Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/SGlozPujQe5bYXZl4JgoT4bsQiw.roa
File: SGlozPujQe5bYXZl4JgoT4bsQiw.roa (raw, json)
Hash identifier: kDBCZTmYvgJOzZM1VtDggs4LD3ZeG+nHfcYj1F/yj0w=
Subject key identifier: 48:69:68:CC:FB:A3:41:EE:5B:61:76:65:E0:98:28:4F:86:EC:42:2C
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 018CC64A7E7E8FD6521E8F620E1FCEFFAA89
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/SGlozPujQe5bYXZl4JgoT4bsQiw.roa
Signing time: Mon 01 Jan 2024 18:30:19 +0000
ROA not before: Mon 01 Jan 2024 18:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43824
IP address blocks: 78.40.179.0/24 maxlen: 24
78.40.178.0/24 maxlen: 24
78.40.177.0/24 maxlen: 24
78.40.176.0/24 maxlen: 24
78.40.183.0/24 maxlen: 24
78.40.182.0/24 maxlen: 24
78.40.181.0/24 maxlen: 24
78.40.180.0/24 maxlen: 24
185.160.226.0/24 maxlen: 24
185.160.225.0/24 maxlen: 24
185.160.224.0/24 maxlen: 24
185.160.227.0/24 maxlen: 24
185.87.171.0/24 maxlen: 24
185.87.170.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
2a0b:8e80:1::/48 maxlen: 48
2a0b:8e80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:7e:7e:8f:d6:52:1e:8f:62:0e:1f:ce:ff:aa:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Jan 1 18:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=486968ccfba341ee5b617665e098284f86ec422c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:d6:c6:8f:5e:92:c0:bc:5d:fe:95:24:6b:
1b:bd:e0:9e:e7:0d:b6:ee:e2:20:82:f4:74:6f:c7:
15:3c:8d:92:79:2a:53:90:6b:20:4b:04:47:5c:0a:
57:b6:b3:c9:24:d7:98:54:a4:26:09:99:93:0b:49:
3c:16:01:e6:cc:cf:81:98:fe:aa:0e:16:2e:6a:36:
bd:c4:b5:4b:8e:a2:5e:a8:a3:89:4d:2c:31:ad:db:
86:51:39:f5:71:35:9a:e5:b6:13:3c:b9:8c:c9:28:
6f:71:9b:66:e7:0e:06:8f:3f:47:38:d0:cc:21:8e:
12:34:27:84:78:31:78:5e:8a:85:b0:40:f4:89:15:
f5:95:ca:95:fe:7e:5d:77:a3:79:9a:e7:9f:05:3d:
f5:bc:4c:2a:c4:a2:7b:5d:00:f9:bd:f5:37:07:2c:
24:7f:fa:7c:f0:b5:fa:df:27:4a:81:0c:4d:64:1e:
99:b1:5d:a5:a5:e5:4d:c2:b1:34:11:5d:6d:e6:fa:
28:b1:ca:0e:7a:1d:31:38:6b:b1:63:9d:a7:db:b7:
04:88:28:03:26:4b:5e:4d:4f:70:f0:6e:73:ed:2d:
81:69:90:40:78:5d:bd:11:2f:02:45:96:f8:a4:14:
5a:a5:ba:16:68:c6:05:f3:96:62:22:23:16:5f:da:
18:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:69:68:CC:FB:A3:41:EE:5B:61:76:65:E0:98:28:4F:86:EC:42:2C
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/SGlozPujQe5bYXZl4JgoT4bsQiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.176.0/21
185.87.168.0/24
185.87.170.0/23
185.160.224.0/22
IPv6:
2a0b:8e80::/47
Signature Algorithm: sha256WithRSAEncryption
3d:28:30:a0:f2:b6:97:bb:fa:8c:03:2c:d8:4f:57:e7:3e:37:
73:ee:4f:e7:f7:16:58:b7:ad:13:da:b6:cf:35:32:81:91:02:
11:ed:dd:93:05:fc:3e:77:cf:8e:57:86:1c:fd:5f:5e:62:59:
d3:6a:ee:dc:d2:88:2b:ef:a1:d1:9e:e8:5e:b7:d0:40:12:57:
cf:e5:da:3b:47:83:87:f8:85:50:0f:e4:87:89:2c:2f:a5:d8:
57:ed:5d:f5:ac:a2:70:a0:9d:a0:02:86:45:5c:e5:25:3e:b5:
2e:a7:ca:c1:4b:24:e0:d4:4f:1e:76:05:a2:34:e3:09:88:2d:
b0:bb:4e:37:24:96:4d:a0:29:4f:ce:c6:db:54:d6:22:2b:ee:
cf:0c:4f:20:86:bb:06:93:7f:2d:c5:54:c4:9b:f4:91:bf:04:
60:21:07:a0:f5:c1:fa:38:0f:e0:fd:b6:c4:33:90:12:85:8f:
bf:fc:49:cd:80:10:65:41:09:68:36:08:7e:e7:4b:51:bd:8c:
dd:29:3d:6e:76:76:36:96:8b:0e:79:2e:d1:01:b7:09:68:9d:
ff:3e:0c:e3:17:79:c9:d3:7c:9c:7b:6a:7d:47:26:4f:bc:24:
eb:d6:1c:f7:20:ee:7c:63:68:a7:bd:03:46:d8:f3:16:c3:1c:
06:dd:ae:b1
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGSn5+j9ZSHo9iDh/O/6qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjQwMTAxMTgzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODY5NjhjY2ZiYTM0MWVlNWI2MTc2NjVlMDk4Mjg0Zjg2ZWM0MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyvWxo9eksC8Xf6VJGsbveCe5w22
7uIggvR0b8cVPI2SeSpTkGsgSwRHXApXtrPJJNeYVKQmCZmTC0k8FgHmzM+BmP6q
DhYuaja9xLVLjqJeqKOJTSwxrduGUTn1cTWa5bYTPLmMyShvcZtm5w4Gjz9HONDM
IY4SNCeEeDF4XoqFsED0iRX1lcqV/n5dd6N5muefBT31vEwqxKJ7XQD5vfU3Bywk
f/p88LX63ydKgQxNZB6ZsV2lpeVNwrE0EV1t5vooscoOeh0xOGuxY52n27cEiCgD
JkteTU9w8G5z7S2BaZBAeF29ES8CRZb4pBRapboWaMYF85ZiIiMWX9oYnQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEhpaMz7o0HuW2F2ZeCYKE+G7EIsMB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvU0dsb3pQdWpRZTViWVhabDRKZ29UNGJzUWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQDTiiwAwQA
uVeoAwQBuVeqAwQCuaDgMA8EAgACMAkDBwEqC46AAAAwDQYJKoZIhvcNAQELBQAD
ggEBAD0oMKDytpe7+owDLNhPV+c+N3PuT+f3Fli3rRPats81MoGRAhHt3ZMF/D53
z45Xhhz9X15iWdNq7tzSiCvvodGe6F630EASV8/l2jtHg4f4hVAP5IeJLC+l2Fft
XfWsonCgnaAChkVc5SU+tS6nysFLJODUTx52BaI04wmILbC7Tjcklk2gKU/OxttU
1iIr7s8MTyCGuwaTfy3FVMSb9JG/BGAhB6D1wfo4D+D9tsQzkBKFj7/8Sc2AEGVB
CWg2CH7nS1G9jN0pPW52djaWiw55LtEBtwlonf8+DOMXecnTfJx7an1HJk+8JOvW
HPcg7nxjaKe9A0bY8xbDHAbdrrE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:24 2024 by rpki-client on console-ams.rpki-client.org