Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/CbxXWY4mtMUDcqTe8f4t3z7PoP8.roa
File: CbxXWY4mtMUDcqTe8f4t3z7PoP8.roa (raw, json)
Hash identifier: RNSoKn+WlETjFYenhGTHOPk3v/AVZyVZM2VP8h4o8hM=
Subject key identifier: 09:BC:57:59:8E:26:B4:C5:03:72:A4:DE:F1:FE:2D:DF:3E:CF:A0:FF
Certificate issuer: /CN=ede0294d1305bebaf6894642bfd92fd439825102
Certificate serial: 018CCBC5AAA7457955CB09FD380518B91E2F
Authority key identifier: ED:E0:29:4D:13:05:BE:BA:F6:89:46:42:BF:D9:2F:D4:39:82:51:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7eApTRMFvrr2iUZCv9kv1DmCUQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/CbxXWY4mtMUDcqTe8f4t3z7PoP8.roa
Signing time: Tue 02 Jan 2024 20:02:58 +0000
ROA not before: Tue 02 Jan 2024 20:02:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44558
IP address blocks: 185.205.92.0/22 maxlen: 24
46.30.176.0/21 maxlen: 24
185.24.124.0/22 maxlen: 24
46.252.96.0/20 maxlen: 24
2a00:66e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/7eApTRMFvrr2iUZCv9kv1DmCUQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/7eApTRMFvrr2iUZCv9kv1DmCUQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7eApTRMFvrr2iUZCv9kv1DmCUQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:c5:aa:a7:45:79:55:cb:09:fd:38:05:18:b9:1e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ede0294d1305bebaf6894642bfd92fd439825102
Validity
Not Before: Jan 2 20:02:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09bc57598e26b4c50372a4def1fe2ddf3ecfa0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5a:a8:5c:d0:23:b1:9a:bf:88:2d:35:0f:0a:
c8:04:30:5d:e8:f2:4b:0a:be:71:99:0e:47:52:04:
8f:80:a5:ba:e3:28:34:f5:09:f2:1f:c6:c9:9d:75:
23:1b:17:d4:8b:a4:ee:f0:c4:d0:81:5a:89:1e:70:
19:bc:39:84:2f:71:dd:7a:93:b5:b5:be:78:c2:20:
bd:92:01:3d:28:38:f3:0a:28:95:d8:f7:f0:09:65:
77:49:33:14:ec:e4:d2:fd:de:c3:16:70:a0:c4:35:
fa:ac:9e:9b:3d:a4:1f:6e:4c:4e:45:33:73:d5:40:
9f:e3:22:bf:3c:8f:ce:24:47:99:be:67:6b:f9:bd:
c2:2d:6c:6e:14:42:a7:56:21:66:2f:e1:84:5c:f1:
96:f9:e0:86:4e:c3:72:4b:1a:6e:a5:4e:16:56:e2:
46:b3:3e:f5:9d:fe:aa:9f:2c:0d:bb:87:3e:64:d7:
9f:83:35:7e:62:bc:7d:23:ff:bd:13:cd:d4:92:2b:
35:c8:e0:41:82:c3:0b:93:a6:a6:c3:5a:0f:19:19:
48:69:54:25:d4:9b:a7:e8:20:69:f9:a2:f5:1f:47:
6a:03:58:6a:55:0b:7b:5c:b1:a9:dd:81:c6:ba:6f:
6d:a3:82:ee:6b:d7:1f:cb:00:6a:cf:37:a7:a6:23:
79:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BC:57:59:8E:26:B4:C5:03:72:A4:DE:F1:FE:2D:DF:3E:CF:A0:FF
X509v3 Authority Key Identifier:
keyid:ED:E0:29:4D:13:05:BE:BA:F6:89:46:42:BF:D9:2F:D4:39:82:51:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7eApTRMFvrr2iUZCv9kv1DmCUQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/CbxXWY4mtMUDcqTe8f4t3z7PoP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6616ac-87cd-4edf-b107-046a3a9aacb9/1/7eApTRMFvrr2iUZCv9kv1DmCUQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.176.0/21
46.252.96.0/20
185.24.124.0/22
185.205.92.0/22
IPv6:
2a00:66e0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:de:7f:30:aa:a6:8d:a6:c0:53:61:ae:c9:c5:26:c9:c9:e6:
c9:e5:e3:7c:cf:37:ea:36:03:e7:b2:8f:a6:d2:09:33:ba:c9:
52:9f:5b:2f:8e:10:cc:3a:45:cd:9d:29:88:0a:85:0f:fa:36:
d0:a2:ad:69:b0:3b:b5:5c:e0:57:dc:cb:ec:44:37:de:f9:7c:
e7:0a:b4:7f:26:a1:5f:e9:af:c4:b3:6c:db:7a:04:23:7d:4d:
9d:c5:0e:d0:6f:c7:46:65:34:41:77:37:de:6b:0f:17:36:d3:
88:69:06:e1:ce:23:da:5e:f0:a4:2e:66:4e:ee:d2:63:b8:db:
62:4d:5a:e8:4e:ab:1c:e5:c9:60:91:78:2a:c1:4d:94:ad:11:
56:fa:50:21:2f:59:47:1a:73:ed:3d:f4:46:81:ff:20:e8:c8:
86:8c:4a:69:25:cd:60:61:84:97:ab:5b:e5:8f:56:99:b0:2b:
e3:91:e2:e1:af:11:45:a9:23:22:88:73:00:09:3b:51:14:a8:
0c:55:0e:96:a9:f0:9a:15:83:48:f7:db:af:14:c9:76:f5:66:
1c:e5:ef:3b:97:c4:28:37:3f:ad:20:80:d8:35:93:01:8e:01:
d6:9a:25:0d:00:45:8a:6d:fc:f5:c2:23:43:f3:f0:51:22:12:
0e:9c:96:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzLxaqnRXlVywn9OAUYuR4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZTAyOTRkMTMwNWJlYmFmNjg5NDY0MmJmZDkyZmQ0Mzk4
MjUxMDIwHhcNMjQwMTAyMjAwMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWJjNTc1OThlMjZiNGM1MDM3MmE0ZGVmMWZlMmRkZjNlY2ZhMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFqoXNAjsZq/iC01DwrIBDBd6PJL
Cr5xmQ5HUgSPgKW64yg09QnyH8bJnXUjGxfUi6Tu8MTQgVqJHnAZvDmEL3HdepO1
tb54wiC9kgE9KDjzCiiV2PfwCWV3STMU7OTS/d7DFnCgxDX6rJ6bPaQfbkxORTNz
1UCf4yK/PI/OJEeZvmdr+b3CLWxuFEKnViFmL+GEXPGW+eCGTsNySxpupU4WVuJG
sz71nf6qnywNu4c+ZNefgzV+Yrx9I/+9E83Ukis1yOBBgsMLk6amw1oPGRlIaVQl
1Jun6CBp+aL1H0dqA1hqVQt7XLGp3YHGum9to4Lua9cfywBqzzenpiN5oQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAm8V1mOJrTFA3Kk3vH+Ld8+z6D/MB8GA1UdIwQY
MBaAFO3gKU0TBb669olGQr/ZL9Q5glECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2VBcFRSTUZ2cnIyaVVaQ3Y5a3YxRG1DVVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82NjE2YWMtODdjZC00ZWRmLWIxMDct
MDQ2YTNhOWFhY2I5LzEvQ2J4WFdZNG10TVVEY3FUZThmNHQzejdQb1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82NjE2YWMtODdjZC00ZWRmLWIxMDctMDQ2YTNhOWFhY2I5
LzEvN2VBcFRSTUZ2cnIyaVVaQ3Y5a3YxRG1DVVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLh6wAwQE
LvxgAwQCuRh8AwQCuc1cMA0EAgACMAcDBQAqAGbgMA0GCSqGSIb3DQEBCwUAA4IB
AQBd3n8wqqaNpsBTYa7JxSbJyebJ5eN8zzfqNgPnso+m0gkzuslSn1svjhDMOkXN
nSmICoUP+jbQoq1psDu1XOBX3MvsRDfe+XznCrR/JqFf6a/Es2zbegQjfU2dxQ7Q
b8dGZTRBdzfeaw8XNtOIaQbhziPaXvCkLmZO7tJjuNtiTVroTqsc5clgkXgqwU2U
rRFW+lAhL1lHGnPtPfRGgf8g6MiGjEppJc1gYYSXq1vlj1aZsCvjkeLhrxFFqSMi
iHMACTtRFKgMVQ6WqfCaFYNI99uvFMl29WYc5e87l8QoNz+tIIDYNZMBjgHWmiUN
AEWKbfz1wiND8/BRIhIOnJYF
-----END CERTIFICATE-----
Generated at Sat May 18 16:20:00 2024 by rpki-client on console-ams.rpki-client.org