Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/RgOC4-OGtUBZHIgqB4laluPkgV0.roa
File: RgOC4-OGtUBZHIgqB4laluPkgV0.roa (raw, json)
Hash identifier: /lwJVthfTJhRFOhbYA1AZwgCUBaTpEifYiWHV9bYBnk=
Subject key identifier: 46:03:82:E3:E3:86:B5:40:59:1C:88:2A:07:89:5A:96:E3:E4:81:5D
Certificate issuer: /CN=570a181aa090cb970605a25a7a57d653547f2324
Certificate serial: 018CC9BBFA461FFBEAA2C7A99CCD701D4AAA
Authority key identifier: 57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/RgOC4-OGtUBZHIgqB4laluPkgV0.roa
Signing time: Tue 02 Jan 2024 10:33:08 +0000
ROA not before: Tue 02 Jan 2024 10:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49054
IP address blocks: 95.131.168.0/22 maxlen: 22
95.131.170.0/24 maxlen: 24
95.131.169.0/24 maxlen: 24
185.247.233.0/24 maxlen: 24
185.247.232.0/24 maxlen: 24
185.247.232.0/22 maxlen: 22
185.247.234.0/24 maxlen: 24
2a0d:d080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fa:46:1f:fb:ea:a2:c7:a9:9c:cd:70:1d:4a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570a181aa090cb970605a25a7a57d653547f2324
Validity
Not Before: Jan 2 10:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=460382e3e386b540591c882a07895a96e3e4815d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:99:1d:3b:de:cc:c9:02:87:77:5c:81:64:f5:
25:b2:ff:a0:f6:de:9e:0c:0e:39:52:dd:c1:66:e1:
fa:50:9e:62:29:02:5b:5e:03:2b:66:de:e5:f6:9a:
db:63:01:38:7f:e1:45:e7:0f:79:ff:b4:3c:23:27:
8d:ce:b5:e1:7f:46:91:36:4b:77:d2:d4:db:ed:c4:
ce:29:56:9d:d7:f3:e8:8a:af:c6:e0:68:6b:fe:97:
1e:1c:14:b3:4a:90:76:07:9c:56:4c:a9:7f:dc:c0:
67:7a:7f:2a:40:ee:4e:3d:b3:75:d7:bf:92:a5:53:
40:48:62:68:70:7b:c0:82:e9:11:9c:29:34:03:f5:
d2:82:bb:e1:08:40:14:c7:36:1d:16:97:39:ba:52:
15:5e:22:87:2d:bd:95:14:69:85:2a:ba:3c:34:c4:
ab:85:49:65:c6:a8:ee:06:13:55:e5:4f:79:f8:f5:
34:0c:e2:53:31:70:68:1e:24:b0:eb:ef:5e:f6:65:
26:ea:62:2d:fb:a4:da:85:fd:20:e7:2b:98:12:d9:
75:d4:0d:dd:87:54:fe:ff:76:de:45:f2:d6:9c:8f:
ef:ae:c5:72:71:e3:81:a9:25:05:24:ae:91:32:ab:
3f:da:bc:64:a0:e2:a3:e3:0d:74:d7:37:e1:6b:59:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:03:82:E3:E3:86:B5:40:59:1C:88:2A:07:89:5A:96:E3:E4:81:5D
X509v3 Authority Key Identifier:
keyid:57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/RgOC4-OGtUBZHIgqB4laluPkgV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.168.0/22
185.247.232.0/22
IPv6:
2a0d:d080::/29
Signature Algorithm: sha256WithRSAEncryption
32:88:f8:3e:ef:49:9e:17:ba:95:f7:2f:d8:e4:18:01:f5:2d:
85:6b:7c:31:91:0b:63:40:0e:95:67:e3:d8:a5:13:0c:29:b6:
d4:8f:a8:ec:25:9e:cb:35:ff:28:89:47:57:b4:14:ee:de:a5:
05:6e:b3:a6:ce:2c:24:ef:8f:86:fb:e3:d5:42:8a:93:c8:80:
ba:aa:92:2a:ab:ff:aa:59:bb:23:b5:d5:98:ae:84:e5:c1:18:
f7:9b:76:63:29:14:4c:50:e1:47:0f:2c:0b:f8:cd:6b:c4:4a:
97:26:34:86:a0:07:24:55:5f:64:61:33:f3:9a:82:e2:51:6c:
64:be:cc:02:4a:c8:a2:b8:e0:c1:54:6e:a2:7c:bd:a0:ea:f5:
81:16:a7:2f:8b:21:98:94:d2:d6:9b:93:32:87:0a:91:a1:78:
b0:8c:95:8f:bf:e0:fa:46:64:31:51:e1:c4:ed:b8:b4:b2:c8:
16:30:a6:a8:9d:fd:b8:9e:d0:f8:d0:9f:c8:37:27:f3:9e:4c:
bd:ea:ef:97:f8:c2:55:33:72:6e:f1:cc:80:25:8f:d6:b2:49:
69:6e:42:a7:ef:e2:29:45:04:72:2c:a7:26:ac:c2:3f:3a:2a:
c5:47:1e:6c:b1:14:99:5b:30:92:c2:91:9f:d4:8d:4d:78:c5:
c7:2e:df:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJu/pGH/vqosepnM1wHUqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGExODFhYTA5MGNiOTcwNjA1YTI1YTdhNTdkNjUzNTQ3
ZjIzMjQwHhcNMjQwMTAyMTAzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjAzODJlM2UzODZiNTQwNTkxYzg4MmEwNzg5NWE5NmUzZTQ4MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5kdO97MyQKHd1yBZPUlsv+g9t6e
DA45Ut3BZuH6UJ5iKQJbXgMrZt7l9prbYwE4f+FF5w95/7Q8IyeNzrXhf0aRNkt3
0tTb7cTOKVad1/Poiq/G4Ghr/pceHBSzSpB2B5xWTKl/3MBnen8qQO5OPbN117+S
pVNASGJocHvAgukRnCk0A/XSgrvhCEAUxzYdFpc5ulIVXiKHLb2VFGmFKro8NMSr
hUllxqjuBhNV5U95+PU0DOJTMXBoHiSw6+9e9mUm6mIt+6Tahf0g5yuYEtl11A3d
h1T+/3beRfLWnI/vrsVyceOBqSUFJK6RMqs/2rxkoOKj4w101zfha1lYhwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEYDguPjhrVAWRyIKgeJWpbj5IFdMB8GA1UdIwQY
MBaAFFcKGBqgkMuXBgWiWnpX1lNUfyMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzIt
YTYzNzY1MGM3NGFlLzEvUmdPQzQtT0d0VUJaSElncUI0bGFsdVBrZ1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzItYTYzNzY1MGM3NGFl
LzEvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX4OoAwQC
uffoMA0EAgACMAcDBQMqDdCAMA0GCSqGSIb3DQEBCwUAA4IBAQAyiPg+70meF7qV
9y/Y5BgB9S2Fa3wxkQtjQA6VZ+PYpRMMKbbUj6jsJZ7LNf8oiUdXtBTu3qUFbrOm
ziwk74+G++PVQoqTyIC6qpIqq/+qWbsjtdWYroTlwRj3m3ZjKRRMUOFHDywL+M1r
xEqXJjSGoAckVV9kYTPzmoLiUWxkvswCSsiiuODBVG6ifL2g6vWBFqcviyGYlNLW
m5MyhwqRoXiwjJWPv+D6RmQxUeHE7bi0ssgWMKaonf24ntD40J/INyfznky96u+X
+MJVM3Ju8cyAJY/WsklpbkKn7+IpRQRyLKcmrMI/OirFRx5ssRSZWzCSwpGf1I1N
eMXHLt8J
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:23 2024 by rpki-client on console-fra.rpki-client.org