Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cbFAsbgcRvrC5PdWZ2BN-ySGuqk.roa
File: cbFAsbgcRvrC5PdWZ2BN-ySGuqk.roa (raw, json)
Hash identifier: Wg6ZXJPv60Tu10j9cZun2RuWlAx5vihbZ+iI/xhcIjg=
Subject key identifier: 71:B1:40:B1:B8:1C:46:FA:C2:E4:F7:56:67:60:4D:FB:24:86:BA:A9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29F03EC632379D059DD0E8FB7AB406
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cbFAsbgcRvrC5PdWZ2BN-ySGuqk.roa
Signing time: Tue 02 Jan 2024 12:33:15 +0000
ROA not before: Tue 02 Jan 2024 12:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42772
IP address blocks: 151.249.128.0/17 maxlen: 24
95.46.46.0/24 maxlen: 24
92.38.64.0/20 maxlen: 24
95.46.200.0/21 maxlen: 24
95.46.208.0/24 maxlen: 24
146.120.128.0/20 maxlen: 24
93.171.112.0/20 maxlen: 24
146.120.144.0/21 maxlen: 24
146.120.32.0/21 maxlen: 24
95.46.16.0/20 maxlen: 24
93.170.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f0:3e:c6:32:37:9d:05:9d:d0:e8:fb:7a:b4:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71b140b1b81c46fac2e4f75667604dfb2486baa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:5d:8d:87:e1:a3:79:bc:02:d5:72:43:6b:
74:c0:11:50:90:9e:c3:dc:99:93:4c:e3:47:c8:e3:
9a:60:9b:b6:34:03:7c:1b:1d:c3:df:ee:70:9a:87:
93:e2:7b:a4:f9:10:dc:e9:93:82:a9:b3:6d:3f:85:
f6:71:64:d9:bc:a8:ea:c0:cc:00:e4:70:cd:77:dd:
5c:9b:67:b6:39:a8:a1:9e:c3:73:ec:73:35:56:9d:
39:ff:36:f7:00:fb:2b:07:d8:cb:1f:be:4a:6b:0f:
03:d9:85:e9:0a:65:97:8e:f5:a8:ca:e5:b1:c2:64:
b1:2c:68:6b:0b:8c:f2:17:0a:be:f6:a7:69:72:dd:
08:96:e4:89:4f:b9:0d:4d:91:f3:63:64:0f:f5:cb:
26:df:d0:b5:f2:18:63:aa:1a:d9:27:0e:8e:4a:a9:
f7:be:49:79:f4:41:90:30:b8:f4:ac:fc:09:8a:08:
54:9e:fc:d9:91:ca:91:61:fd:ca:42:3f:9c:78:6f:
b6:91:6a:c7:fe:65:2d:96:7e:55:f6:67:0c:7e:0a:
67:61:5b:ba:9e:d8:d4:96:95:e3:ff:57:21:b0:be:
6e:0c:98:b5:6e:82:9b:ed:5e:33:19:a7:22:38:18:
11:8c:9e:f5:8e:f4:28:66:21:e9:58:1c:87:b5:9f:
94:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B1:40:B1:B8:1C:46:FA:C2:E4:F7:56:67:60:4D:FB:24:86:BA:A9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/cbFAsbgcRvrC5PdWZ2BN-ySGuqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.64.0/20
93.170.184.0/24
93.171.112.0/20
95.46.16.0/20
95.46.46.0/24
95.46.200.0-95.46.208.255
146.120.32.0/21
146.120.128.0-146.120.151.255
151.249.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4d:6e:d2:eb:47:e1:d2:e3:cd:d3:23:9d:46:4f:7b:bd:da:a5:
11:41:8f:45:95:64:a3:2b:b7:84:df:01:aa:41:f1:f9:3b:b2:
65:27:a1:93:c1:b1:c6:dd:82:1f:d6:fd:8d:03:e1:40:c2:49:
62:cf:ab:f5:5f:c6:6c:eb:15:f2:fa:75:2f:33:c9:6a:c2:66:
4c:8e:f8:62:e8:64:70:6b:83:d1:ff:23:8b:a3:e3:79:2b:82:
4a:21:d2:a2:c4:94:39:c4:b9:35:72:23:8e:68:15:8a:58:8a:
a8:ee:ff:7f:5e:2e:00:31:b6:5b:0d:a2:3c:08:6b:4a:da:71:
79:4e:d7:f4:c2:fa:ea:d9:f7:14:00:08:78:68:f3:11:50:72:
68:aa:8d:38:e9:4b:96:36:b8:9c:72:5b:f5:cc:93:ee:7c:5f:
f9:73:e2:d1:6b:81:e9:0f:43:0e:79:b5:2b:d7:40:29:f3:91:
e7:e4:71:51:ba:7d:64:c9:9f:78:64:5f:2f:4d:f3:a7:25:ab:
1f:7a:07:e6:24:a4:11:92:34:19:a6:7f:9b:dc:68:d3:7e:26:
16:5a:b4:d6:45:4b:bd:a1:96:2d:bf:96:be:fa:99:6b:bc:b8:
14:f8:7d:fb:c8:c3:51:ce:6f:be:68:0e:66:6f:24:8c:bc:98:
ef:09:3f:93
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzKKfA+xjI3nQWd0Oj7erQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWIxNDBiMWI4MWM0NmZhYzJlNGY3NTY2NzYwNGRmYjI0ODZiYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLFdjYfho3m8AtVyQ2t0wBFQkJ7D
3JmTTONHyOOaYJu2NAN8Gx3D3+5wmoeT4nuk+RDc6ZOCqbNtP4X2cWTZvKjqwMwA
5HDNd91cm2e2OaihnsNz7HM1Vp05/zb3APsrB9jLH75Kaw8D2YXpCmWXjvWoyuWx
wmSxLGhrC4zyFwq+9qdpct0IluSJT7kNTZHzY2QP9csm39C18hhjqhrZJw6OSqn3
vkl59EGQMLj0rPwJighUnvzZkcqRYf3KQj+ceG+2kWrH/mUtln5V9mcMfgpnYVu6
ntjUlpXj/1chsL5uDJi1boKb7V4zGaciOBgRjJ71jvQoZiHpWByHtZ+UXQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHGxQLG4HEb6wuT3VmdgTfskhrqpMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvY2JGQXNiZ2NSdnJDNVBkV1oyQk4teVNHdXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQEXCZAAwQA
Xaq4AwQEXatwAwQEXy4QAwQAXy4uMAwDBANfLsgDBABfLtADBAOSeCAwDAMEB5J4
gAMEA5J4kAMEB5f5gDANBgkqhkiG9w0BAQsFAAOCAQEATW7S60fh0uPN0yOdRk97
vdqlEUGPRZVkoyu3hN8BqkHx+TuyZSehk8Gxxt2CH9b9jQPhQMJJYs+r9V/GbOsV
8vp1LzPJasJmTI74YuhkcGuD0f8ji6PjeSuCSiHSosSUOcS5NXIjjmgViliKqO7/
f14uADG2Ww2iPAhrStpxeU7X9ML66tn3FAAIeGjzEVByaKqNOOlLlja4nHJb9cyT
7nxf+XPi0WuB6Q9DDnm1K9dAKfOR5+RxUbp9ZMmfeGRfL03zpyWrH3oH5iSkEZI0
GaZ/m9xo034mFlq01kVLvaGWLb+WvvqZa7y4FPh9+8jDUc5vvmgOZm8kjLyY7wk/
kw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:12 2024 by rpki-client on console-fra.rpki-client.org