Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/g3RE4aLRKRMGeDScq0sc1L8YszU.roa
File: g3RE4aLRKRMGeDScq0sc1L8YszU.roa (raw, json)
Hash identifier: yTCVuZPryEhgYhmM/ughZrXKLJlK0j/I6c1aZgFqjag=
Subject key identifier: 83:74:44:E1:A2:D1:29:13:06:78:34:9C:AB:4B:1C:D4:BF:18:B3:35
Certificate issuer: /CN=8f6d2ac9b68c32711f7e87fde5234584f5bcf4f2
Certificate serial: 018CC6B9200A33F3680B858D0D1399D2B84C
Authority key identifier: 8F:6D:2A:C9:B6:8C:32:71:1F:7E:87:FD:E5:23:45:84:F5:BC:F4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j20qybaMMnEffof95SNFhPW89PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/g3RE4aLRKRMGeDScq0sc1L8YszU.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198291
IP address blocks: 185.124.44.0/22 maxlen: 24
46.232.138.0/24 maxlen: 24
46.232.139.0/24 maxlen: 24
46.232.136.0/21 maxlen: 24
46.232.136.0/24 maxlen: 24
46.232.137.0/24 maxlen: 24
46.232.141.0/24 maxlen: 24
46.232.142.0/24 maxlen: 24
46.232.140.0/24 maxlen: 24
46.232.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/j20qybaMMnEffof95SNFhPW89PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/j20qybaMMnEffof95SNFhPW89PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/j20qybaMMnEffof95SNFhPW89PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:20:0a:33:f3:68:0b:85:8d:0d:13:99:d2:b8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f6d2ac9b68c32711f7e87fde5234584f5bcf4f2
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=837444e1a2d129130678349cab4b1cd4bf18b335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:27:91:14:5d:69:fc:b8:9c:b2:a7:ca:54:
b3:a4:9f:bb:71:f0:c2:a4:a1:e5:52:9a:41:3a:b5:
e7:95:0b:01:7e:d2:50:0d:9a:b8:28:4d:e6:df:d7:
be:26:8e:19:e7:ab:a6:6e:f1:6d:d0:cf:15:f1:32:
67:c5:e2:75:6c:16:c8:f9:90:a7:ef:ed:2c:fe:73:
a2:53:c3:58:46:b1:73:17:e8:87:a1:c8:4e:f0:b1:
3b:64:ea:06:fb:09:e9:75:77:a6:3d:0c:13:df:5e:
5f:c8:d4:5c:67:e7:45:48:e4:13:14:b0:8e:1c:15:
db:06:c4:92:93:72:d8:6a:72:c6:d6:dd:68:e2:8f:
84:42:48:95:ad:ce:cc:96:31:95:10:75:b3:fe:3d:
a1:0d:5f:7d:ee:20:28:94:e6:d5:78:95:f8:ac:67:
21:86:ab:4a:ed:a5:f4:2e:b8:62:d7:23:e6:2f:b4:
db:db:2d:66:8d:24:ba:33:76:69:c1:01:25:9c:5c:
7a:5c:b9:f1:36:22:88:af:8a:46:1f:06:f0:98:5e:
08:02:14:7d:30:a0:67:0b:f1:05:2f:b5:cb:25:e7:
c6:40:5c:9e:c6:d6:b3:3b:e3:1c:20:89:3a:b1:d7:
09:3b:3a:60:80:1e:3c:c3:d8:7a:c7:d7:c9:f4:9a:
2e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:74:44:E1:A2:D1:29:13:06:78:34:9C:AB:4B:1C:D4:BF:18:B3:35
X509v3 Authority Key Identifier:
keyid:8F:6D:2A:C9:B6:8C:32:71:1F:7E:87:FD:E5:23:45:84:F5:BC:F4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j20qybaMMnEffof95SNFhPW89PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/g3RE4aLRKRMGeDScq0sc1L8YszU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/j20qybaMMnEffof95SNFhPW89PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.136.0/21
185.124.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:20:fe:1d:2b:a0:44:93:a5:c4:29:06:7a:20:cc:00:78:5d:
b5:16:5b:6a:2f:61:a5:76:09:d5:f1:c8:53:0a:09:b5:4f:d7:
81:9a:93:c0:8a:2d:36:f6:86:05:a0:96:05:74:45:f1:bc:a1:
81:58:fb:20:28:25:b3:42:5b:52:67:eb:01:98:90:ad:d6:98:
0d:9e:4a:71:d7:fe:02:49:e6:43:51:7b:c4:ed:ca:bb:c1:74:
e5:19:63:79:27:a3:e0:a5:e0:ff:3d:b0:95:12:ab:b3:a7:9c:
e5:c0:84:a6:1f:96:e1:b0:fe:66:c9:58:64:4c:48:8b:bc:d9:
0b:e9:91:3e:7b:30:bd:5c:31:95:44:7b:94:cf:dc:05:b6:bc:
2d:90:c7:e7:43:0b:c9:85:45:5a:9f:08:d2:bc:91:b1:25:02:
9d:3d:77:dc:ec:58:75:5e:28:f2:64:7d:ec:3a:48:ff:91:4c:
4a:46:01:44:16:d6:13:a6:ed:a8:15:6e:22:5d:59:00:05:88:
fd:53:9b:12:69:47:82:80:78:4d:a6:0d:9c:9a:b0:d6:8b:11:
e8:3f:07:e5:fb:ed:0d:10:72:d6:fe:be:61:41:f0:ee:2b:65:
ef:6e:ec:4f:24:b5:9a:95:5e:c2:41:61:18:28:0d:58:52:a1:
ea:a5:ce:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuSAKM/NoC4WNDROZ0rhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNmQyYWM5YjY4YzMyNzExZjdlODdmZGU1MjM0NTg0ZjVi
Y2Y0ZjIwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc0NDRlMWEyZDEyOTEzMDY3ODM0OWNhYjRiMWNkNGJmMThiMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/InkRRdafy4nLKnylSzpJ+7cfDC
pKHlUppBOrXnlQsBftJQDZq4KE3m39e+Jo4Z56umbvFt0M8V8TJnxeJ1bBbI+ZCn
7+0s/nOiU8NYRrFzF+iHochO8LE7ZOoG+wnpdXemPQwT315fyNRcZ+dFSOQTFLCO
HBXbBsSSk3LYanLG1t1o4o+EQkiVrc7MljGVEHWz/j2hDV997iAolObVeJX4rGch
hqtK7aX0Lrhi1yPmL7Tb2y1mjSS6M3ZpwQElnFx6XLnxNiKIr4pGHwbwmF4IAhR9
MKBnC/EFL7XLJefGQFyextazO+McIIk6sdcJOzpggB48w9h6x9fJ9JouywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIN0ROGi0SkTBng0nKtLHNS/GLM1MB8GA1UdIwQY
MBaAFI9tKsm2jDJxH36H/eUjRYT1vPTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajIwcXliYU1NbkVmZm9mOTVTTkZoUFc4OVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lNzhlZTEtMGEyYS00NmM5LTk3Njkt
Zjk0ZjA4NGIxZWU3LzEvZzNSRTRhTFJLUk1HZURTY3Ewc2MxTDhZc3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lNzhlZTEtMGEyYS00NmM5LTk3NjktZjk0ZjA4NGIxZWU3
LzEvajIwcXliYU1NbkVmZm9mOTVTTkZoUFc4OVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLuiIAwQC
uXwsMA0GCSqGSIb3DQEBCwUAA4IBAQCzIP4dK6BEk6XEKQZ6IMwAeF21FltqL2Gl
dgnV8chTCgm1T9eBmpPAii029oYFoJYFdEXxvKGBWPsgKCWzQltSZ+sBmJCt1pgN
nkpx1/4CSeZDUXvE7cq7wXTlGWN5J6PgpeD/PbCVEquzp5zlwISmH5bhsP5myVhk
TEiLvNkL6ZE+ezC9XDGVRHuUz9wFtrwtkMfnQwvJhUVanwjSvJGxJQKdPXfc7Fh1
XijyZH3sOkj/kUxKRgFEFtYTpu2oFW4iXVkABYj9U5sSaUeCgHhNpg2cmrDWixHo
Pwfl++0NEHLW/r5hQfDuK2XvbuxPJLWalV7CQWEYKA1YUqHqpc67
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:23:33 2024 by rpki-client on console-ams.rpki-client.org