Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/53i129jwzzw7Keb1WydfxJVpB7E.roa
File: 53i129jwzzw7Keb1WydfxJVpB7E.roa (raw, json)
Hash identifier: UtJyKPWICWQQ7/YoYuRgw9+BSNB/iVvLoBpBvCNZ6Kg=
Subject key identifier: E7:78:B5:DB:D8:F0:CF:3C:3B:29:E6:F5:5B:27:5F:C4:95:69:07:B1
Certificate issuer: /CN=1201cc343074102efa7f0c30f29499e1ad56e29f
Certificate serial: 018CC9BC54F5D8F9EE40F007FFF2C0F7ABDD
Authority key identifier: 12:01:CC:34:30:74:10:2E:FA:7F:0C:30:F2:94:99:E1:AD:56:E2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/53i129jwzzw7Keb1WydfxJVpB7E.roa
Signing time: Tue 02 Jan 2024 10:33:32 +0000
ROA not before: Tue 02 Jan 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42442
IP address blocks: 130.0.77.0/24 maxlen: 24
130.0.72.0/21 maxlen: 32
130.0.73.0/24 maxlen: 24
195.137.170.0/24 maxlen: 32
185.165.16.0/22 maxlen: 22
46.167.160.0/19 maxlen: 24
194.50.164.0/24 maxlen: 32
91.208.160.0/24 maxlen: 24
195.137.170.121/32 maxlen: 32
46.167.169.20/32 maxlen: 32
195.137.170.122/32 maxlen: 32
2a03:9480:302::/48 maxlen: 48
2a03:9480::/32 maxlen: 32
2a03:9480:200::/40 maxlen: 40
2a03:9480:300::/40 maxlen: 40
2a03:9480:301::/48 maxlen: 48
2a00:f660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/EgHMNDB0EC76fwww8pSZ4a1W4p8.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/EgHMNDB0EC76fwww8pSZ4a1W4p8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:54:f5:d8:f9:ee:40:f0:07:ff:f2:c0:f7:ab:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1201cc343074102efa7f0c30f29499e1ad56e29f
Validity
Not Before: Jan 2 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e778b5dbd8f0cf3c3b29e6f55b275fc4956907b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:22:95:08:eb:33:b2:0e:4f:c0:56:0e:79:
e2:4d:b5:a3:dd:cf:27:9c:b9:a3:31:d0:a9:a1:fb:
ac:ef:67:59:d4:e8:9e:e6:60:2a:2a:01:b5:01:38:
13:b9:cc:bb:6e:6f:90:56:bf:ee:69:01:6d:99:71:
ba:83:db:00:6b:d5:c3:07:3b:e1:26:fc:20:ec:f8:
63:6f:5a:9d:e5:fa:2f:a6:67:62:48:4d:3c:97:2f:
b3:c6:b9:fa:86:25:e9:67:83:d4:96:61:3e:21:67:
b4:76:06:a8:71:4a:7f:f9:d0:51:f4:12:90:ea:ff:
2d:76:74:ed:76:78:18:29:57:7c:30:f3:56:16:cf:
d0:9f:f3:e6:2c:ee:6b:99:b9:0e:d7:0d:1a:2d:fe:
6c:46:57:ce:84:98:5f:d8:1e:ba:83:cb:a5:24:c1:
d3:4a:60:d7:7c:8d:69:99:15:94:8f:99:2a:3d:c4:
3d:e9:44:2e:68:45:b1:57:1a:81:63:37:0f:a6:35:
18:44:93:5c:2a:79:3a:14:3c:69:6d:4e:ca:89:05:
d1:a5:55:39:94:37:34:14:54:8d:0a:5a:92:3a:c0:
47:b1:a6:9f:e9:a5:c4:20:c7:ef:d4:6b:01:ad:fa:
ed:36:f6:d3:46:3a:f4:2d:35:97:95:d6:cd:04:df:
3f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:78:B5:DB:D8:F0:CF:3C:3B:29:E6:F5:5B:27:5F:C4:95:69:07:B1
X509v3 Authority Key Identifier:
keyid:12:01:CC:34:30:74:10:2E:FA:7F:0C:30:F2:94:99:E1:AD:56:E2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/53i129jwzzw7Keb1WydfxJVpB7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/EgHMNDB0EC76fwww8pSZ4a1W4p8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.160.0/19
91.208.160.0/24
130.0.72.0/21
185.165.16.0/22
194.50.164.0/24
195.137.170.0/24
IPv6:
2a00:f660::/32
2a03:9480::/32
Signature Algorithm: sha256WithRSAEncryption
55:60:b6:e3:98:d3:d5:3f:21:6f:9e:2d:94:6c:c6:0d:0f:4c:
e9:b9:f3:85:18:da:0f:e7:87:0c:93:7f:18:6d:0a:7f:45:52:
ec:43:10:99:6f:14:e9:da:12:7e:26:e9:4a:fc:75:2f:fa:c7:
7d:d6:65:f3:49:1b:5a:1f:af:a6:26:a8:c8:13:f6:b7:b9:cc:
26:00:e6:e5:62:bc:8a:85:44:7a:e3:dd:01:81:de:92:c2:3f:
f3:a1:f2:1f:da:61:ad:18:68:10:e7:b8:03:a5:a8:f4:4e:2f:
22:72:a9:5e:7f:5a:d3:99:c6:9d:05:8a:87:fe:3c:44:01:ea:
1e:0d:6f:1f:1a:1d:57:e1:77:31:f2:47:6a:91:00:37:bd:6d:
ef:ad:ec:1b:9c:08:50:0e:d1:1b:8f:cd:5d:b8:ca:7a:b0:36:
76:6f:bd:84:b2:66:aa:81:19:7b:4e:8b:cf:60:7f:ac:8c:51:
7a:f9:bd:03:e5:eb:48:a7:f3:dc:00:dc:ad:18:16:23:0b:3c:
22:8a:48:2b:12:62:19:a9:70:1b:84:a6:20:9f:f1:96:2d:8b:
ac:d8:b9:58:02:1b:2f:cb:fc:93:f7:bb:1e:af:63:5e:d1:b9:
b0:fa:3c:ff:b4:3d:1f:e9:46:d9:1d:89:dd:39:55:68:26:a0:
30:91:12:1d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzJvFT12PnuQPAH//LA96vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMDFjYzM0MzA3NDEwMmVmYTdmMGMzMGYyOTQ5OWUxYWQ1
NmUyOWYwHhcNMjQwMTAyMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzc4YjVkYmQ4ZjBjZjNjM2IyOWU2ZjU1YjI3NWZjNDk1NjkwN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBwilQjrM7IOT8BWDnniTbWj3c8n
nLmjMdCpofus72dZ1Oie5mAqKgG1ATgTucy7bm+QVr/uaQFtmXG6g9sAa9XDBzvh
Jvwg7Phjb1qd5fovpmdiSE08ly+zxrn6hiXpZ4PUlmE+IWe0dgaocUp/+dBR9BKQ
6v8tdnTtdngYKVd8MPNWFs/Qn/PmLO5rmbkO1w0aLf5sRlfOhJhf2B66g8ulJMHT
SmDXfI1pmRWUj5kqPcQ96UQuaEWxVxqBYzcPpjUYRJNcKnk6FDxpbU7KiQXRpVU5
lDc0FFSNClqSOsBHsaaf6aXEIMfv1GsBrfrtNvbTRjr0LTWXldbNBN8/dQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOd4tdvY8M88Oynm9VsnX8SVaQexMB8GA1UdIwQY
MBaAFBIBzDQwdBAu+n8MMPKUmeGtVuKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWdITU5EQjBFQzc2Znd3dzhwU1o0YTFXNHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kMTYyOGEtMzNjOC00ZTQ3LWJmZWQt
OTllZDY3MzBmODRhLzEvNTNpMTI5and6enc3S2ViMVd5ZGZ4SlZwQjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kMTYyOGEtMzNjOC00ZTQ3LWJmZWQtOTllZDY3MzBmODRh
LzEvRWdITU5EQjBFQzc2Znd3dzhwU1o0YTFXNHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFLqegAwQA
W9CgAwQDggBIAwQCuaUQAwQAwjKkAwQAw4mqMBQEAgACMA4DBQAqAPZgAwUAKgOU
gDANBgkqhkiG9w0BAQsFAAOCAQEAVWC245jT1T8hb54tlGzGDQ9M6bnzhRjaD+eH
DJN/GG0Kf0VS7EMQmW8U6doSfibpSvx1L/rHfdZl80kbWh+vpiaoyBP2t7nMJgDm
5WK8ioVEeuPdAYHeksI/86HyH9phrRhoEOe4A6Wo9E4vInKpXn9a05nGnQWKh/48
RAHqHg1vHxodV+F3MfJHapEAN71t763sG5wIUA7RG4/NXbjKerA2dm+9hLJmqoEZ
e06Lz2B/rIxRevm9A+XrSKfz3ADcrRgWIws8IopIKxJiGalwG4SmIJ/xli2LrNi5
WAIbL8v8k/e7Hq9jXtG5sPo8/7Q9H+lG2R2J3TlVaCagMJESHQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:26 2024 by rpki-client on console-fra.rpki-client.org