri+XfKBXc132EWhOG/z6n1vU9/u//gKcLWdVib31tZsq7AqwgB
fv772JO9zkrX8tgH64XMz+A2cFuA1OPjy4ynaoP9Sl6JgFDwHXswO5S6MzO67Msa
s1XxE+63nDtNf4qs0vt4rIN8tQHdgVPypLh/QLGvSgsY5jIf9TaF83t0xcU73jy/
YHbwIxbZV/kns0bfNORSvqReFrxttn/Dk68ZqCLh4sf/SaN/bGBN
-----END CERTIFICATE-----
Generated at Mon Jun 17 12:05:31 2024 by rpki-client on console-ams.rpki-client.org