Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/70u22XAvVln0kghmeEpZGcCAaX4.roa
File: 70u22XAvVln0kghmeEpZGcCAaX4.roa (raw, json)
Hash identifier: UV/InmwwIU/K5OWerF1Ugup1hqhe+wQpBimnFHroqiU=
Subject key identifier: EF:4B:B6:D9:70:2F:56:59:F4:92:08:66:78:4A:59:19:C0:80:69:7E
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 018CCA99A1C716360DB24DAC2B8218F36120
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/70u22XAvVln0kghmeEpZGcCAaX4.roa
Signing time: Tue 02 Jan 2024 14:35:15 +0000
ROA not before: Tue 02 Jan 2024 14:35:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206837
IP address blocks: 46.25.127.0/24 maxlen: 24
77.224.174.0/24 maxlen: 24
77.224.180.0/24 maxlen: 24
46.25.145.0/24 maxlen: 24
46.24.82.0/24 maxlen: 24
46.25.159.0/24 maxlen: 24
46.24.91.0/24 maxlen: 24
77.224.201.0/24 maxlen: 24
46.24.98.0/24 maxlen: 24
46.24.100.0/24 maxlen: 24
77.224.218.0/24 maxlen: 24
46.25.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:a1:c7:16:36:0d:b2:4d:ac:2b:82:18:f3:61:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 2 14:35:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef4bb6d9702f5659f4920866784a5919c080697e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a3:6d:be:4f:4a:cb:79:6e:c7:52:1e:a4:98:
7b:ca:f5:a4:e0:ff:49:f7:12:c3:c9:f2:16:64:e3:
60:e2:3f:67:fa:97:a9:9f:09:ab:23:5d:e1:7d:52:
a3:23:51:18:81:76:01:31:cc:c2:10:3a:0c:7d:58:
45:4e:b5:a5:a9:5a:63:8a:88:f3:37:aa:da:af:2b:
e0:51:3b:db:72:e9:f3:f9:19:08:00:a1:b0:eb:6e:
d4:4d:6f:9a:fe:dc:d8:a7:ed:98:3d:15:50:3b:4d:
5a:4d:0e:d3:5f:c3:c8:4e:1b:c8:ac:cf:88:ed:75:
60:0f:9d:f6:53:0d:ad:a7:b4:ee:eb:8e:25:ae:96:
59:4d:41:98:6f:a4:6d:ce:ed:85:03:c6:ef:6c:75:
89:72:70:2b:ea:58:df:bd:b1:49:84:57:44:48:30:
1d:56:40:03:b7:e0:42:61:6b:e7:6f:c2:d8:18:76:
00:40:8d:e9:7d:6c:64:e8:e0:80:13:b0:2e:6f:aa:
00:71:81:65:cf:84:48:3f:4f:df:3c:8b:2a:76:57:
2a:db:11:e3:41:0c:70:77:b4:e8:36:38:21:6e:ae:
10:ae:89:75:87:a6:c2:44:d5:27:a3:fb:77:aa:81:
cb:4a:87:b3:41:3e:8e:63:01:83:f7:8c:bb:c9:7a:
5e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4B:B6:D9:70:2F:56:59:F4:92:08:66:78:4A:59:19:C0:80:69:7E
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/70u22XAvVln0kghmeEpZGcCAaX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.24.82.0/24
46.24.91.0/24
46.24.98.0/24
46.24.100.0/24
46.25.127.0/24
46.25.145.0/24
46.25.159.0/24
46.25.185.0/24
77.224.174.0/24
77.224.180.0/24
77.224.201.0/24
77.224.218.0/24
Signature Algorithm: sha256WithRSAEncryption
20:67:1b:2c:1d:84:c2:84:fd:f9:21:bd:81:89:a7:35:aa:83:
c4:27:0d:13:90:ef:e1:6b:6c:a4:ec:41:f0:ed:de:6b:ec:b8:
8a:25:09:8d:83:8a:c5:ab:a7:de:b9:22:4f:57:77:3a:60:f9:
f5:c8:52:00:15:a6:1d:e1:49:68:24:97:c7:f1:a2:d9:e9:9d:
7f:5d:c4:bb:d2:91:cf:14:15:32:38:f8:cb:11:80:f3:aa:f2:
db:05:65:b0:18:26:07:0c:fc:6f:0e:6e:d4:5b:83:e2:4d:6e:
f7:27:9d:ac:c7:be:ee:81:c4:29:3b:d4:12:e8:b7:e9:65:91:
05:2c:b6:d2:f1:b6:97:6a:f2:5c:49:29:a8:78:bd:7c:2e:5b:
77:02:a6:3a:55:60:86:c7:b0:14:9d:a5:16:27:fd:0a:46:b4:
48:9a:ad:4e:60:4f:ec:68:c8:05:19:97:b2:49:3a:13:d3:e7:
c2:c1:72:28:ba:63:48:d9:0d:fa:f0:ce:06:42:0a:a8:fb:78:
40:56:2f:2e:4d:85:ad:b5:b3:c6:30:dd:8d:cc:fa:c3:cc:85:
33:2f:84:3b:f4:fc:23:2f:87:f8:dd:6d:c5:a1:cb:91:97:f0:
29:29:23:b4:7f:00:d9:73:f9:10:fb:42:d1:7c:ac:34:d5:98:
06:da:c1:10
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzKmaHHFjYNsk2sK4IY82EgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjQwMTAyMTQzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjRiYjZkOTcwMmY1NjU5ZjQ5MjA4NjY3ODRhNTkxOWMwODA2OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaNtvk9Ky3lux1IepJh7yvWk4P9J
9xLDyfIWZONg4j9n+pepnwmrI13hfVKjI1EYgXYBMczCEDoMfVhFTrWlqVpjiojz
N6raryvgUTvbcunz+RkIAKGw627UTW+a/tzYp+2YPRVQO01aTQ7TX8PIThvIrM+I
7XVgD532Uw2tp7Tu644lrpZZTUGYb6Rtzu2FA8bvbHWJcnAr6ljfvbFJhFdESDAd
VkADt+BCYWvnb8LYGHYAQI3pfWxk6OCAE7Aub6oAcYFlz4RIP0/fPIsqdlcq2xHj
QQxwd7ToNjghbq4Qrol1h6bCRNUno/t3qoHLSoezQT6OYwGD94y7yXpeUwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFO9LttlwL1ZZ9JIIZnhKWRnAgGl+MB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvNzB1MjJYQXZWbG4wa2dobWVFcFpHY0NBYVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALhhSAwQA
LhhbAwQALhhiAwQALhhkAwQALhl/AwQALhmRAwQALhmfAwQALhm5AwQATeCuAwQA
TeC0AwQATeDJAwQATeDaMA0GCSqGSIb3DQEBCwUAA4IBAQAgZxssHYTChP35Ib2B
iac1qoPEJw0TkO/ha2yk7EHw7d5r7LiKJQmNg4rFq6feuSJPV3c6YPn1yFIAFaYd
4UloJJfH8aLZ6Z1/XcS70pHPFBUyOPjLEYDzqvLbBWWwGCYHDPxvDm7UW4PiTW73
J52sx77ugcQpO9QS6LfpZZEFLLbS8baXavJcSSmoeL18Llt3AqY6VWCGx7AUnaUW
J/0KRrRImq1OYE/saMgFGZeySToT0+fCwXIoumNI2Q368M4GQgqo+3hAVi8uTYWt
tbPGMN2NzPrDzIUzL4Q79PwjL4f43W3FocuRl/ApKSO0fwDZc/kQ+0LRfKw01ZgG
2sEQ
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:08:52 2024 by rpki-client on console-fra.rpki-client.org