Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Rw7ec_QrgoIRWHwFprXrLuemlGY.roa
File: Rw7ec_QrgoIRWHwFprXrLuemlGY.roa (raw, json)
Hash identifier: mvVmtJhVgGHDeSy+9DqzRWdKmkjWg+6ZER91tOS2G8k=
Subject key identifier: 47:0E:DE:73:F4:2B:82:82:11:58:7C:05:A6:B5:EB:2E:E7:A6:94:66
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A244CEC3DB8C94B6CF9C74197DB84
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Rw7ec_QrgoIRWHwFprXrLuemlGY.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60612
IP address blocks: 95.46.164.0/23 maxlen: 24
93.170.7.0/24 maxlen: 24
95.47.175.0/24 maxlen: 24
95.46.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:24:4c:ec:3d:b8:c9:4b:6c:f9:c7:41:97:db:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=470ede73f42b828211587c05a6b5eb2ee7a69466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1f:22:25:8d:bc:57:2a:58:86:50:fb:8b:2d:
ef:ce:08:23:8b:95:8b:b0:42:f4:02:a0:15:1b:f7:
a9:ad:46:bf:6c:0c:ef:ce:82:fd:48:d9:14:38:7b:
88:2a:2f:6d:c5:8a:af:bc:f5:de:a3:e4:4f:c6:d2:
c8:ce:d1:eb:e4:5d:f8:a5:9f:bc:ee:db:95:59:d1:
ec:dd:c1:ee:3d:e1:36:4e:2a:52:5e:94:58:bc:e3:
da:39:08:05:a6:c3:0a:76:b6:bf:23:4b:61:96:3a:
cc:1f:0e:ad:23:a7:e2:3d:f5:07:8d:9b:ec:e3:02:
25:e8:dd:a8:e9:16:8a:6f:4d:38:b1:a8:d2:a3:c1:
14:4b:e8:78:ec:55:f0:72:24:f1:2b:98:d9:c4:4c:
c7:fb:47:b1:aa:8e:d8:51:db:bf:e4:e9:64:55:87:
ee:4c:b7:d6:86:da:e5:77:42:d7:d4:32:58:a8:5a:
4e:a5:2c:ab:49:a3:f4:77:97:df:94:c1:53:df:1e:
e9:eb:05:ac:89:2c:26:8c:11:67:46:38:ea:7b:dd:
39:d4:5a:68:5d:95:0c:3a:2b:35:87:c5:2f:44:2a:
ac:e6:14:36:3a:9a:7d:75:1d:aa:a8:97:19:51:46:
33:47:27:ef:b7:d0:dc:60:ab:98:55:03:68:89:9f:
ef:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0E:DE:73:F4:2B:82:82:11:58:7C:05:A6:B5:EB:2E:E7:A6:94:66
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Rw7ec_QrgoIRWHwFprXrLuemlGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.7.0/24
95.46.125.0/24
95.46.164.0/23
95.47.175.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ec:64:b5:e9:e4:24:1e:0e:b5:95:49:ea:c0:00:0c:f0:a4:
69:45:b5:18:60:2a:55:34:3e:28:d6:2e:99:b8:51:9e:f4:5a:
22:fe:1c:ac:ed:b5:bd:a1:cc:ee:95:9f:2e:a5:30:5b:a6:0c:
4f:c5:62:22:e1:4a:f1:6f:02:97:47:2a:ae:3d:e7:53:fc:8b:
09:02:a5:05:1c:76:cf:bf:81:b7:02:64:cb:9e:21:cf:4e:cc:
18:e3:e5:9c:da:17:20:c0:8f:d2:5e:3d:5f:66:b2:a9:79:33:
e0:33:7c:9c:ad:a1:f1:6d:15:41:d9:e4:1c:78:15:66:ae:9a:
65:80:4b:9c:a2:8e:c2:8a:1b:45:aa:74:3c:77:55:fc:12:ce:
ec:54:7d:0d:e6:8b:fa:b8:15:ee:18:3e:39:57:f0:35:e6:90:
f1:b8:45:92:58:11:78:56:17:8a:3e:a4:ce:33:85:e4:2e:54:
09:8d:3f:8c:a3:be:71:ba:6e:e8:a2:2f:1e:9f:e3:61:00:9c:
66:24:f8:10:80:8a:10:19:4a:a0:dc:39:87:c0:92:fc:64:80:
fd:ff:02:f7:cd:20:42:51:4d:4f:99:98:9a:e4:a0:c9:b3:c6:
94:c6:9d:25:ce:f7:86:6e:73:9f:22:64:b1:b0:09:e1:73:12:
dc:cb:94:44
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKiRM7D24yUts+cdBl9uEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzBlZGU3M2Y0MmI4MjgyMTE1ODdjMDVhNmI1ZWIyZWU3YTY5NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx8iJY28VypYhlD7iy3vzggji5WL
sEL0AqAVG/eprUa/bAzvzoL9SNkUOHuIKi9txYqvvPXeo+RPxtLIztHr5F34pZ+8
7tuVWdHs3cHuPeE2TipSXpRYvOPaOQgFpsMKdra/I0thljrMHw6tI6fiPfUHjZvs
4wIl6N2o6RaKb004sajSo8EUS+h47FXwciTxK5jZxEzH+0exqo7YUdu/5OlkVYfu
TLfWhtrld0LX1DJYqFpOpSyrSaP0d5fflMFT3x7p6wWsiSwmjBFnRjjqe9051Fpo
XZUMOis1h8UvRCqs5hQ2Opp9dR2qqJcZUUYzRyfvt9DcYKuYVQNoiZ/vTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEcO3nP0K4KCEVh8Baa16y7nppRmMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUnc3ZWNfUXJnb0lSV0h3RnByWHJMdWVtbEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXaoHAwQA
Xy59AwQBXy6kAwQAXy+vMA0GCSqGSIb3DQEBCwUAA4IBAQBQ7GS16eQkHg61lUnq
wAAM8KRpRbUYYCpVND4o1i6ZuFGe9Foi/hys7bW9oczulZ8upTBbpgxPxWIi4Urx
bwKXRyquPedT/IsJAqUFHHbPv4G3AmTLniHPTswY4+Wc2hcgwI/SXj1fZrKpeTPg
M3ycraHxbRVB2eQceBVmrpplgEucoo7CihtFqnQ8d1X8Es7sVH0N5ov6uBXuGD45
V/A15pDxuEWSWBF4VheKPqTOM4XkLlQJjT+Mo75xum7ooi8en+NhAJxmJPgQgIoQ
GUqg3DmHwJL8ZID9/wL3zSBCUU1PmZia5KDJs8aUxp0lzveGbnOfImSxsAnhcxLc
y5RE
-----END CERTIFICATE-----
Generated at Tue Jun 11 07:42:23 2024 by rpki-client on console-fra.rpki-client.org