Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/t46nCPYDj_FPqrpDkyqC5nK0CVs.roa
File: t46nCPYDj_FPqrpDkyqC5nK0CVs.roa (raw, json)
Hash identifier: FLYzItNEpiNWzAyIjwtfZuFlKRc7xywLkolIiba0H0g=
Subject key identifier: B7:8E:A7:08:F6:03:8F:F1:4F:AA:BA:43:93:2A:82:E6:72:B4:09:5B
Certificate issuer: /CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Certificate serial: 018CC94D40951A2AA60EB692E5814F5A903A
Authority key identifier: D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/t46nCPYDj_FPqrpDkyqC5nK0CVs.roa
Signing time: Tue 02 Jan 2024 08:32:12 +0000
ROA not before: Tue 02 Jan 2024 08:32:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35758
IP address blocks: 185.191.205.0/24 maxlen: 24
185.191.204.0/24 maxlen: 24
185.191.206.0/24 maxlen: 24
185.191.207.0/24 maxlen: 24
2a0a:1dc4::/30 maxlen: 30
2a0a:1dc0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:40:95:1a:2a:a6:0e:b6:92:e5:81:4f:5a:90:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Validity
Not Before: Jan 2 08:32:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b78ea708f6038ff14faaba43932a82e672b4095b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a9:ea:0c:70:fd:20:a2:b5:87:8b:16:3e:1e:
23:c9:c9:ca:88:e6:5d:14:98:4f:3d:71:e5:f5:6c:
c3:06:36:40:3e:ce:51:27:90:70:c4:bc:bb:d0:b2:
92:66:69:4b:03:9c:f5:46:58:fe:76:8c:d9:f8:8a:
20:9e:f6:2e:13:d5:d5:9e:74:cb:1e:e6:5b:ff:97:
01:96:d9:7b:73:d6:e1:60:dc:7b:c1:5f:ee:ca:c6:
dc:7d:65:8f:6f:90:aa:9b:2b:f8:28:ce:15:7f:e1:
de:4f:5b:00:a3:38:25:4d:a7:00:03:a9:d7:0b:50:
ad:82:83:7a:09:82:4c:60:24:61:6a:c1:4e:3c:b3:
0c:98:29:87:e4:47:38:7e:8b:bc:de:77:48:26:dc:
34:52:bb:63:31:34:ff:72:3b:8e:f1:f3:12:07:ca:
5b:de:2c:3c:d7:e3:df:fe:e2:61:70:0e:12:2c:dd:
ce:cb:7c:54:7b:3e:5a:c6:c1:83:5c:2e:57:83:b6:
0c:39:1c:d2:8c:dd:f0:c5:ef:b3:a1:50:11:e4:83:
8a:e7:06:4b:85:e7:0f:57:3a:c0:12:91:0c:b5:59:
e7:94:84:60:b1:f6:39:76:f5:9e:bb:6e:c2:7b:e6:
e6:8e:a6:c0:43:1b:06:d5:f4:7c:65:72:06:01:a6:
32:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8E:A7:08:F6:03:8F:F1:4F:AA:BA:43:93:2A:82:E6:72:B4:09:5B
X509v3 Authority Key Identifier:
keyid:D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/t46nCPYDj_FPqrpDkyqC5nK0CVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.204.0/22
IPv6:
2a0a:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:01:a1:7a:42:16:d0:b6:0a:51:18:9e:b0:dc:87:c5:8a:dd:
4f:91:8e:c4:44:d6:f9:4a:06:47:07:ea:38:21:1e:28:22:6d:
20:7b:83:ba:a5:d9:0e:27:ce:6c:39:b0:0e:24:92:ad:a7:ef:
90:b7:69:b9:ef:de:d0:e7:ea:ec:82:f1:70:95:6b:c9:52:ce:
54:da:9c:e4:62:3b:10:9e:91:ac:14:a7:8d:fb:16:4b:8d:09:
cd:41:fd:b1:56:a8:98:7b:e2:92:e0:f0:32:09:00:b8:77:0c:
fd:c5:ee:68:3c:56:15:55:f3:a9:4d:b5:5d:ae:b5:49:14:e1:
30:0d:e7:3e:b8:58:32:63:b7:41:7c:3b:fe:e0:f2:87:2c:4d:
ab:d4:64:13:10:09:86:b4:6d:cf:2e:62:01:48:f6:09:b2:55:
f3:de:05:53:6b:2a:62:09:05:7c:f8:84:ea:ca:cf:f9:af:56:
08:0b:8f:5a:d0:fa:8c:e7:b3:01:71:94:98:e9:f3:64:93:b5:
9e:aa:91:c4:d9:86:0b:40:46:09:6f:6d:cc:a0:b7:fa:75:8e:
f5:28:47:c6:34:c8:4c:53:bc:c4:eb:10:2c:63:f8:a0:1e:3d:
63:6a:a1:a5:2f:35:9a:b1:3c:ed:60:b3:86:c5:e1:24:b5:88:
93:4d:c9:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTUCVGiqmDraS5YFPWpA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOGMyMDMwYTU5NzFjNGE1NDA5NmE4ZWRiYjIxMjExZTU0
MjE2YTcwHhcNMjQwMTAyMDgzMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhlYTcwOGY2MDM4ZmYxNGZhYWJhNDM5MzJhODJlNjcyYjQwOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwanqDHD9IKK1h4sWPh4jycnKiOZd
FJhPPXHl9WzDBjZAPs5RJ5BwxLy70LKSZmlLA5z1Rlj+dozZ+IognvYuE9XVnnTL
HuZb/5cBltl7c9bhYNx7wV/uysbcfWWPb5Cqmyv4KM4Vf+HeT1sAozglTacAA6nX
C1CtgoN6CYJMYCRhasFOPLMMmCmH5Ec4fou83ndIJtw0UrtjMTT/cjuO8fMSB8pb
3iw81+Pf/uJhcA4SLN3Oy3xUez5axsGDXC5Xg7YMORzSjN3wxe+zoVAR5IOK5wZL
hecPVzrAEpEMtVnnlIRgsfY5dvWeu27Ce+bmjqbAQxsG1fR8ZXIGAaYydwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLeOpwj2A4/xT6q6Q5MqguZytAlbMB8GA1UdIwQY
MBaAFNGMIDCllxxKVAlqjtuyEhHlQhanMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQt
NTNhNjcyZDE0YjdhLzEvdDQ2bkNQWURqX0ZQcXJwRGt5cUM1bkswQ1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQtNTNhNjcyZDE0Yjdh
LzEvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/MMA0E
AgACMAcDBQMqCh3AMA0GCSqGSIb3DQEBCwUAA4IBAQBLAaF6QhbQtgpRGJ6w3IfF
it1PkY7ERNb5SgZHB+o4IR4oIm0ge4O6pdkOJ85sObAOJJKtp++Qt2m5797Q5+rs
gvFwlWvJUs5U2pzkYjsQnpGsFKeN+xZLjQnNQf2xVqiYe+KS4PAyCQC4dwz9xe5o
PFYVVfOpTbVdrrVJFOEwDec+uFgyY7dBfDv+4PKHLE2r1GQTEAmGtG3PLmIBSPYJ
slXz3gVTaypiCQV8+ITqys/5r1YIC49a0PqM57MBcZSY6fNkk7WeqpHE2YYLQEYJ
b23MoLf6dY71KEfGNMhMU7zE6xAsY/igHj1jaqGlLzWasTztYLOGxeEktYiTTcl6
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:42:36 2024 by rpki-client on console-fra.rpki-client.org