Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/C88Ltxhg-eSmUkPbME0OSRy-_tg.roa
File: C88Ltxhg-eSmUkPbME0OSRy-_tg.roa (raw, json)
Hash identifier: c2WGicWJdRJbabomrF0riTvSwewBNdp/ExAJeJi7CSk=
Subject key identifier: 0B:CF:0B:B7:18:60:F9:E4:A6:52:43:DB:30:4D:0E:49:1C:BE:FE:D8
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018F81828128A8CCD61D3A7B697054A5E84A
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/C88Ltxhg-eSmUkPbME0OSRy-_tg.roa
Signing time: Thu 16 May 2024 13:06:04 +0000
ROA not before: Thu 16 May 2024 13:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.0.0/24 maxlen: 24
46.253.1.0/24 maxlen: 24
46.253.2.0/24 maxlen: 24
46.253.3.0/24 maxlen: 24
46.253.4.0/24 maxlen: 24
46.253.5.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
95.169.203.0/24 maxlen: 24
185.1.156.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:82:81:28:a8:cc:d6:1d:3a:7b:69:70:54:a5:e8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: May 16 13:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bcf0bb71860f9e4a65243db304d0e491cbefed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a6:73:f7:4a:34:79:50:4c:5d:fb:9b:06:c4:
1d:e2:a2:68:87:fc:c6:a7:e5:da:60:df:22:6e:3a:
7d:f2:1a:ac:8c:1f:24:f4:02:3f:31:5c:63:71:eb:
51:7c:86:be:de:aa:70:32:a0:a4:da:68:96:80:31:
ec:17:35:f9:d4:af:42:c2:58:7c:43:79:82:bc:20:
cd:40:eb:84:66:28:06:9e:52:83:0a:06:da:05:35:
8b:a9:a7:75:25:95:e0:9a:70:bc:5d:b1:7f:f7:2b:
9f:0e:21:34:e5:98:c3:74:d2:c9:5f:01:bc:d9:b2:
ba:4d:e0:6f:e7:1d:01:f8:2a:4a:e6:21:6d:41:4d:
15:cd:5f:88:2c:51:66:f5:9f:43:2e:e1:21:5d:c4:
48:d8:8e:ec:16:08:61:96:57:27:32:9a:64:a6:b4:
4c:20:1b:26:bc:89:56:38:a8:40:79:e9:35:67:f1:
73:bd:67:45:29:fd:8d:8e:5a:88:55:49:ba:2a:79:
12:83:89:9d:93:ea:21:85:c6:64:53:74:61:f2:ca:
f9:60:95:ce:6e:57:a0:cf:70:3c:69:66:97:6a:d6:
3c:0a:87:e3:28:7e:6e:4c:3f:f3:0e:1e:ff:3a:b2:
f5:ab:90:fa:e0:0c:73:fb:9e:33:5b:f8:4e:e1:f7:
c3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CF:0B:B7:18:60:F9:E4:A6:52:43:DB:30:4D:0E:49:1C:BE:FE:D8
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/C88Ltxhg-eSmUkPbME0OSRy-_tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0-46.253.5.255
91.132.60.0/24
91.132.62.0/23
95.169.202.0/23
185.1.156.0/24
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
0c:83:a2:1a:81:b3:87:34:a2:7a:d1:d6:66:c7:e3:2d:26:bb:
0e:9e:86:c2:ef:e8:46:0b:0c:ed:6a:fe:85:8f:08:66:db:58:
b7:f3:34:02:cf:5e:67:31:a7:f9:66:6f:e6:93:2d:79:12:c6:
d9:f6:93:a2:a6:33:01:21:38:9b:d3:e8:53:ca:ab:63:5b:30:
7c:1d:ce:61:54:ef:47:67:69:7e:85:81:fa:60:35:06:4f:8b:
18:3d:17:55:8f:0f:e3:d4:01:67:a3:de:9e:cc:dc:4f:f9:82:
6e:b7:48:a5:0e:38:6f:56:3f:a3:22:44:50:c5:59:1d:b2:86:
8f:9d:48:08:5c:e3:9f:84:15:c0:28:4c:51:c3:66:a9:5a:69:
f2:5b:ce:b2:3f:6f:96:d1:a9:22:a7:aa:21:16:b0:4f:6c:80:
af:1a:a3:8a:ed:46:ac:73:47:76:26:77:dc:55:bd:bb:05:aa:
bf:57:e7:60:60:6b:5d:0a:0b:f4:cb:40:9a:e2:4a:2b:ce:ae:
5b:b9:4d:71:76:13:37:8e:02:9f:d1:5d:ec:72:36:43:55:20:
91:60:8f:32:a7:ac:65:1c:9e:25:30:7d:9a:62:60:2c:a2:6f:
a5:84:fd:de:af:30:12:4d:35:2f:94:df:ce:f8:28:18:30:99:
06:d3:50:30
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY+BgoEoqMzWHTp7aXBUpehKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQwNTE2MTMwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmNmMGJiNzE4NjBmOWU0YTY1MjQzZGIzMDRkMGU0OTFjYmVmZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaZz90o0eVBMXfubBsQd4qJoh/zG
p+XaYN8ibjp98hqsjB8k9AI/MVxjcetRfIa+3qpwMqCk2miWgDHsFzX51K9Cwlh8
Q3mCvCDNQOuEZigGnlKDCgbaBTWLqad1JZXgmnC8XbF/9yufDiE05ZjDdNLJXwG8
2bK6TeBv5x0B+CpK5iFtQU0VzV+ILFFm9Z9DLuEhXcRI2I7sFghhllcnMppkprRM
IBsmvIlWOKhAeek1Z/FzvWdFKf2NjlqIVUm6KnkSg4mdk+ohhcZkU3Rh8sr5YJXO
blegz3A8aWaXatY8CofjKH5uTD/zDh7/OrL1q5D64Axz+54zW/hO4ffD0wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAvPC7cYYPnkplJD2zBNDkkcvv7YMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvQzg4THR4aGctZVNtVWtQYk1FME9TUnktX3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAxBAIAATArMAsDAwAu/QME
AS79BAMEAFuEPAMEAVuEPgMEAV+pygMEALkBnAMEALnz1TANBAIAAjAHAwUAKgm+
gDANBgkqhkiG9w0BAQsFAAOCAQEADIOiGoGzhzSietHWZsfjLSa7Dp6Gwu/oRgsM
7Wr+hY8IZttYt/M0As9eZzGn+WZv5pMteRLG2faToqYzASE4m9PoU8qrY1swfB3O
YVTvR2dpfoWB+mA1Bk+LGD0XVY8P49QBZ6PenszcT/mCbrdIpQ44b1Y/oyJEUMVZ
HbKGj51ICFzjn4QVwChMUcNmqVpp8lvOsj9vltGpIqeqIRawT2yArxqjiu1GrHNH
diZ33FW9uwWqv1fnYGBrXQoL9MtAmuJKK86uW7lNcXYTN44Cn9Fd7HI2Q1UgkWCP
MqesZRyeJTB9mmJgLKJvpYT93q8wEk01L5TfzvgoGDCZBtNQMA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:34:48 2024 by rpki-client on console-fra.rpki-client.org