Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/47mpN30q4FNutUlTaAwHwr0rFRI.roa
File: 47mpN30q4FNutUlTaAwHwr0rFRI.roa (raw, json)
Hash identifier: X/Y+KDgWCLYBUuJODTDONVz6p0/EBxqlXAMSTRthRoE=
Subject key identifier: E3:B9:A9:37:7D:2A:E0:53:6E:B5:49:53:68:0C:07:C2:BD:2B:15:12
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 0193168391B23A979ABEFF4FA58FFB76F447
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/47mpN30q4FNutUlTaAwHwr0rFRI.roa
Signing time: Sun 10 Nov 2024 14:39:01 +0000
ROA not before: Sun 10 Nov 2024 14:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
76.164.201.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
2a12:3200:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:16:83:91:b2:3a:97:9a:be:ff:4f:a5:8f:fb:76:f4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Nov 10 14:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3b9a9377d2ae0536eb54953680c07c2bd2b1512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fd:e4:27:b7:01:c6:2e:8b:7b:db:1a:28:88:
03:f1:bd:19:e8:b5:89:92:a0:ab:a3:1b:93:b1:ed:
b9:b6:4c:c4:f0:c8:33:83:05:24:78:07:b9:b5:2a:
f2:09:3d:d5:8f:42:ae:aa:74:f2:4d:d9:53:bc:68:
f4:84:6f:0d:b2:73:82:44:0a:d9:6c:47:b6:dd:a3:
0c:d4:e7:25:da:3e:37:70:01:d8:26:8e:98:aa:97:
30:8c:48:25:5a:5a:ba:9b:cd:65:2c:93:e3:67:53:
f2:34:d8:96:17:f4:6e:6a:4c:95:37:d5:9e:5c:a7:
6b:fd:44:70:cf:da:3d:68:59:ee:4e:6d:28:1c:1d:
7e:a6:75:d7:f5:1e:d0:db:55:aa:6a:27:a7:d5:a7:
30:36:b6:43:4c:a6:20:97:60:5b:e9:05:5f:b9:47:
97:de:73:6c:88:0c:06:18:38:4e:75:9e:84:4f:de:
80:7f:f5:0b:6f:63:fa:b4:c4:b0:f8:54:dd:4c:cb:
26:b1:eb:f3:57:6d:af:b7:c0:cd:69:94:1d:54:62:
41:1d:84:06:99:dc:e7:5d:ca:a8:b0:2d:1f:95:b2:
7d:53:01:ed:25:bb:ff:3b:d7:31:49:6a:04:60:4c:
47:f1:eb:75:6a:4a:53:e3:64:0d:01:0f:b3:ed:bc:
67:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B9:A9:37:7D:2A:E0:53:6E:B5:49:53:68:0C:07:C2:BD:2B:15:12
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/47mpN30q4FNutUlTaAwHwr0rFRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0/23
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
IPv6:
2a12:3200::/33
Signature Algorithm: sha256WithRSAEncryption
01:42:34:23:56:48:60:a2:ba:86:cd:ad:a8:a8:04:74:4b:b5:
fa:23:47:9b:64:d7:f9:20:88:e1:3a:2e:69:ba:91:15:ed:cf:
73:67:f0:4a:77:c0:cd:b4:a0:cc:79:fa:e8:09:39:69:86:ba:
d5:b9:59:be:de:ac:6a:61:9e:4f:8b:26:bc:a0:96:92:f5:bc:
7e:b8:d8:c7:83:3e:bb:d4:58:47:0e:c9:56:1c:29:f1:18:be:
da:d2:9f:fa:ab:05:39:43:6e:91:f9:e4:71:84:e7:9c:00:a1:
dc:91:ea:63:bd:48:4e:08:06:16:9d:78:43:a5:a7:fd:4c:d4:
4a:f5:0e:62:a5:c9:de:49:e4:5b:45:1f:f3:9c:23:be:ec:37:
9b:a3:2d:2c:f7:41:1a:20:cf:d7:cf:d9:3f:91:9c:bd:a0:e8:
15:a2:aa:81:6f:fe:97:ab:e8:02:af:94:af:40:e2:29:05:34:
eb:17:55:1e:f3:c3:33:9c:0f:6d:a7:05:8d:50:a7:c4:2d:2b:
96:80:59:73:a2:9b:3d:7a:0d:ad:08:90:9f:86:2d:69:97:7f:
06:7c:af:b9:b6:43:9e:67:2f:c9:50:48:36:fe:28:1b:ff:33:
62:90:d1:6c:dd:58:27:89:68:08:63:f1:61:d7:b9:51:12:5c:
ec:e5:01:2f
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZMWg5GyOpeavv9PpY/7dvRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjQxMTEwMTQzOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2I5YTkzNzdkMmFlMDUzNmViNTQ5NTM2ODBjMDdjMmJkMmIxNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/3kJ7cBxi6Le9saKIgD8b0Z6LWJ
kqCroxuTse25tkzE8MgzgwUkeAe5tSryCT3Vj0KuqnTyTdlTvGj0hG8NsnOCRArZ
bEe23aMM1Ocl2j43cAHYJo6YqpcwjEglWlq6m81lLJPjZ1PyNNiWF/RuakyVN9We
XKdr/URwz9o9aFnuTm0oHB1+pnXX9R7Q21Wqaien1acwNrZDTKYgl2Bb6QVfuUeX
3nNsiAwGGDhOdZ6ET96Af/ULb2P6tMSw+FTdTMsmsevzV22vt8DNaZQdVGJBHYQG
mdznXcqosC0flbJ9UwHtJbv/O9cxSWoEYExH8et1akpT42QNAQ+z7bxnFwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFOO5qTd9KuBTbrVJU2gMB8K9KxUSMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvNDdtcE4zMHE0Rk51dFVsVGFBd0h3cjByRlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGwEAgABMGYDBAAu5fMD
BAAu5fsDBAAu5f0DBAFMpMgDBABNSnsDBABT5T0DBABVzGsDBABcKmQDBABncKsD
BAFneTADBAFnfjIDBAFn9JADBABn9vgDBAC5aD8DBADDSl0DBADLDiADBADLGWww
DgQCAAIwCAMGByoSMgAAMA0GCSqGSIb3DQEBCwUAA4IBAQABQjQjVkhgorqGza2o
qAR0S7X6I0ebZNf5IIjhOi5pupEV7c9zZ/BKd8DNtKDMefroCTlphrrVuVm+3qxq
YZ5Piya8oJaS9bx+uNjHgz671FhHDslWHCnxGL7a0p/6qwU5Q26R+eRxhOecAKHc
kepjvUhOCAYWnXhDpaf9TNRK9Q5ipcneSeRbRR/znCO+7Deboy0s90EaIM/Xz9k/
kZy9oOgVoqqBb/6Xq+gCr5SvQOIpBTTrF1Ue88MznA9tpwWNUKfELSuWgFlzops9
eg2tCJCfhi1pl38GfK+5tkOeZy/JUEg2/igb/zNikNFs3VgniWgIY/Fh17lRElzs
5QEv
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:38:19 2024 by rpki-client on console-fra.rpki-client.org