Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/rhB1wb96Btr5VT-sIWgj6-8s_VI.roa
File: rhB1wb96Btr5VT-sIWgj6-8s_VI.roa (raw, json)
Hash identifier: QalWu/Q82bE0u8AwSxLmBrLfC3R7+2+aDA+lTO5kNdI=
Subject key identifier: AE:10:75:C1:BF:7A:06:DA:F9:55:3F:AC:21:68:23:EB:EF:2C:FD:52
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CF398B5D0CE9E3A2401D10CA9D7CB3D84
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/rhB1wb96Btr5VT-sIWgj6-8s_VI.roa
Signing time: Wed 10 Jan 2024 13:38:40 +0000
ROA not before: Wed 10 Jan 2024 13:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 146.19.158.0/24 maxlen: 24
146.19.153.0/24 maxlen: 24
91.246.35.0/24 maxlen: 24
193.3.163.0/24 maxlen: 24
193.3.186.0/24 maxlen: 24
62.204.39.0/24 maxlen: 24
37.72.134.0/24 maxlen: 24
194.104.133.0/24 maxlen: 24
176.126.125.0/24 maxlen: 24
212.23.194.0/24 maxlen: 24
109.107.151.0/24 maxlen: 24
31.222.252.0/24 maxlen: 24
146.19.46.0/24 maxlen: 24
146.19.66.0/24 maxlen: 24
212.18.123.0/24 maxlen: 24
217.119.133.0/24 maxlen: 24
185.76.148.0/24 maxlen: 24
91.242.251.0/24 maxlen: 24
217.114.36.0/24 maxlen: 24
217.114.33.0/24 maxlen: 24
193.35.229.0/24 maxlen: 24
62.3.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:98:b5:d0:ce:9e:3a:24:01:d1:0c:a9:d7:cb:3d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 10 13:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae1075c1bf7a06daf9553fac216823ebef2cfd52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:96:17:cd:18:ce:ad:33:9f:b0:13:b3:5c:5b:
97:22:1b:1f:a5:38:29:5f:3c:42:e3:a1:d8:f7:db:
c1:78:fb:d1:35:85:12:8b:b3:86:3a:ae:51:9c:f9:
4c:0c:25:b6:16:5b:8e:dc:7f:22:ba:b3:28:7e:dc:
0e:a0:52:9e:69:98:91:a5:54:a9:55:0a:6e:97:4a:
35:db:9d:9d:64:40:d5:9f:8f:b8:13:d2:d7:47:56:
dd:4d:87:f4:6c:ea:47:92:40:75:4a:df:6a:0d:31:
cd:89:1c:9e:f7:fb:f5:49:81:d4:42:74:55:24:62:
25:36:2a:57:07:97:6e:2f:e1:db:f6:14:cf:85:f0:
1d:7f:2c:64:89:41:2e:8b:86:76:17:0b:40:ac:94:
54:cc:14:91:ec:42:38:38:6a:e9:d4:d2:11:cb:48:
83:18:f7:fc:37:d5:69:9c:f8:d6:0e:89:8e:80:2d:
76:c0:ab:c5:69:bd:02:5e:9f:b0:ba:9b:0f:5d:46:
72:1c:7f:d0:4d:f1:34:ab:ac:eb:7c:ca:d4:fa:34:
c0:2a:55:aa:3d:34:a8:34:2b:5a:55:a4:8e:c1:4a:
9b:f2:da:63:ee:d2:cb:a9:8b:55:1a:2d:4d:96:6d:
b9:4b:63:a4:1d:3c:de:a2:76:de:e5:71:d5:c8:27:
92:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:10:75:C1:BF:7A:06:DA:F9:55:3F:AC:21:68:23:EB:EF:2C:FD:52
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/rhB1wb96Btr5VT-sIWgj6-8s_VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.252.0/24
37.72.134.0/24
62.3.22.0/24
62.204.39.0/24
91.242.251.0/24
91.246.35.0/24
109.107.151.0/24
146.19.46.0/24
146.19.66.0/24
146.19.153.0/24
146.19.158.0/24
176.126.125.0/24
185.76.148.0/24
193.3.163.0/24
193.3.186.0/24
193.35.229.0/24
194.104.133.0/24
212.18.123.0/24
212.23.194.0/24
217.114.33.0/24
217.114.36.0/24
217.119.133.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:37:78:7b:c5:db:b8:3f:cd:44:85:e2:5c:5f:f6:62:ca:52:
3a:bf:8d:30:48:b0:c7:b8:9e:7a:a0:0f:9e:83:45:4e:b6:2c:
94:75:0a:a9:f9:97:a9:e7:b3:6d:17:07:94:ce:22:38:af:70:
d5:ae:6c:8e:a0:52:22:dc:5b:d4:68:51:d3:b0:79:b7:2f:cd:
93:23:e6:f8:c7:03:8e:ad:20:88:5f:44:da:63:77:65:b9:65:
32:73:c9:5d:b8:b1:5a:87:a6:dd:8e:36:52:a6:94:90:fd:4d:
51:ee:85:08:de:fd:10:fa:67:57:a6:ce:30:9f:8b:99:54:9a:
84:20:2f:8c:35:13:75:19:9f:c9:9f:2e:5e:60:5a:66:50:12:
8c:87:31:bf:68:74:77:d5:a9:2e:38:5b:be:07:2a:d0:c5:76:
2d:26:d7:72:78:92:5e:da:ee:a6:eb:dc:b2:27:78:c8:c6:0a:
2a:33:ed:0a:5d:53:78:61:5f:e4:50:ed:b1:cf:81:ae:21:d8:
20:8d:a3:3f:e2:fd:a6:f3:46:4e:71:66:7c:82:0b:90:42:62:
e4:d2:d0:ce:46:be:dc:1c:e2:a9:04:f4:ea:36:8d:10:9d:11:
ed:69:cc:75:6a:a5:42:9f:12:cb:8a:a0:68:79:55:19:9d:f1:
51:4a:09:de
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzzmLXQzp46JAHRDKnXyz2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTEwMTMzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTEwNzVjMWJmN2EwNmRhZjk1NTNmYWMyMTY4MjNlYmVmMmNmZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5YXzRjOrTOfsBOzXFuXIhsfpTgp
XzxC46HY99vBePvRNYUSi7OGOq5RnPlMDCW2FluO3H8iurMoftwOoFKeaZiRpVSp
VQpul0o1252dZEDVn4+4E9LXR1bdTYf0bOpHkkB1St9qDTHNiRye9/v1SYHUQnRV
JGIlNipXB5duL+Hb9hTPhfAdfyxkiUEui4Z2FwtArJRUzBSR7EI4OGrp1NIRy0iD
GPf8N9VpnPjWDomOgC12wKvFab0CXp+wupsPXUZyHH/QTfE0q6zrfMrU+jTAKlWq
PTSoNCtaVaSOwUqb8tpj7tLLqYtVGi1Nlm25S2OkHTzeonbe5XHVyCeSlwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFK4QdcG/egba+VU/rCFoI+vvLP1SMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvcmhCMXdiOTZCdHI1VlQtc0lXZ2o2LThzX1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAf
3vwDBAAlSIYDBAA+AxYDBAA+zCcDBABb8vsDBABb9iMDBABta5cDBACSEy4DBACS
E0IDBACSE5kDBACSE54DBACwfn0DBAC5TJQDBADBA6MDBADBA7oDBADBI+UDBADC
aIUDBADUEnsDBADUF8IDBADZciEDBADZciQDBADZd4UwDQYJKoZIhvcNAQELBQAD
ggEBAKo3eHvF27g/zUSF4lxf9mLKUjq/jTBIsMe4nnqgD56DRU62LJR1Cqn5l6nn
s20XB5TOIjivcNWubI6gUiLcW9RoUdOwebcvzZMj5vjHA46tIIhfRNpjd2W5ZTJz
yV24sVqHpt2ONlKmlJD9TVHuhQje/RD6Z1emzjCfi5lUmoQgL4w1E3UZn8mfLl5g
WmZQEoyHMb9odHfVqS44W74HKtDFdi0m13J4kl7a7qbr3LIneMjGCioz7QpdU3hh
X+RQ7bHPga4h2CCNoz/i/abzRk5xZnyCC5BCYuTS0M5Gvtwc4qkE9Oo2jRCdEe1p
zHVqpUKfEsuKoGh5VRmd8VFKCd4=
-----END CERTIFICATE-----
Generated at Thu May 9 22:00:50 2024 by rpki-client on console-ams.rpki-client.org