Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/R1L4RtgPRkaw1v1KJCuXp-AiBNo.roa
File: R1L4RtgPRkaw1v1KJCuXp-AiBNo.roa (raw, json)
Hash identifier: nGOHWhbdXLHaJlQDHhswqiqh6P+Ha6dOei1hwUnK0rI=
Subject key identifier: 47:52:F8:46:D8:0F:46:46:B0:D6:FD:4A:24:2B:97:A7:E0:22:04:DA
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E68F6BAFBB53F7674269404D249D5
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/R1L4RtgPRkaw1v1KJCuXp-AiBNo.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5606
IP address blocks: 176.223.114.0/24 maxlen: 24
93.174.162.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.248.139.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
45.14.236.0/24 maxlen: 24
89.39.7.0/24 maxlen: 24
89.39.6.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
89.34.101.0/24 maxlen: 24
89.42.133.0/24 maxlen: 24
188.241.73.0/24 maxlen: 24
188.241.72.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
31.14.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:68:f6:ba:fb:b5:3f:76:74:26:94:04:d2:49:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4752f846d80f4646b0d6fd4a242b97a7e02204da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5f:e3:b1:81:e3:9b:75:46:71:8d:e5:a3:ed:
29:b3:71:cf:4e:dc:19:ac:85:93:6b:99:c7:18:e7:
eb:3e:ef:e3:e0:80:ea:7c:02:65:47:be:68:98:56:
de:61:16:13:28:d3:7e:43:a6:3b:2f:78:e2:fb:55:
00:41:6f:c0:b6:26:d3:c6:72:cf:27:cf:8d:6d:41:
0f:fe:1c:74:24:55:73:2d:42:af:0d:04:b2:15:af:
e9:16:84:6f:c9:53:68:6a:ad:05:fa:73:73:2c:65:
c2:77:1d:86:18:2f:e6:cd:f8:b5:57:15:fa:b4:81:
4b:c6:21:0a:69:98:e4:48:62:8d:6f:e7:a5:fa:06:
80:5b:a4:83:42:cd:32:4d:d7:bc:18:19:fc:09:0d:
ca:6a:b0:75:92:dc:e5:04:c0:59:bd:5a:ce:8a:d5:
d7:2e:dd:e2:4f:35:8a:b6:a8:74:8f:a5:7d:c2:9a:
08:b0:9b:e0:4e:ca:11:42:c4:47:f4:66:03:c6:56:
56:fe:ae:0b:61:10:09:10:77:a9:2b:cf:85:83:7b:
c1:5f:af:c2:f6:25:6b:29:44:98:b2:02:01:eb:ff:
27:ff:76:8f:f6:31:30:35:ab:0e:73:d8:25:41:c9:
82:e8:86:04:27:40:31:c3:3d:53:3a:8c:d1:61:8c:
ca:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:52:F8:46:D8:0F:46:46:B0:D6:FD:4A:24:2B:97:A7:E0:22:04:DA
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/R1L4RtgPRkaw1v1KJCuXp-AiBNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.236.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.34.101.0/24
89.39.6.0/23
89.42.133.0/24
92.114.2.0/23
93.174.160.0/24
93.174.162.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
185.248.139.0/24
188.240.0.0/24
188.241.72.0/22
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
96:e5:56:5e:d2:0a:08:ca:28:38:cd:d7:b4:57:2e:b3:8d:e5:
a1:06:99:62:49:e5:50:14:f9:56:93:e0:c2:2b:19:40:08:dd:
9e:66:d8:3c:09:ad:c7:70:4c:59:fb:c0:58:56:ed:b8:85:40:
a2:86:32:78:1e:d8:74:f2:83:aa:36:c7:55:6f:ab:de:55:34:
0e:5f:0d:c7:6d:6d:8a:d3:3d:f9:86:a4:93:b3:b8:b2:1d:ed:
04:8e:10:24:4d:80:8d:f5:8d:a9:ad:f2:0c:1b:3e:b0:ea:4c:
77:57:b8:bc:73:99:e4:2c:f4:5a:5b:5e:2e:8c:34:49:41:0b:
ae:35:ea:c3:cb:38:f7:96:25:01:4d:14:85:3a:40:b5:46:43:
0e:1a:c2:4e:86:53:60:0d:1c:77:b7:1b:1b:1d:02:ab:6b:74:
3a:80:6b:fb:34:a7:de:3a:5e:7a:0c:3f:fd:cd:49:64:c9:18:
cc:de:26:a1:c7:7d:39:5f:5d:53:3a:0b:eb:b0:f6:fe:be:6d:
f3:ab:8f:d3:86:ed:9c:b4:ee:fd:14:ce:6c:56:71:9a:cf:64:
bd:69:ea:42:22:e2:61:71:24:66:d9:62:85:a9:8a:ad:67:95:
86:55:62:c6:e2:49:50:71:7b:52:7b:2d:fe:c1:39:74:fd:f8:
17:1a:44:02
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzJTmj2uvu1P3Z0JpQE0knVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzUyZjg0NmQ4MGY0NjQ2YjBkNmZkNGEyNDJiOTdhN2UwMjIwNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF/jsYHjm3VGcY3lo+0ps3HPTtwZ
rIWTa5nHGOfrPu/j4IDqfAJlR75omFbeYRYTKNN+Q6Y7L3ji+1UAQW/AtibTxnLP
J8+NbUEP/hx0JFVzLUKvDQSyFa/pFoRvyVNoaq0F+nNzLGXCdx2GGC/mzfi1VxX6
tIFLxiEKaZjkSGKNb+el+gaAW6SDQs0yTde8GBn8CQ3KarB1ktzlBMBZvVrOitXX
Lt3iTzWKtqh0j6V9wpoIsJvgTsoRQsRH9GYDxlZW/q4LYRAJEHepK8+Fg3vBX6/C
9iVrKUSYsgIB6/8n/3aP9jEwNasOc9glQcmC6IYEJ0Axwz1TOozRYYzKIwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFEdS+EbYD0ZGsNb9SiQrl6fgIgTaMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvUjFMNFJ0Z1BSa2F3MXYxS0pDdVhwLUFpQk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAf
DhUDBAAtDuwDBAAtDu4DBAAtQyQDBAEtQyYDBAEtUhwDBABU9xcDBABZImUDBAFZ
JwYDBABZKoUDBAFccgIDBABdrqADBABdrqIDBABdrqcDBACw33IwDAMEA7ncuAME
ALncugMEALn4iwMEALzwAAMEArzxSAMEAMEQkAMEAcHIPjANBgkqhkiG9w0BAQsF
AAOCAQEAluVWXtIKCMooOM3XtFcus43loQaZYknlUBT5VpPgwisZQAjdnmbYPAmt
x3BMWfvAWFbtuIVAooYyeB7YdPKDqjbHVW+r3lU0Dl8Nx21titM9+Yakk7O4sh3t
BI4QJE2AjfWNqa3yDBs+sOpMd1e4vHOZ5Cz0WlteLow0SUELrjXqw8s495YlAU0U
hTpAtUZDDhrCToZTYA0cd7cbGx0Cq2t0OoBr+zSn3jpeegw//c1JZMkYzN4mocd9
OV9dUzoL67D2/r5t86uP04btnLTu/RTObFZxms9kvWnqQiLiYXEkZtlihamKrWeV
hlVixuJJUHF7Unst/sE5dP34FxpEAg==
-----END CERTIFICATE-----
Generated at Sun May 19 03:49:17 2024 by rpki-client on console-fra.rpki-client.org