Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/SGLhLPWTcGdvc42gbs5d-AfBx48.roa
File: SGLhLPWTcGdvc42gbs5d-AfBx48.roa (raw, json)
Hash identifier: MQSQZV7nj29zq4cf+mtzKMLvaT0/I6hlS08veE80AZc=
Subject key identifier: 48:62:E1:2C:F5:93:70:67:6F:73:8D:A0:6E:CE:5D:F8:07:C1:C7:8F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01951A120410119E94EDB8086DCBC6BC31E1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/SGLhLPWTcGdvc42gbs5d-AfBx48.roa
Signing time: Tue 18 Feb 2025 17:19:03 +0000
ROA not before: Tue 18 Feb 2025 17:19:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62314
IP address blocks: 92.38.32.0/24 maxlen: 24
92.38.95.0/24 maxlen: 24
93.170.190.0/24 maxlen: 24
93.170.250.0/23 maxlen: 24
93.171.178.0/23 maxlen: 24
146.120.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1a:12:04:10:11:9e:94:ed:b8:08:6d:cb:c6:bc:31:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 18 17:19:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4862e12cf59370676f738da06ece5df807c1c78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9f:7a:e7:20:26:dc:33:cd:b5:4e:e2:16:a7:
ff:f5:fa:3f:af:9d:eb:8a:97:84:aa:d4:15:47:cc:
82:09:aa:2f:d3:57:f4:14:ea:62:30:db:43:4e:88:
61:79:72:25:9f:ef:a3:48:b4:8a:9d:48:3d:a7:1c:
3e:6a:db:04:3b:7c:fd:bc:54:87:76:a9:72:8e:cd:
f4:fa:e1:ed:fc:aa:51:94:c5:12:ea:a6:4d:df:98:
76:32:b0:24:5d:1f:19:76:d6:6a:d6:48:25:ba:0c:
60:1d:5d:5a:50:a6:96:13:58:cb:d0:d5:32:be:0e:
c2:8c:8b:c8:dc:e8:1b:bb:85:02:23:2f:f0:e8:7d:
ff:03:0a:e6:7b:b7:a1:20:7f:3c:4a:58:e1:56:7d:
ec:c5:04:4b:27:1e:a5:31:da:57:c0:4a:39:fa:b0:
b5:b7:2b:8d:33:a9:7d:4e:75:67:81:cd:46:75:bf:
b1:40:ee:6a:e3:2b:47:ea:5f:42:ed:53:ca:7d:0c:
f6:bb:77:4e:f2:3a:ce:10:32:4a:41:7f:4c:1b:fc:
2b:a1:cc:a8:2d:f9:0e:7d:e8:8a:95:c2:e6:c0:34:
a6:f4:26:83:b8:a5:a6:d5:01:ee:dd:2c:cd:fd:a2:
8a:a7:f1:42:78:c6:2e:a9:b1:3f:4b:cb:73:90:e5:
37:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:62:E1:2C:F5:93:70:67:6F:73:8D:A0:6E:CE:5D:F8:07:C1:C7:8F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/SGLhLPWTcGdvc42gbs5d-AfBx48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.32.0/24
92.38.95.0/24
93.170.190.0/24
93.170.250.0/23
93.171.178.0/23
146.120.91.0/24
Signature Algorithm: sha256WithRSAEncryption
96:f1:38:85:53:fa:54:71:62:96:cf:35:53:f4:7e:84:8d:86:
85:cb:56:a9:97:5f:b6:5e:95:f9:36:10:8c:6f:0e:fb:d0:ea:
0b:2d:8b:89:0a:d9:79:db:d2:71:24:fc:0d:2e:b2:6c:0a:a9:
fa:96:62:5a:6b:48:97:76:ec:e4:03:95:af:c5:c2:b3:ba:b1:
16:50:cb:f2:3b:39:07:5a:ab:9c:3f:e3:8a:51:93:26:68:34:
9a:1e:e5:a5:92:87:2d:d1:83:25:0c:01:c8:83:94:1d:54:b7:
07:02:8a:f7:be:08:90:63:66:c0:32:09:93:17:fa:46:4f:cc:
fc:25:6c:b6:41:b0:05:57:6d:75:88:01:bd:c1:20:1e:c8:56:
ce:51:eb:ee:1e:c2:40:de:85:62:cb:c4:cb:49:96:31:44:b6:
49:38:d9:17:4d:99:b5:67:8e:5c:12:7f:d8:68:cd:f0:14:27:
ad:e9:4a:73:2e:0d:88:06:2e:6b:5f:0b:1f:3f:25:f0:06:40:
26:f1:bc:3d:ea:d2:85:05:08:92:58:0f:09:98:25:8e:e8:33:
d1:be:0a:0b:71:5f:bd:5c:6c:99:f3:6a:cb:de:25:5c:13:9e:
23:d7:19:d6:36:e2:d8:97:20:8e:20:a4:05:c9:3a:88:9a:1f:
03:80:46:6d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZUaEgQQEZ6U7bgIbcvGvDHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMjE4MTcxOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYyZTEyY2Y1OTM3MDY3NmY3MzhkYTA2ZWNlNWRmODA3YzFjNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp965yAm3DPNtU7iFqf/9fo/r53r
ipeEqtQVR8yCCaov01f0FOpiMNtDTohheXIln++jSLSKnUg9pxw+atsEO3z9vFSH
dqlyjs30+uHt/KpRlMUS6qZN35h2MrAkXR8ZdtZq1kglugxgHV1aUKaWE1jL0NUy
vg7CjIvI3Ogbu4UCIy/w6H3/Awrme7ehIH88SljhVn3sxQRLJx6lMdpXwEo5+rC1
tyuNM6l9TnVngc1Gdb+xQO5q4ytH6l9C7VPKfQz2u3dO8jrOEDJKQX9MG/wrocyo
LfkOfeiKlcLmwDSm9CaDuKWm1QHu3SzN/aKKp/FCeMYuqbE/S8tzkOU3lwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEhi4Sz1k3Bnb3ONoG7OXfgHwcePMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvU0dMaExQV1RjR2R2YzQyZ2JzNWQtQWZCeDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXCYgAwQA
XCZfAwQAXaq+AwQBXar6AwQBXauyAwQAknhbMA0GCSqGSIb3DQEBCwUAA4IBAQCW
8TiFU/pUcWKWzzVT9H6EjYaFy1apl1+2XpX5NhCMbw770OoLLYuJCtl529JxJPwN
LrJsCqn6lmJaa0iXduzkA5WvxcKzurEWUMvyOzkHWqucP+OKUZMmaDSaHuWlkoct
0YMlDAHIg5QdVLcHAor3vgiQY2bAMgmTF/pGT8z8JWy2QbAFV211iAG9wSAeyFbO
UevuHsJA3oViy8TLSZYxRLZJONkXTZm1Z45cEn/YaM3wFCet6UpzLg2IBi5rXwsf
PyXwBkAm8bw96tKFBQiSWA8JmCWO6DPRvgoLcV+9XGyZ82rL3iVcE54j1xnWNuLY
lyCOIKQFyTqImh8DgEZt
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:13 2025 by rpki-client