Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/b0t0WtgMUlfKTwDF7CtC75pawmI.roa
File: b0t0WtgMUlfKTwDF7CtC75pawmI.roa (raw, json)
Hash identifier: BQP9rfEkM3KqvBpyKOFGaw+hPDT/hI+iUV1NEB/D8eo=
Subject key identifier: 6F:4B:74:5A:D8:0C:52:57:CA:4F:00:C5:EC:2B:42:EF:9A:5A:C2:62
Certificate issuer: /CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Certificate serial: 018CCA2B96DDBAA534072DF683171B6DA820
Authority key identifier: E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/b0t0WtgMUlfKTwDF7CtC75pawmI.roa
Signing time: Tue 02 Jan 2024 12:35:03 +0000
ROA not before: Tue 02 Jan 2024 12:35:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48737
IP address blocks: 185.56.239.0/24 maxlen: 24
185.56.236.0/24 maxlen: 24
185.56.237.0/24 maxlen: 24
185.56.238.0/24 maxlen: 24
185.59.73.0/24 maxlen: 24
185.59.74.0/24 maxlen: 24
185.59.75.0/24 maxlen: 24
185.59.72.0/24 maxlen: 24
81.22.97.0/24 maxlen: 24
81.22.98.0/24 maxlen: 24
81.22.96.0/24 maxlen: 24
81.22.104.0/24 maxlen: 24
81.22.105.0/24 maxlen: 24
81.22.101.0/24 maxlen: 24
81.22.102.0/24 maxlen: 24
81.22.103.0/24 maxlen: 24
81.22.99.0/24 maxlen: 24
81.22.100.0/24 maxlen: 24
81.22.111.0/24 maxlen: 24
81.22.108.0/24 maxlen: 24
81.22.109.0/24 maxlen: 24
81.22.110.0/24 maxlen: 24
81.22.106.0/24 maxlen: 24
81.22.107.0/24 maxlen: 24
95.128.58.0/24 maxlen: 24
95.128.56.0/24 maxlen: 24
95.128.57.0/24 maxlen: 24
95.128.62.0/24 maxlen: 24
95.128.63.0/24 maxlen: 24
95.128.59.0/24 maxlen: 24
95.128.60.0/24 maxlen: 24
95.128.61.0/24 maxlen: 24
46.20.144.0/24 maxlen: 24
46.20.145.0/24 maxlen: 24
46.20.150.0/24 maxlen: 24
46.20.151.0/24 maxlen: 24
46.20.152.0/24 maxlen: 24
46.20.147.0/24 maxlen: 24
46.20.148.0/24 maxlen: 24
46.20.149.0/24 maxlen: 24
46.20.146.0/24 maxlen: 24
46.20.157.0/24 maxlen: 24
46.20.158.0/24 maxlen: 24
46.20.159.0/24 maxlen: 24
46.20.154.0/24 maxlen: 24
46.20.155.0/24 maxlen: 24
46.20.156.0/24 maxlen: 24
46.20.153.0/24 maxlen: 24
37.58.16.0/24 maxlen: 24
37.58.17.0/24 maxlen: 24
37.58.23.0/24 maxlen: 24
37.58.19.0/24 maxlen: 24
37.58.20.0/24 maxlen: 24
37.58.21.0/24 maxlen: 24
37.58.22.0/24 maxlen: 24
37.58.18.0/24 maxlen: 24
2a02:dc40::/48 maxlen: 48
2a02:dc40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:96:dd:ba:a5:34:07:2d:f6:83:17:1b:6d:a8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Validity
Not Before: Jan 2 12:35:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f4b745ad80c5257ca4f00c5ec2b42ef9a5ac262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ec:b2:a7:30:df:5c:6d:62:bb:63:01:2d:0e:
20:4b:30:a8:cf:d9:5c:6f:64:b6:35:e6:ed:07:75:
2e:a0:ba:d1:17:6f:e2:c0:02:c7:54:bc:50:59:7e:
d5:21:94:96:b5:6c:5c:45:ab:66:30:3b:f4:9e:96:
c0:6f:11:7d:66:90:f0:21:e0:ad:2e:f4:68:a2:a6:
70:d0:f6:65:98:c6:dd:c0:86:fa:e3:68:ea:56:02:
34:5d:e1:17:4e:fa:c0:ed:62:bf:7a:0b:55:f3:8f:
62:7f:40:8e:b9:5c:f7:50:b3:5c:1b:08:0d:09:2f:
e1:cd:4c:ca:67:69:47:38:2a:ad:74:29:eb:3e:85:
94:48:92:15:31:8c:90:0e:e4:81:a1:ed:f4:61:8e:
a9:e2:dc:61:a4:79:33:58:ea:db:9a:36:17:75:0e:
e0:e9:1e:b5:c6:77:22:45:ae:92:21:b3:55:00:13:
f5:0a:84:b2:a4:32:12:9c:b9:79:0c:b1:29:09:ce:
5f:8b:0a:38:e2:46:4d:87:e9:f2:68:49:d8:ea:a9:
53:17:2c:b2:fa:9d:f9:96:48:7e:07:6f:32:16:2d:
61:25:9e:39:58:76:8a:62:ad:5c:71:f8:24:fa:a3:
1f:d4:ac:b8:d9:f4:61:71:ee:88:c9:5a:ef:eb:d0:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4B:74:5A:D8:0C:52:57:CA:4F:00:C5:EC:2B:42:EF:9A:5A:C2:62
X509v3 Authority Key Identifier:
keyid:E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/b0t0WtgMUlfKTwDF7CtC75pawmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.16.0/21
46.20.144.0/20
81.22.96.0/20
95.128.56.0/21
185.56.236.0/22
185.59.72.0/22
IPv6:
2a02:dc40::/47
Signature Algorithm: sha256WithRSAEncryption
84:69:c0:84:ff:c0:21:26:d0:2b:1f:7e:77:e8:b2:f2:91:d2:
c1:fb:9f:48:37:48:46:b4:39:5f:21:2f:41:3d:a8:17:a4:c1:
3c:de:0b:b8:52:a0:72:c7:53:05:83:13:ee:b6:6d:6f:7e:f0:
23:b1:ad:4c:23:3a:70:53:e2:ce:32:26:d9:74:ad:ca:1c:61:
20:e1:86:18:62:d6:1b:d3:08:d3:79:eb:7e:3e:cf:c9:73:bd:
f2:e6:9d:af:04:b2:37:6d:0a:12:8d:a7:c2:fe:31:0d:ba:04:
74:c1:c9:96:d3:b2:df:34:e5:37:ae:16:24:c5:d4:14:35:0e:
c8:23:b4:70:8b:38:e0:d2:cb:f3:c8:3d:bb:4a:68:20:b0:e9:
40:30:88:74:bc:34:a4:05:45:27:e0:78:fd:6a:73:40:23:e5:
89:e2:21:74:38:ad:ca:b9:4f:f0:91:c3:1e:e0:4e:cb:30:e8:
46:0e:8b:18:6c:5b:09:8d:93:fd:7a:3d:db:27:b5:a9:79:b0:
a7:34:77:b7:36:0c:e9:9e:83:4b:d0:4e:de:8b:0a:8a:ad:3c:
5f:d8:05:a0:b2:bc:8f:bb:e5:03:0d:3b:88:75:e5:fc:ec:ec:
70:df:5a:16:dc:08:85:9a:1c:fd:a3:2f:5a:1f:de:b4:0f:a8:
a5:28:b3:01
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzKK5bduqU0By32gxcbbaggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTViZTQ1MzJlOTU4OGM0MDUzMWE3ZjMzMWVhYmZiZjQ3
NzBhNWUwHhcNMjQwMTAyMTIzNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjRiNzQ1YWQ4MGM1MjU3Y2E0ZjAwYzVlYzJiNDJlZjlhNWFjMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieyypzDfXG1iu2MBLQ4gSzCoz9lc
b2S2NebtB3UuoLrRF2/iwALHVLxQWX7VIZSWtWxcRatmMDv0npbAbxF9ZpDwIeCt
LvRooqZw0PZlmMbdwIb642jqVgI0XeEXTvrA7WK/egtV849if0COuVz3ULNcGwgN
CS/hzUzKZ2lHOCqtdCnrPoWUSJIVMYyQDuSBoe30YY6p4txhpHkzWOrbmjYXdQ7g
6R61xnciRa6SIbNVABP1CoSypDISnLl5DLEpCc5fiwo44kZNh+nyaEnY6qlTFyyy
+p35lkh+B28yFi1hJZ45WHaKYq1ccfgk+qMf1Ky42fRhce6IyVrv69A4awIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFG9LdFrYDFJXyk8AxewrQu+aWsJiMB8GA1UdIwQY
MBaAFOIVvkUy6ViMQFMafzMeq/v0dwpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEt
NDY1MWZkODAyNzM3LzEvYjB0MFd0Z01VbGZLVHdERjdDdEM3NXBhd21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEtNDY1MWZkODAyNzM3
LzEvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQDJToQAwQE
LhSQAwQEURZgAwQDX4A4AwQCuTjsAwQCuTtIMA8EAgACMAkDBwEqAtxAAAAwDQYJ
KoZIhvcNAQELBQADggEBAIRpwIT/wCEm0CsffnfosvKR0sH7n0g3SEa0OV8hL0E9
qBekwTzeC7hSoHLHUwWDE+62bW9+8COxrUwjOnBT4s4yJtl0rcocYSDhhhhi1hvT
CNN5634+z8lzvfLmna8EsjdtChKNp8L+MQ26BHTByZbTst805TeuFiTF1BQ1Dsgj
tHCLOODSy/PIPbtKaCCw6UAwiHS8NKQFRSfgeP1qc0Aj5YniIXQ4rcq5T/CRwx7g
Tssw6EYOixhsWwmNk/16Pdsntal5sKc0d7c2DOmeg0vQTt6LCoqtPF/YBaCyvI+7
5QMNO4h15fzs7HDfWhbcCIWaHP2jL1of3rQPqKUoswE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:25 2024 by rpki-client on console-fra.rpki-client.org