Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/cd3f48-f7b2-4405-a159-ac1bf80544ca/1/CvMAjknImyyxnAljqbyguBH8RB0.roa
File: CvMAjknImyyxnAljqbyguBH8RB0.roa (raw, json)
Hash identifier: NS5gCK1k/+oqTCjiwyY/zckpc4ef9Z1061VZy9BvsLw=
Subject key identifier: 0A:F3:00:8E:49:C8:9B:2C:B1:9C:09:63:A9:BC:A0:B8:11:FC:44:1D
Certificate issuer: /CN=efcfc7cf5709588a7087e6c9e10ecaaa8aba59f5
Certificate serial: 018CC56F0372F46B805056DA8A5E2C4F3978
Authority key identifier: EF:CF:C7:CF:57:09:58:8A:70:87:E6:C9:E1:0E:CA:AA:8A:BA:59:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/78_Hz1cJWIpwh-bJ4Q7Kqoq6WfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/cd3f48-f7b2-4405-a159-ac1bf80544ca/1/CvMAjknImyyxnAljqbyguBH8RB0.roa
Signing time: Mon 01 Jan 2024 14:30:36 +0000
ROA not before: Mon 01 Jan 2024 14:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50115
IP address blocks: 194.54.160.0/22 maxlen: 24
185.236.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/cd3f48-f7b2-4405-a159-ac1bf80544ca/1/78_Hz1cJWIpwh-bJ4Q7Kqoq6WfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/cd3f48-f7b2-4405-a159-ac1bf80544ca/1/78_Hz1cJWIpwh-bJ4Q7Kqoq6WfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/78_Hz1cJWIpwh-bJ4Q7Kqoq6WfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:03:72:f4:6b:80:50:56:da:8a:5e:2c:4f:39:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efcfc7cf5709588a7087e6c9e10ecaaa8aba59f5
Validity
Not Before: Jan 1 14:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0af3008e49c89b2cb19c0963a9bca0b811fc441d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:11:4f:8c:54:61:ca:78:db:0f:37:f2:7d:51:
90:bf:a6:3a:41:17:0f:e3:9b:7a:f6:6b:ff:10:8a:
b1:ed:2d:46:6c:f0:dd:29:11:97:49:f3:04:52:fc:
1b:72:b4:a2:cf:f4:bc:f0:7b:fd:5e:e6:6e:30:3d:
08:38:30:a9:d3:f7:fe:70:3c:43:8b:ea:c8:7e:6d:
70:92:34:46:c7:30:d0:43:26:8a:ee:10:22:04:aa:
b4:0c:d0:18:af:ad:d4:8f:c4:c3:4a:c4:e4:28:d7:
99:10:a2:63:7b:9d:d6:49:10:27:28:3d:d8:ef:b3:
9a:a1:14:a9:29:1b:4a:09:e3:e7:3f:99:73:e3:ae:
07:d0:00:3f:df:87:60:47:80:4b:dc:81:8e:cb:0c:
48:1b:1b:7f:84:0c:08:18:01:74:15:d1:f6:62:7d:
5c:5a:53:8f:61:61:c9:8d:b1:da:93:cc:d3:c7:08:
d7:a5:98:a3:eb:3a:71:a4:f4:ee:d6:1c:e5:d9:93:
0f:37:e6:56:9d:dc:3e:86:e7:80:4c:e5:25:d1:54:
71:c9:2e:6e:19:9d:32:07:1f:b9:a8:ed:2d:5e:7a:
3b:83:e3:8a:33:f9:c2:c3:3b:72:19:a6:f3:20:ae:
51:79:fb:cc:1f:29:85:42:1d:18:33:cb:84:69:f1:
f0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F3:00:8E:49:C8:9B:2C:B1:9C:09:63:A9:BC:A0:B8:11:FC:44:1D
X509v3 Authority Key Identifier:
keyid:EF:CF:C7:CF:57:09:58:8A:70:87:E6:C9:E1:0E:CA:AA:8A:BA:59:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/78_Hz1cJWIpwh-bJ4Q7Kqoq6WfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/cd3f48-f7b2-4405-a159-ac1bf80544ca/1/CvMAjknImyyxnAljqbyguBH8RB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/cd3f48-f7b2-4405-a159-ac1bf80544ca/1/78_Hz1cJWIpwh-bJ4Q7Kqoq6WfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.46.0/24
194.54.160.0/22
Signature Algorithm: sha256WithRSAEncryption
85:3a:23:88:54:22:96:db:4d:93:c6:d0:8a:2e:14:74:6d:1e:
7b:ec:25:88:74:3e:96:71:96:16:b7:1c:2a:fb:77:e6:13:89:
18:6b:72:64:2b:ff:ea:32:b0:0e:03:5c:52:df:65:02:be:d4:
1c:32:3c:2f:a8:1d:fe:63:c0:24:bb:53:80:4b:d5:ac:40:47:
37:d6:bf:1d:20:e5:c1:1d:fd:45:0d:6c:6f:9f:cb:eb:a9:84:
c6:26:52:89:d0:e9:9b:36:2b:03:92:3f:95:fe:fb:ff:ba:ab:
07:6f:41:04:f1:43:4c:70:6a:ca:30:6f:9e:db:44:3d:3c:62:
85:f9:78:eb:85:4d:07:28:95:35:8f:fb:8d:d0:3d:81:8f:a5:
c3:52:25:49:bd:d1:18:ea:2a:75:8c:dc:9e:78:48:0f:1a:3e:
05:0b:06:93:f9:32:1a:76:70:08:fe:6e:98:db:31:26:4b:98:
2d:67:88:5a:90:37:5f:d7:d5:a5:92:23:e8:16:40:04:84:a2:
4f:d3:a5:3e:e6:a6:b3:cc:96:c6:75:b8:5d:1e:92:ae:fa:43:
65:04:5b:87:88:38:f7:bc:01:40:b0:e3:0c:18:3c:a0:b8:b0:
3a:a7:fe:be:54:0a:bf:08:f7:16:0b:8f:51:0b:f6:18:3e:40:
b4:cc:b1:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbwNy9GuAUFbail4sTzl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmY2ZjN2NmNTcwOTU4OGE3MDg3ZTZjOWUxMGVjYWFhOGFi
YTU5ZjUwHhcNMjQwMTAxMTQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWYzMDA4ZTQ5Yzg5YjJjYjE5YzA5NjNhOWJjYTBiODExZmM0NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRFPjFRhynjbDzfyfVGQv6Y6QRcP
45t69mv/EIqx7S1GbPDdKRGXSfMEUvwbcrSiz/S88Hv9XuZuMD0IODCp0/f+cDxD
i+rIfm1wkjRGxzDQQyaK7hAiBKq0DNAYr63Uj8TDSsTkKNeZEKJje53WSRAnKD3Y
77OaoRSpKRtKCePnP5lz464H0AA/34dgR4BL3IGOywxIGxt/hAwIGAF0FdH2Yn1c
WlOPYWHJjbHak8zTxwjXpZij6zpxpPTu1hzl2ZMPN+ZWndw+hueATOUl0VRxyS5u
GZ0yBx+5qO0tXno7g+OKM/nCwztyGabzIK5RefvMHymFQh0YM8uEafHwVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFArzAI5JyJsssZwJY6m8oLgR/EQdMB8GA1UdIwQY
MBaAFO/Px89XCViKcIfmyeEOyqqKuln1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzhfSHoxY0pXSXB3aC1iSjRRN0txb3E2V2ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jZDNmNDgtZjdiMi00NDA1LWExNTkt
YWMxYmY4MDU0NGNhLzEvQ3ZNQWprbklteXl4bkFsanFieWd1Qkg4UkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jZDNmNDgtZjdiMi00NDA1LWExNTktYWMxYmY4MDU0NGNh
LzEvNzhfSHoxY0pXSXB3aC1iSjRRN0txb3E2V2ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuewuAwQC
wjagMA0GCSqGSIb3DQEBCwUAA4IBAQCFOiOIVCKW202TxtCKLhR0bR577CWIdD6W
cZYWtxwq+3fmE4kYa3JkK//qMrAOA1xS32UCvtQcMjwvqB3+Y8Aku1OAS9WsQEc3
1r8dIOXBHf1FDWxvn8vrqYTGJlKJ0OmbNisDkj+V/vv/uqsHb0EE8UNMcGrKMG+e
20Q9PGKF+XjrhU0HKJU1j/uN0D2Bj6XDUiVJvdEY6ip1jNyeeEgPGj4FCwaT+TIa
dnAI/m6Y2zEmS5gtZ4hakDdf19WlkiPoFkAEhKJP06U+5qazzJbGdbhdHpKu+kNl
BFuHiDj3vAFAsOMMGDyguLA6p/6+VAq/CPcWC49RC/YYPkC0zLGf
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:19:43 2024 by rpki-client on console-fra.rpki-client.org