Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/RSB-EpGcYmQqvCP-_BMVPLhK9Ks.roa
File: RSB-EpGcYmQqvCP-_BMVPLhK9Ks.roa (raw, json)
Hash identifier: MzdnDNmX9sqic4qV75otVvW5P1tM1d7/bzN2H6IaQR4=
Subject key identifier: 45:20:7E:12:91:9C:62:64:2A:BC:23:FE:FC:13:15:3C:B8:4A:F4:AB
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 018CC50108C226F627E5BBCBFC24F1478553
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/RSB-EpGcYmQqvCP-_BMVPLhK9Ks.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 77.222.136.0/24 maxlen: 24
194.146.197.0/24 maxlen: 24
188.0.64.0/23 maxlen: 23
188.0.66.0/24 maxlen: 24
93.183.215.0/24 maxlen: 24
88.81.248.0/24 maxlen: 24
93.183.229.0/24 maxlen: 24
93.183.228.0/24 maxlen: 24
46.164.152.0/23 maxlen: 23
193.108.50.0/24 maxlen: 24
193.108.51.0/24 maxlen: 24
93.183.197.0/24 maxlen: 24
195.69.176.0/24 maxlen: 24
80.91.171.0/24 maxlen: 24
80.91.182.0/24 maxlen: 24
46.164.160.0/22 maxlen: 22
185.8.42.0/23 maxlen: 23
91.204.95.0/24 maxlen: 24
185.8.41.0/24 maxlen: 24
185.8.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:08:c2:26:f6:27:e5:bb:cb:fc:24:f1:47:85:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45207e12919c62642abc23fefc13153cb84af4ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:31:ad:03:5e:d5:ad:ec:45:04:85:cf:b4:
b2:57:35:14:ea:a6:a2:37:55:7c:b0:d8:b8:ac:cc:
d7:60:44:c2:5f:53:26:01:71:3d:f6:26:fd:fb:7b:
5a:5d:09:05:3c:92:8c:04:41:53:be:24:33:7e:74:
8c:91:14:51:db:df:31:aa:0f:ff:81:2c:00:8a:d8:
f0:0a:b5:77:24:e2:c6:08:e0:8b:78:2f:6a:8d:33:
54:f5:ef:20:25:e1:8d:c9:2b:b5:62:5c:1d:16:6b:
95:ca:77:1f:cc:c3:3a:43:ca:44:9f:5f:ba:fb:2c:
22:f6:01:69:69:fc:ac:fc:bb:17:8c:ce:e3:3e:a7:
fc:6c:20:f8:bd:fc:2e:b8:c2:74:0f:12:dc:e5:98:
a6:79:47:86:f2:d8:b0:8b:65:b8:49:af:7b:00:fc:
02:df:e8:d9:7f:09:3e:5a:b3:7f:92:52:03:18:41:
85:1c:e7:f3:87:d8:ad:ad:30:a9:ca:3c:e3:36:75:
e6:2e:47:c3:8a:a3:19:f9:f4:67:29:9b:06:2a:90:
5f:a9:b6:f8:cd:a6:08:e9:8f:42:53:03:53:79:e3:
11:7b:bf:3f:9a:01:95:29:a2:d5:2e:e7:47:02:57:
67:1c:7e:e9:fd:9b:b7:24:35:76:7d:62:b3:75:55:
49:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:20:7E:12:91:9C:62:64:2A:BC:23:FE:FC:13:15:3C:B8:4A:F4:AB
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/RSB-EpGcYmQqvCP-_BMVPLhK9Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.164.152.0/23
46.164.160.0/22
77.222.136.0/24
80.91.171.0/24
80.91.182.0/24
88.81.248.0/24
91.204.95.0/24
93.183.197.0/24
93.183.215.0/24
93.183.228.0/23
185.8.40.0/22
188.0.64.0-188.0.66.255
193.108.50.0/23
194.146.197.0/24
195.69.176.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e0:97:2f:a6:e6:ff:c3:3f:8e:33:2c:d3:a5:dd:bc:82:db:
9b:92:0f:58:b4:84:48:c7:c3:27:31:33:3f:2b:5c:70:b2:4a:
0d:e1:53:ec:6b:05:02:a3:2e:ef:50:ee:eb:a0:7f:da:33:11:
a2:30:71:b7:db:a6:64:ba:59:e0:bf:bb:32:3e:a5:96:10:78:
02:09:ca:fb:d4:92:a1:f9:63:e0:90:6a:1d:93:e7:45:4c:e3:
65:ca:a5:8a:92:9f:83:6c:ae:bd:ae:5e:78:72:42:a4:85:1d:
35:d8:9e:4e:f4:de:a5:ee:1e:5e:7d:76:c5:77:65:6d:47:65:
b7:3a:51:55:ec:6d:c2:40:c7:23:fc:41:5b:a4:a8:cc:68:3c:
bf:e7:e8:57:4c:66:63:37:ed:54:e4:4c:bb:4a:be:08:4a:aa:
f6:a9:01:64:1d:f0:96:62:f5:dd:e0:5e:be:28:c2:c4:a1:38:
d7:05:f3:70:5f:e6:f1:ab:92:52:50:2a:ac:45:3a:b3:e5:3b:
92:ca:36:84:04:fd:57:20:87:d7:3b:58:66:36:93:ab:4a:4c:
b4:28:ee:47:6d:32:ff:e4:c0:2a:f4:b9:9e:01:5c:33:24:81:
89:9c:84:6a:8d:8e:ad:8f:0c:f3:49:af:f6:a0:e3:b8:20:6c:
6b:59:43:f1
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYzFAQjCJvYn5bvL/CTxR4VTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTIwN2UxMjkxOWM2MjY0MmFiYzIzZmVmYzEzMTUzY2I4NGFmNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1kxrQNe1a3sRQSFz7SyVzUU6qai
N1V8sNi4rMzXYETCX1MmAXE99ib9+3taXQkFPJKMBEFTviQzfnSMkRRR298xqg//
gSwAitjwCrV3JOLGCOCLeC9qjTNU9e8gJeGNySu1YlwdFmuVyncfzMM6Q8pEn1+6
+ywi9gFpafys/LsXjM7jPqf8bCD4vfwuuMJ0DxLc5ZimeUeG8tiwi2W4Sa97APwC
3+jZfwk+WrN/klIDGEGFHOfzh9itrTCpyjzjNnXmLkfDiqMZ+fRnKZsGKpBfqbb4
zaYI6Y9CUwNTeeMRe78/mgGVKaLVLudHAldnHH7p/Zu3JDV2fWKzdVVJnQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFEUgfhKRnGJkKrwj/vwTFTy4SvSrMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvUlNCLUVwR2NZbVFxdkNQLV9CTVZQTGhLOUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQBLqSYAwQC
LqSgAwQATd6IAwQAUFurAwQAUFu2AwQAWFH4AwQAW8xfAwQAXbfFAwQAXbfXAwQB
XbfkAwQCuQgoMAwDBAa8AEADBAC8AEIDBAHBbDIDBADCksUDBADDRbAwDQYJKoZI
hvcNAQELBQADggEBACvgly+m5v/DP44zLNOl3byC25uSD1i0hEjHwycxMz8rXHCy
Sg3hU+xrBQKjLu9Q7uugf9ozEaIwcbfbpmS6WeC/uzI+pZYQeAIJyvvUkqH5Y+CQ
ah2T50VM42XKpYqSn4Nsrr2uXnhyQqSFHTXYnk703qXuHl59dsV3ZW1HZbc6UVXs
bcJAxyP8QVukqMxoPL/n6FdMZmM37VTkTLtKvghKqvapAWQd8JZi9d3gXr4owsSh
ONcF83Bf5vGrklJQKqxFOrPlO5LKNoQE/Vcgh9c7WGY2k6tKTLQo7kdtMv/kwCr0
uZ4BXDMkgYmchGqNjq2PDPNJr/ag47ggbGtZQ/E=
-----END CERTIFICATE-----
Generated at Sun May 5 06:38:14 2024 by rpki-client on console-ams.rpki-client.org