Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/E2smTSH7yEnTmZirLUB9RsNUNd8.roa
File: E2smTSH7yEnTmZirLUB9RsNUNd8.roa (raw, json)
Hash identifier: OjVt4uJMtkil15czyw8SFa8RTHQT8QFqFHGiWoeB6Qs=
Subject key identifier: 13:6B:26:4D:21:FB:C8:49:D3:99:98:AB:2D:40:7D:46:C3:54:35:DF
Certificate issuer: /CN=d47d79c78a830699781b3e4331be092597c34b90
Certificate serial: 018CC9BC60137BD19643D22F1AE5F64192A3
Authority key identifier: D4:7D:79:C7:8A:83:06:99:78:1B:3E:43:31:BE:09:25:97:C3:4B:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1H15x4qDBpl4Gz5DMb4JJZfDS5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/E2smTSH7yEnTmZirLUB9RsNUNd8.roa
Signing time: Tue 02 Jan 2024 10:33:34 +0000
ROA not before: Tue 02 Jan 2024 10:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197558
IP address blocks: 185.103.224.0/22 maxlen: 22
185.10.148.0/22 maxlen: 24
77.237.252.0/22 maxlen: 22
185.98.48.0/22 maxlen: 22
46.253.48.0/20 maxlen: 24
2a00:6400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/1H15x4qDBpl4Gz5DMb4JJZfDS5A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/1H15x4qDBpl4Gz5DMb4JJZfDS5A.mft
rsync://rpki.ripe.net/repository/DEFAULT/1H15x4qDBpl4Gz5DMb4JJZfDS5A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:60:13:7b:d1:96:43:d2:2f:1a:e5:f6:41:92:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d47d79c78a830699781b3e4331be092597c34b90
Validity
Not Before: Jan 2 10:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=136b264d21fbc849d39998ab2d407d46c35435df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:db:4f:63:83:72:15:5f:56:99:de:5c:d0:
d8:6a:0d:77:6a:39:4c:99:d2:02:6c:e9:4e:53:29:
9f:46:50:64:27:9a:66:70:57:6d:9a:95:e8:d9:16:
9f:22:62:64:79:84:8b:b4:77:61:30:ae:00:96:06:
11:de:23:f0:d5:db:ed:94:1f:2a:2d:be:c2:e6:cc:
83:cb:cc:d6:00:f2:76:38:58:86:e9:40:7b:25:d2:
8c:7b:0e:64:a5:ed:22:f5:de:32:19:d1:86:cf:56:
a2:e8:89:72:1e:18:55:ac:50:64:51:f2:a9:17:70:
3c:09:c2:2a:95:83:26:78:1a:09:2b:7c:1d:44:c1:
e5:e3:a0:76:2b:e3:57:ca:f1:bb:bb:d9:36:77:ea:
53:23:b5:f3:fe:bd:da:19:ec:c5:64:e3:49:da:09:
fd:43:76:d1:d1:40:72:d2:55:0a:9e:24:c1:f2:84:
5d:d2:ad:36:6e:fc:e5:61:df:65:11:b4:2b:56:dc:
9f:92:c7:87:00:56:f0:fc:40:9c:b5:18:c8:29:d1:
e2:fd:b7:62:5b:77:16:2f:b7:e6:fa:83:18:1f:9e:
1a:0f:a0:ca:2f:65:a1:e1:51:53:eb:0a:2e:63:8c:
de:cd:e2:2c:cb:68:b8:57:89:b7:9f:c1:21:1f:8c:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6B:26:4D:21:FB:C8:49:D3:99:98:AB:2D:40:7D:46:C3:54:35:DF
X509v3 Authority Key Identifier:
keyid:D4:7D:79:C7:8A:83:06:99:78:1B:3E:43:31:BE:09:25:97:C3:4B:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1H15x4qDBpl4Gz5DMb4JJZfDS5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/E2smTSH7yEnTmZirLUB9RsNUNd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/1H15x4qDBpl4Gz5DMb4JJZfDS5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.48.0/20
77.237.252.0/22
185.10.148.0/22
185.98.48.0/22
185.103.224.0/22
IPv6:
2a00:6400::/32
Signature Algorithm: sha256WithRSAEncryption
33:0a:19:e6:4d:07:b2:fe:04:3a:4f:5f:b1:6c:34:e6:83:3a:
ca:35:37:9a:4d:1e:ad:17:39:2e:39:fe:c3:5c:89:fb:5a:6b:
19:54:ff:55:ca:1c:d6:aa:5f:7b:15:71:3a:d2:91:08:a1:b1:
fa:9a:09:d3:a2:45:ed:34:b6:7a:6e:52:c2:aa:45:ff:a9:71:
94:2d:24:a6:75:50:0e:06:d5:68:70:de:ad:92:57:ca:d7:04:
1e:b1:2e:e2:43:3b:23:09:56:ff:22:7d:67:ff:53:6f:2e:ff:
db:9d:f9:0e:bb:7d:55:bb:1a:43:86:30:d1:35:be:53:4d:5b:
99:8c:fc:04:3f:e9:98:d6:16:d8:07:2e:73:03:d9:f9:05:92:
8d:64:e5:b5:8a:aa:07:46:e8:28:93:e6:c4:22:7d:5f:40:0c:
8e:50:e7:75:c6:a5:44:4b:f8:76:79:d8:52:2f:4e:57:3c:13:
9f:05:35:82:03:34:8f:2e:d8:db:08:29:01:08:29:9e:82:3d:
e6:ce:ef:c9:67:c9:d4:c9:3c:f2:11:e2:25:0c:99:fb:dd:1d:
3e:73:9f:58:f2:6f:64:ad:20:ef:87:60:86:c2:18:b9:69:a2:
61:64:53:f2:1f:42:fd:34:2e:31:ef:78:b3:e3:d5:55:d6:dc:
b7:4c:f7:68
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzJvGATe9GWQ9IvGuX2QZKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0N2Q3OWM3OGE4MzA2OTk3ODFiM2U0MzMxYmUwOTI1OTdj
MzRiOTAwHhcNMjQwMTAyMTAzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzZiMjY0ZDIxZmJjODQ5ZDM5OTk4YWIyZDQwN2Q0NmMzNTQzNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJXbT2ODchVfVpneXNDYag13ajlM
mdICbOlOUymfRlBkJ5pmcFdtmpXo2RafImJkeYSLtHdhMK4AlgYR3iPw1dvtlB8q
Lb7C5syDy8zWAPJ2OFiG6UB7JdKMew5kpe0i9d4yGdGGz1ai6IlyHhhVrFBkUfKp
F3A8CcIqlYMmeBoJK3wdRMHl46B2K+NXyvG7u9k2d+pTI7Xz/r3aGezFZONJ2gn9
Q3bR0UBy0lUKniTB8oRd0q02bvzlYd9lEbQrVtyfkseHAFbw/ECctRjIKdHi/bdi
W3cWL7fm+oMYH54aD6DKL2Wh4VFT6wouY4zezeIsy2i4V4m3n8EhH4wRqwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBNrJk0h+8hJ05mYqy1AfUbDVDXfMB8GA1UdIwQY
MBaAFNR9eceKgwaZeBs+QzG+CSWXw0uQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUgxNXg0cURCcGw0R3o1RE1iNEpKWmZEUzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lMzlhNDItNjdiNy00NzNjLTgzY2Qt
MTk2NDU1NTI0YTYyLzEvRTJzbVRTSDd5RW5UbVppckxVQjlSc05VTmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lMzlhNDItNjdiNy00NzNjLTgzY2QtMTk2NDU1NTI0YTYy
LzEvMUgxNXg0cURCcGw0R3o1RE1iNEpKWmZEUzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELv0wAwQC
Te38AwQCuQqUAwQCuWIwAwQCuWfgMA0EAgACMAcDBQAqAGQAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzChnmTQey/gQ6T1+xbDTmgzrKNTeaTR6tFzkuOf7DXIn7WmsZVP9V
yhzWql97FXE60pEIobH6mgnTokXtNLZ6blLCqkX/qXGULSSmdVAOBtVocN6tklfK
1wQesS7iQzsjCVb/In1n/1NvLv/bnfkOu31VuxpDhjDRNb5TTVuZjPwEP+mY1hbY
By5zA9n5BZKNZOW1iqoHRugok+bEIn1fQAyOUOd1xqVES/h2edhSL05XPBOfBTWC
AzSPLtjbCCkBCCmegj3mzu/JZ8nUyTzyEeIlDJn73R0+c59Y8m9krSDvh2CGwhi5
aaJhZFPyH0L9NC4x73iz49VV1ty3TPdo
-----END CERTIFICATE-----
Generated at Thu May 9 19:29:33 2024 by rpki-client on console-fra.rpki-client.org