Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/pghNzngV4ot4nuDrnZtsGbhVSzw.roa
File: pghNzngV4ot4nuDrnZtsGbhVSzw.roa (raw, json)
Hash identifier: H06nZg7b23CoblITaFgaGuuwcRfbf9/WRlHu4oC4y+E=
Subject key identifier: A6:08:4D:CE:78:15:E2:8B:78:9E:E0:EB:9D:9B:6C:19:B8:55:4B:3C
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 018CC7941466F00CA2B4A62E6982D4F99D35
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/pghNzngV4ot4nuDrnZtsGbhVSzw.roa
Signing time: Tue 02 Jan 2024 00:30:19 +0000
ROA not before: Tue 02 Jan 2024 00:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40994
IP address blocks: 46.102.157.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
193.219.97.0/24 maxlen: 24
83.138.55.0/24 maxlen: 24
31.14.17.0/24 maxlen: 24
94.177.8.0/23 maxlen: 24
86.106.182.0/23 maxlen: 24
2a0d:f302::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.mft
rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:14:66:f0:0c:a2:b4:a6:2e:69:82:d4:f9:9d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Jan 2 00:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6084dce7815e28b789ee0eb9d9b6c19b8554b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:37:70:dc:9a:d5:eb:ae:78:55:96:66:18:95:
12:ee:aa:88:e2:dc:1d:10:2c:93:13:3e:97:31:37:
30:67:90:d4:a6:17:dc:18:6e:07:51:77:05:3b:78:
7e:87:1f:72:50:2d:fc:43:48:98:9d:9c:39:19:59:
b9:be:6d:d5:c5:9e:fa:e7:c0:30:58:e3:91:bc:aa:
16:a7:61:25:0c:d7:54:95:16:08:04:7c:aa:96:0b:
72:0e:23:96:88:76:36:ff:c3:0f:79:c3:eb:34:47:
03:2e:25:82:bd:b7:20:43:1a:c2:8e:f4:96:ba:12:
47:b6:aa:ce:bb:2c:25:7b:16:97:25:7e:40:27:ec:
ee:23:ee:d0:2d:ed:51:d7:06:44:e9:a3:42:36:70:
29:c4:62:f5:2b:41:4d:3d:c6:21:bf:9c:eb:ef:fd:
26:0a:34:27:20:6c:16:c4:7e:57:6d:8e:0c:4b:c5:
2a:12:bd:15:3c:80:31:11:93:41:ed:79:bc:a2:ca:
1e:29:c0:ce:dc:50:42:26:8d:79:42:67:20:1e:9e:
40:21:76:f3:be:59:ef:13:04:e2:23:d6:d8:e4:bc:
51:62:bb:5f:cc:a5:3c:3d:e7:2b:19:fb:c5:e2:f7:
d1:b6:dc:e7:1a:e2:4c:74:e4:c9:5b:d0:10:a5:0b:
05:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:08:4D:CE:78:15:E2:8B:78:9E:E0:EB:9D:9B:6C:19:B8:55:4B:3C
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/pghNzngV4ot4nuDrnZtsGbhVSzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
83.138.55.0/24
86.106.182.0/23
94.177.8.0/23
193.219.97.0/24
IPv6:
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
6d:85:83:81:e3:39:15:71:25:f0:2b:12:07:1f:5e:a0:3e:2e:
ad:69:d4:4a:39:13:d5:07:58:f4:45:0e:6b:c7:1e:3b:0e:9b:
2e:45:6a:8c:05:6d:68:dd:4d:25:38:de:1b:1f:94:db:62:7d:
30:c4:5b:e1:ea:a1:2d:8d:23:a2:40:c2:a0:68:96:c4:3e:a0:
73:9c:80:b2:2b:3b:69:21:5b:e7:d3:ab:d9:88:d2:eb:41:a3:
5d:e1:8c:5e:48:bf:92:5a:3e:83:ad:9f:5b:3e:0c:f8:fe:e5:
ce:a3:4d:16:61:05:b6:cd:b0:16:b6:ab:c0:fd:dd:3c:a7:f4:
d4:cb:79:33:54:40:ab:0b:63:d2:24:42:82:c6:62:e0:05:57:
cc:da:03:b6:c7:8a:e0:cc:48:ca:0a:d2:5b:30:37:74:15:b1:
3d:49:00:6f:95:ee:5e:26:b2:a6:03:b5:aa:87:96:dc:54:23:
c8:b3:1e:1f:e2:ef:93:8e:af:6a:a6:25:b9:68:02:89:ba:54:
3c:1e:05:02:75:29:0b:51:b9:0a:02:06:ea:e1:56:a6:b7:13:
fd:5b:ba:11:99:40:ef:d8:4d:d3:ce:85:37:7a:05:fd:9f:94:
76:66:02:d3:56:38:99:24:fd:22:81:aa:72:3d:07:8b:de:29:
a4:95:59:36
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHlBRm8AyitKYuaYLU+Z01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx
ZjgzZGYwHhcNMjQwMTAyMDAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA4NGRjZTc4MTVlMjhiNzg5ZWUwZWI5ZDliNmMxOWI4NTU0YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDdw3JrV6654VZZmGJUS7qqI4twd
ECyTEz6XMTcwZ5DUphfcGG4HUXcFO3h+hx9yUC38Q0iYnZw5GVm5vm3VxZ7658Aw
WOORvKoWp2ElDNdUlRYIBHyqlgtyDiOWiHY2/8MPecPrNEcDLiWCvbcgQxrCjvSW
uhJHtqrOuywlexaXJX5AJ+zuI+7QLe1R1wZE6aNCNnApxGL1K0FNPcYhv5zr7/0m
CjQnIGwWxH5XbY4MS8UqEr0VPIAxEZNB7Xm8osoeKcDO3FBCJo15QmcgHp5AIXbz
vlnvEwTiI9bY5LxRYrtfzKU8PecrGfvF4vfRttznGuJMdOTJW9AQpQsFEQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKYITc54FeKLeJ7g652bbBm4VUs8MB8GA1UdIwQY
MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt
NTg1N2YxYzE3NjI0LzEvcGdoTnpuZ1Y0b3Q0bnVEcm5adHNHYmhWU3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0
LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHw4RAwQB
LmacAwQAU4o3AwQBVmq2AwQBXrEIAwQAwdthMA0EAgACMAcDBQAqDfMCMA0GCSqG
SIb3DQEBCwUAA4IBAQBthYOB4zkVcSXwKxIHH16gPi6tadRKORPVB1j0RQ5rxx47
DpsuRWqMBW1o3U0lON4bH5TbYn0wxFvh6qEtjSOiQMKgaJbEPqBznICyKztpIVvn
06vZiNLrQaNd4YxeSL+SWj6DrZ9bPgz4/uXOo00WYQW2zbAWtqvA/d08p/TUy3kz
VECrC2PSJEKCxmLgBVfM2gO2x4rgzEjKCtJbMDd0FbE9SQBvle5eJrKmA7Wqh5bc
VCPIsx4f4u+Tjq9qpiW5aAKJulQ8HgUCdSkLUbkKAgbq4VamtxP9W7oRmUDv2E3T
zoU3egX9n5R2ZgLTVjiZJP0igapyPQeL3imklVk2
-----END CERTIFICATE-----
Generated at Sun May 19 18:34:26 2024 by rpki-client on console-fra.rpki-client.org