Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/CGFxUoUCUUKulAuH1jlz6pSIneo.roa
File: CGFxUoUCUUKulAuH1jlz6pSIneo.roa (raw, json)
Hash identifier: V+uFU7SV+yFi3Dq3vLVVMW43axwdRwlxJ+kR7PwTokY=
Subject key identifier: 08:61:71:52:85:02:51:42:AE:94:0B:87:D6:39:73:EA:94:88:9D:EA
Certificate issuer: /CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Certificate serial: 018CC94CD22899FF1EFC13513BC4B6BF0772
Authority key identifier: 10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/CGFxUoUCUUKulAuH1jlz6pSIneo.roa
Signing time: Tue 02 Jan 2024 08:31:44 +0000
ROA not before: Tue 02 Jan 2024 08:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57948
IP address blocks: 185.70.44.0/24 maxlen: 24
185.70.45.0/24 maxlen: 24
185.70.46.0/24 maxlen: 24
185.70.47.0/24 maxlen: 24
91.236.244.0/24 maxlen: 24
91.236.245.0/24 maxlen: 24
171.25.229.0/24 maxlen: 24
2.57.42.0/24 maxlen: 24
2.57.43.0/24 maxlen: 24
2.57.41.0/24 maxlen: 24
2.57.40.0/24 maxlen: 24
2a05:2600::/32 maxlen: 32
2a05:2603::/32 maxlen: 32
2a05:2605::/32 maxlen: 32
2a05:2600::/29 maxlen: 29
2a05:2602::/32 maxlen: 32
2a05:2606::/32 maxlen: 32
2a05:2601::/32 maxlen: 32
2a05:2607::/32 maxlen: 32
2a05:2604::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:d2:28:99:ff:1e:fc:13:51:3b:c4:b6:bf:07:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Validity
Not Before: Jan 2 08:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0861715285025142ae940b87d63973ea94889dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:b5:13:37:24:09:59:88:46:b4:d4:23:c7:
54:6b:98:35:e2:d4:31:ca:5c:d6:98:14:d6:c7:5b:
d9:2f:46:e2:77:2f:09:a1:d9:ed:ef:b7:80:29:0a:
6c:3f:ee:1e:d3:8a:3a:92:70:55:58:a4:a5:e6:a7:
a5:fa:06:29:57:62:a3:31:6b:e5:23:3e:d9:50:ab:
7c:42:b9:73:d7:32:53:fc:95:06:e5:d5:b0:de:78:
f9:f6:15:0d:f2:fe:ec:ab:04:87:09:35:91:2d:55:
ee:5f:6f:e8:20:6a:0e:14:47:fc:36:5a:95:7f:8e:
9a:ef:bd:c9:8c:1d:31:1d:3b:93:44:a1:34:30:12:
e4:d8:d3:d1:46:84:b3:ee:2d:ab:bb:b8:6d:21:83:
e8:55:2d:1c:f0:85:94:e6:58:f1:cd:8e:52:84:99:
8e:41:38:ca:02:5e:f9:6a:2f:de:bf:2a:0c:c8:f3:
b1:84:69:a2:e9:79:40:93:bf:a4:1c:5a:f8:04:be:
06:b8:3b:29:0b:c9:4d:ab:3f:c3:c9:2d:88:f2:0d:
2b:7b:41:8d:a2:93:10:98:a4:ee:19:12:85:2a:7f:
a8:46:a4:c0:30:da:d0:46:70:2d:af:5b:51:ba:80:
f2:1a:fc:0f:db:51:86:d7:af:58:23:f3:13:02:4f:
bb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:61:71:52:85:02:51:42:AE:94:0B:87:D6:39:73:EA:94:88:9D:EA
X509v3 Authority Key Identifier:
keyid:10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/CGFxUoUCUUKulAuH1jlz6pSIneo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.40.0/22
91.236.244.0/23
171.25.229.0/24
185.70.44.0/22
IPv6:
2a05:2600::/29
Signature Algorithm: sha256WithRSAEncryption
bd:fb:45:0f:c0:57:85:d6:cf:1a:a3:94:89:19:ee:9a:b2:b2:
19:9f:44:69:b8:fb:a2:fe:14:97:a6:f8:40:c4:ef:19:f8:82:
5a:73:3d:f2:5c:cd:73:b5:25:ca:b0:8a:9a:ed:67:de:8c:cd:
d7:0c:f7:a2:59:1e:5e:69:89:6d:29:a3:d8:d5:ce:64:29:db:
91:95:11:77:30:0a:20:3a:6f:66:72:05:db:06:f1:eb:32:be:
07:c5:c6:e5:d9:9f:2f:fb:89:10:d3:77:d1:92:81:85:7e:83:
a0:be:9e:d0:44:71:fd:e6:db:ee:7e:2f:fa:55:a1:83:25:34:
9e:20:a8:3f:2b:d8:82:67:b8:59:1e:07:f6:cb:a0:9f:80:ed:
45:52:5e:36:ca:bb:43:9f:c6:57:96:42:c1:9f:6a:78:fa:98:
a0:7f:0d:c7:75:d6:11:0a:b5:d4:39:d9:d4:1b:61:e3:b0:de:
f1:48:9c:37:4a:da:08:93:a2:b8:fe:e9:ee:16:5b:35:a3:04:
d7:be:1e:23:00:f4:dc:36:22:c1:59:93:3c:28:a1:9b:16:a8:
d4:94:60:70:13:ba:cc:5e:5b:71:16:7c:92:3e:fc:8d:c7:75:
57:1e:f9:0f:39:62:11:20:ac:fc:28:09:0d:58:b1:9a:41:80:
5f:22:38:67
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTNIomf8e/BNRO8S2vwdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYThjNmU5MzA4YmIwMDA4MzEwMDE3MWUwMGRiYjYxNDBm
NGY1ODAwHhcNMjQwMTAyMDgzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYxNzE1Mjg1MDI1MTQyYWU5NDBiODdkNjM5NzNlYTk0ODg5ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw21EzckCVmIRrTUI8dUa5g14tQx
ylzWmBTWx1vZL0bidy8Jodnt77eAKQpsP+4e04o6knBVWKSl5qel+gYpV2KjMWvl
Iz7ZUKt8Qrlz1zJT/JUG5dWw3nj59hUN8v7sqwSHCTWRLVXuX2/oIGoOFEf8NlqV
f46a773JjB0xHTuTRKE0MBLk2NPRRoSz7i2ru7htIYPoVS0c8IWU5ljxzY5ShJmO
QTjKAl75ai/evyoMyPOxhGmi6XlAk7+kHFr4BL4GuDspC8lNqz/DyS2I8g0re0GN
opMQmKTuGRKFKn+oRqTAMNrQRnAtr1tRuoDyGvwP21GG169YI/MTAk+7IwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAhhcVKFAlFCrpQLh9Y5c+qUiJ3qMB8GA1UdIwQY
MBaAFBCoxukwi7AAgxABceANu2FA9PWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYt
NmI0OTdiMmMwYjM4LzEvQ0dGeFVvVUNVVUt1bEF1SDFqbHo2cFNJbmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYtNmI0OTdiMmMwYjM4
LzEvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjkoAwQB
W+z0AwQAqxnlAwQCuUYsMA0EAgACMAcDBQMqBSYAMA0GCSqGSIb3DQEBCwUAA4IB
AQC9+0UPwFeF1s8ao5SJGe6asrIZn0RpuPui/hSXpvhAxO8Z+IJacz3yXM1ztSXK
sIqa7WfejM3XDPeiWR5eaYltKaPY1c5kKduRlRF3MAogOm9mcgXbBvHrMr4Hxcbl
2Z8v+4kQ03fRkoGFfoOgvp7QRHH95tvufi/6VaGDJTSeIKg/K9iCZ7hZHgf2y6Cf
gO1FUl42yrtDn8ZXlkLBn2p4+pigfw3HddYRCrXUOdnUG2HjsN7xSJw3StoIk6K4
/unuFls1owTXvh4jAPTcNiLBWZM8KKGbFqjUlGBwE7rMXltxFnySPvyNx3VXHvkP
OWIRIKz8KAkNWLGaQYBfIjhn
-----END CERTIFICATE-----
Generated at Thu May 16 08:04:50 2024 by rpki-client on console-fra.rpki-client.org