Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa
File: Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa (raw, json)
Hash identifier: 7tenFVgQg127sPgJWl0tLSet7Ggs/jXOBxEe507pzMo=
Subject key identifier: 2A:BD:CE:0F:F8:7B:7B:C8:04:9E:BA:F4:13:A5:75:CF:9E:EB:52:D7
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 018CCA2A37F469D1EEEB9DB97DED6926CA62
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51788
IP address blocks: 46.148.32.0/24 maxlen: 24
46.148.37.0/24 maxlen: 24
46.148.33.0/24 maxlen: 24
46.148.34.0/24 maxlen: 24
46.148.42.0/24 maxlen: 24
46.148.40.0/24 maxlen: 24
46.148.41.0/24 maxlen: 24
46.148.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:37:f4:69:d1:ee:eb:9d:b9:7d:ed:69:26:ca:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2abdce0ff87b7bc8049ebaf413a575cf9eeb52d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6f:91:57:c8:3e:f6:09:42:7a:5e:41:90:32:
74:6a:b6:0d:c1:3c:c8:68:84:54:66:2f:ee:2b:cc:
72:ac:71:fa:da:d2:1a:a2:7e:b7:47:b9:b5:cb:81:
5e:37:f2:bc:45:f8:da:58:f0:f0:bc:ad:1f:d4:27:
22:b8:13:97:05:3a:cf:da:3a:55:f7:59:75:3d:4a:
f8:05:22:34:1b:6a:12:75:61:43:95:78:f4:a4:4c:
f8:d4:0b:15:b8:09:71:d6:8e:c4:a6:e9:2e:37:15:
af:48:b3:7e:82:77:02:38:b1:25:8f:37:cd:89:60:
ce:f9:9a:45:48:3b:25:9a:37:ec:65:40:99:62:7c:
e1:67:fa:fc:45:c9:66:45:bb:7a:cf:22:ac:cf:48:
2d:d5:43:8b:3e:b9:55:89:37:2b:69:2e:4b:bc:60:
43:cd:23:05:6e:ed:09:0a:04:37:aa:47:b8:43:22:
41:f8:20:22:2e:e7:bf:80:89:93:e3:72:6c:4e:2d:
8a:aa:0b:4e:b7:df:fc:04:28:12:00:57:40:f7:fa:
68:d7:4f:c4:00:44:64:0d:6d:58:03:bc:0f:cf:63:
e2:87:56:a9:56:b2:b3:4d:ef:74:ea:3e:89:4e:f4:
f1:a5:49:49:fb:5a:81:f3:d3:08:62:36:41:66:40:
11:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:CE:0F:F8:7B:7B:C8:04:9E:BA:F4:13:A5:75:CF:9E:EB:52:D7
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/Kr3OD_h7e8gEnrr0E6V1z57rUtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.32.0-46.148.34.255
46.148.37.0/24
46.148.40.0-46.148.42.255
46.148.47.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:dc:1c:48:8a:de:82:e6:d4:8e:5a:47:7b:d2:cd:2a:b2:79:
b0:eb:2d:2c:e4:29:b8:60:c2:3c:b4:40:cd:5c:b9:5f:89:4f:
b7:4c:9a:6a:4a:2c:d6:e8:88:57:26:fb:28:e1:5b:90:a8:e8:
5c:02:dc:fe:a8:4d:3a:23:85:d1:06:a2:af:74:0b:6f:a2:c8:
10:40:57:14:25:10:3a:92:95:54:10:bf:17:47:de:86:8f:58:
e5:bd:a8:82:43:2b:7c:ba:45:64:c0:ac:33:f6:45:8c:e9:e6:
74:a1:a2:80:b5:ea:bd:a4:88:cb:2b:64:29:fb:ea:9a:d7:21:
2b:33:26:bb:1a:bd:c3:8f:5e:ca:48:96:8d:bf:88:7a:1f:24:
18:ff:39:ba:1c:3a:79:60:73:59:28:8d:00:b6:fb:e6:e8:60:
76:c4:aa:65:10:82:15:72:9c:21:f1:d6:9f:2f:c3:95:cf:1d:
c4:23:a2:3f:94:82:47:51:d3:24:82:f2:3f:a5:ea:bb:98:bc:
70:85:2a:64:71:b9:21:bf:09:95:21:56:e4:c7:48:fd:de:71:
55:96:25:42:37:9d:ea:d0:94:d9:eb:90:a1:53:55:a9:b6:d2:
b7:78:b2:64:e4:54:ee:85:94:ad:ca:89:6e:6f:65:07:10:3c:
40:70:15:d3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzKKjf0adHu6525fe1pJspiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJkY2UwZmY4N2I3YmM4MDQ5ZWJhZjQxM2E1NzVjZjllZWI1MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm+RV8g+9glCel5BkDJ0arYNwTzI
aIRUZi/uK8xyrHH62tIaon63R7m1y4FeN/K8RfjaWPDwvK0f1CciuBOXBTrP2jpV
91l1PUr4BSI0G2oSdWFDlXj0pEz41AsVuAlx1o7EpukuNxWvSLN+gncCOLEljzfN
iWDO+ZpFSDslmjfsZUCZYnzhZ/r8RclmRbt6zyKsz0gt1UOLPrlViTcraS5LvGBD
zSMFbu0JCgQ3qke4QyJB+CAiLue/gImT43JsTi2KqgtOt9/8BCgSAFdA9/po10/E
AERkDW1YA7wPz2Pih1apVrKzTe906j6JTvTxpUlJ+1qB89MIYjZBZkAR/wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCq9zg/4e3vIBJ669BOldc+e61LXMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvS3IzT0RfaDdlOGdFbnJyMEU2VjF6NTdyVXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUulCAD
BAAulCIDBAAulCUwDAMEAy6UKAMEAC6UKgMEAC6ULzANBgkqhkiG9w0BAQsFAAOC
AQEAPNwcSIregubUjlpHe9LNKrJ5sOstLOQpuGDCPLRAzVy5X4lPt0yaakos1uiI
Vyb7KOFbkKjoXALc/qhNOiOF0Qair3QLb6LIEEBXFCUQOpKVVBC/F0feho9Y5b2o
gkMrfLpFZMCsM/ZFjOnmdKGigLXqvaSIyytkKfvqmtchKzMmuxq9w49eykiWjb+I
eh8kGP85uhw6eWBzWSiNALb75uhgdsSqZRCCFXKcIfHWny/Dlc8dxCOiP5SCR1HT
JILyP6Xqu5i8cIUqZHG5Ib8JlSFW5MdI/d5xVZYlQjed6tCU2euQoVNVqbbSt3iy
ZORU7oWUrcqJbm9lBxA8QHAV0w==
-----END CERTIFICATE-----
Generated at Sun May 19 19:43:32 2024 by rpki-client on console-fra.rpki-client.org