Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/f114cWYKe42ZAAlbaz5x8NhLHCo.roa
File: f114cWYKe42ZAAlbaz5x8NhLHCo.roa (raw, json)
Hash identifier: 5lCUt2yc4MTwxYGnHwLliYXoypodtGv5tAuHgxqQu7E=
Subject key identifier: 7F:5D:78:71:66:0A:7B:8D:99:00:09:5B:6B:3E:71:F0:D8:4B:1C:2A
Certificate issuer: /CN=b56a8c91ad31745ff727da0482ede1b2fab462e7
Certificate serial: 018CC3B6E76B5080A7C10D98A185D2DA3A9F
Authority key identifier: B5:6A:8C:91:AD:31:74:5F:F7:27:DA:04:82:ED:E1:B2:FA:B4:62:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/f114cWYKe42ZAAlbaz5x8NhLHCo.roa
Signing time: Mon 01 Jan 2024 06:29:53 +0000
ROA not before: Mon 01 Jan 2024 06:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51625
IP address blocks: 185.204.233.0/24 maxlen: 24
46.31.112.0/24 maxlen: 24
185.204.232.0/24 maxlen: 24
46.31.116.0/24 maxlen: 24
185.204.235.0/24 maxlen: 24
46.31.114.0/24 maxlen: 24
46.31.115.0/24 maxlen: 24
185.204.234.0/24 maxlen: 24
46.31.113.0/24 maxlen: 24
46.31.117.0/24 maxlen: 24
46.31.118.0/24 maxlen: 24
46.31.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e7:6b:50:80:a7:c1:0d:98:a1:85:d2:da:3a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b56a8c91ad31745ff727da0482ede1b2fab462e7
Validity
Not Before: Jan 1 06:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f5d7871660a7b8d9900095b6b3e71f0d84b1c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:48:0e:14:b8:27:a4:f8:33:99:13:4c:6a:f3:
02:3b:db:42:35:e3:01:fc:51:d4:cd:dc:70:cd:d4:
97:24:c2:f1:e4:29:b1:d6:a6:8b:04:1c:92:17:7a:
6b:13:d3:15:38:06:4a:90:fe:d0:87:4d:0d:be:b0:
77:6a:06:81:69:52:6e:e5:41:58:af:d2:33:da:dc:
ad:80:b9:4f:b0:ff:4c:89:5b:66:d5:10:d3:b6:4f:
71:c0:f8:90:e0:b8:31:55:cd:28:c8:14:a4:47:ce:
80:d3:ba:b6:48:93:ec:3c:dc:e3:fd:07:8c:a9:67:
34:41:9e:2f:7c:0a:dd:98:f6:6b:8a:d1:d5:4a:1b:
5d:79:91:0d:c6:ff:f0:2b:5e:b1:d1:af:7d:0f:27:
c0:7d:29:84:11:aa:c8:ed:52:b2:ef:d4:e1:bf:ec:
44:93:3b:bc:bd:f0:d8:78:eb:63:0f:98:3e:27:f6:
b0:f0:f3:6f:f7:b0:a4:70:55:9b:5b:0a:c1:d6:5d:
ac:41:a0:91:a1:59:63:1a:42:e1:6e:cf:e5:02:18:
ee:ad:f6:3a:37:b4:b6:f9:4c:09:d2:5d:1e:df:b5:
0f:3e:b0:48:77:b5:3c:3d:f2:37:15:24:08:0f:3b:
dd:14:25:2a:42:76:a0:b5:8d:9a:a1:d8:ef:b7:f9:
0b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5D:78:71:66:0A:7B:8D:99:00:09:5B:6B:3E:71:F0:D8:4B:1C:2A
X509v3 Authority Key Identifier:
keyid:B5:6A:8C:91:AD:31:74:5F:F7:27:DA:04:82:ED:E1:B2:FA:B4:62:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/f114cWYKe42ZAAlbaz5x8NhLHCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.112.0/21
185.204.232.0/22
Signature Algorithm: sha256WithRSAEncryption
47:bf:9d:5e:ef:53:0b:a0:56:c9:d5:c4:b9:d4:d9:7a:89:c7:
b8:03:38:02:90:9c:54:e9:4e:13:a0:6d:2f:7e:a6:0b:ee:cf:
e0:38:43:07:69:4e:5f:b4:5d:d7:2c:e6:64:1a:92:72:b3:a1:
39:4f:53:18:89:6d:d6:d8:b5:3a:8e:09:89:df:6d:dd:86:bb:
d5:b0:ec:63:a5:0d:b8:2f:70:08:ac:86:9e:d8:f3:36:6a:e0:
d5:5d:fc:76:5b:2a:23:48:b7:a0:dc:9a:f1:af:ab:c6:fe:58:
f7:d2:05:ad:43:93:99:90:15:17:af:f5:8c:bb:58:89:de:42:
63:ff:5a:df:e7:e4:d8:85:56:de:ea:70:2f:10:90:c4:9d:c7:
f3:4e:06:64:23:81:33:e8:c4:5a:a0:c1:73:ac:7f:4f:9d:1d:
c0:e2:6f:bc:25:0d:9a:a3:f9:67:5f:13:0d:71:10:6e:aa:41:
be:ee:e8:e5:16:f2:f8:16:bb:44:a9:64:5b:82:05:18:14:97:
f9:19:a1:ef:f3:69:2a:61:3f:36:dc:08:16:96:d0:dc:bd:77:
ef:3e:c8:44:bb:df:e3:a8:8a:42:53:7e:24:81:58:a6:e6:96:
58:6e:f9:09:4e:fa:bb:3c:60:8e:5a:93:ed:8c:1a:f7:df:5b:
38:a9:5a:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtudrUICnwQ2YoYXS2jqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE4YzkxYWQzMTc0NWZmNzI3ZGEwNDgyZWRlMWIyZmFi
NDYyZTcwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVkNzg3MTY2MGE3YjhkOTkwMDA5NWI2YjNlNzFmMGQ4NGIxYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kgOFLgnpPgzmRNMavMCO9tCNeMB
/FHUzdxwzdSXJMLx5Cmx1qaLBBySF3prE9MVOAZKkP7Qh00NvrB3agaBaVJu5UFY
r9Iz2tytgLlPsP9MiVtm1RDTtk9xwPiQ4LgxVc0oyBSkR86A07q2SJPsPNzj/QeM
qWc0QZ4vfArdmPZritHVShtdeZENxv/wK16x0a99DyfAfSmEEarI7VKy79Thv+xE
kzu8vfDYeOtjD5g+J/aw8PNv97CkcFWbWwrB1l2sQaCRoVljGkLhbs/lAhjurfY6
N7S2+UwJ0l0e37UPPrBId7U8PfI3FSQIDzvdFCUqQnagtY2aodjvt/kLywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH9deHFmCnuNmQAJW2s+cfDYSxwqMB8GA1UdIwQY
MBaAFLVqjJGtMXRf9yfaBILt4bL6tGLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdxTWthMHhkRl8zSjlvRWd1M2hzdnEwWXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zNWZmMzItYTY4Ny00ZjUwLTk2OWEt
OTg2NDg5MDE2ODhmLzEvZjExNGNXWUtlNDJaQUFsYmF6NXg4TmhMSENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zNWZmMzItYTY4Ny00ZjUwLTk2OWEtOTg2NDg5MDE2ODhm
LzEvdFdxTWthMHhkRl8zSjlvRWd1M2hzdnEwWXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLh9wAwQC
uczoMA0GCSqGSIb3DQEBCwUAA4IBAQBHv51e71MLoFbJ1cS51Nl6ice4AzgCkJxU
6U4ToG0vfqYL7s/gOEMHaU5ftF3XLOZkGpJys6E5T1MYiW3W2LU6jgmJ323dhrvV
sOxjpQ24L3AIrIae2PM2auDVXfx2WyojSLeg3Jrxr6vG/lj30gWtQ5OZkBUXr/WM
u1iJ3kJj/1rf5+TYhVbe6nAvEJDEncfzTgZkI4Ez6MRaoMFzrH9PnR3A4m+8JQ2a
o/lnXxMNcRBuqkG+7ujlFvL4FrtEqWRbggUYFJf5GaHv82kqYT823AgWltDcvXfv
PshEu9/jqIpCU34kgVim5pZYbvkJTvq7PGCOWpPtjBr331s4qVpR
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:27:06 2024 by rpki-client on console-ams.rpki-client.org