Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/CLLC0H2MR8_tWsqFTOP-vLjoUtI.roa
File: CLLC0H2MR8_tWsqFTOP-vLjoUtI.roa (raw, json)
Hash identifier: aT2IDdB2eQQMAyN7OShCQUcR1yfX8FAMgHt+2Velkr4=
Subject key identifier: 08:B2:C2:D0:7D:8C:47:CF:ED:5A:CA:85:4C:E3:FE:BC:B8:E8:52:D2
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 018CCA99DD230DE3242504FACC5B3B7423FF
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/CLLC0H2MR8_tWsqFTOP-vLjoUtI.roa
Signing time: Tue 02 Jan 2024 14:35:30 +0000
ROA not before: Tue 02 Jan 2024 14:35:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48095
IP address blocks: 152.89.130.0/23 maxlen: 23
152.89.128.0/23 maxlen: 23
92.118.42.0/23 maxlen: 23
92.118.40.0/23 maxlen: 23
77.83.170.0/23 maxlen: 23
77.83.168.0/23 maxlen: 23
45.66.236.0/23 maxlen: 23
45.66.238.0/23 maxlen: 23
194.59.202.0/23 maxlen: 23
194.59.200.0/23 maxlen: 23
185.252.168.0/22 maxlen: 22
86.62.58.0/23 maxlen: 23
185.234.4.0/22 maxlen: 22
86.62.56.0/23 maxlen: 23
193.47.236.0/22 maxlen: 22
5.253.118.0/23 maxlen: 23
5.253.116.0/23 maxlen: 23
46.175.152.0/22 maxlen: 22
85.208.122.0/23 maxlen: 23
85.208.120.0/23 maxlen: 23
81.16.128.0/22 maxlen: 22
2.56.50.0/23 maxlen: 23
2.56.48.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:dd:23:0d:e3:24:25:04:fa:cc:5b:3b:74:23:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Jan 2 14:35:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08b2c2d07d8c47cfed5aca854ce3febcb8e852d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:30:dc:f1:56:f9:90:4b:9a:8e:7f:4a:dd:d2:
f6:5d:81:13:92:32:8d:ff:4d:58:58:5b:f3:11:e2:
69:f2:e3:33:0c:e5:90:c4:f7:80:59:ac:9d:40:57:
96:77:43:c5:49:57:e7:7c:dc:24:e7:8e:7b:a1:42:
ba:20:89:fb:07:06:dc:c8:4c:eb:ab:3f:db:a2:94:
5c:a1:db:ec:92:f2:6e:90:87:bd:17:85:c2:3f:98:
d7:78:a2:56:36:a0:c4:43:55:64:6f:bc:19:3b:02:
04:c7:b3:4c:8a:a1:ac:0a:24:1b:16:10:d2:bd:bc:
72:54:28:bf:45:97:35:98:14:e3:13:2e:93:aa:8b:
e2:6e:ce:0d:52:8d:d4:f4:b2:5a:f7:d4:2a:02:9c:
76:cf:0c:87:9c:1f:4b:54:c1:51:db:a0:0b:18:27:
72:43:54:43:e6:f4:71:a1:66:01:9f:c2:1d:2a:9a:
5b:48:7f:12:9d:27:89:56:8f:cb:c8:1b:bb:7e:22:
aa:9f:3a:01:39:5c:2d:46:b0:6e:1d:18:ed:90:fb:
ce:06:76:cc:9e:bf:46:e4:4f:2f:8f:75:10:13:98:
61:ca:2d:32:83:e5:be:d6:74:b3:2f:1b:98:ae:8c:
31:21:39:9a:1c:fb:9f:07:e3:05:96:23:80:2a:00:
8b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B2:C2:D0:7D:8C:47:CF:ED:5A:CA:85:4C:E3:FE:BC:B8:E8:52:D2
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/CLLC0H2MR8_tWsqFTOP-vLjoUtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.48.0/22
5.253.116.0/22
45.66.236.0/22
46.175.152.0/22
77.83.168.0/22
81.16.128.0/22
85.208.120.0/22
86.62.56.0/22
92.118.40.0/22
152.89.128.0/22
185.234.4.0/22
185.252.168.0/22
193.47.236.0/22
194.59.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:f9:19:87:2b:a9:9d:e1:e7:2b:c0:5d:40:47:63:73:ac:58:
65:bf:07:25:d3:1d:41:f4:9f:c8:c9:07:ff:0c:32:01:32:23:
26:e2:4e:e1:a7:96:ac:97:cb:2d:ee:2d:76:28:5c:60:23:19:
5d:72:75:06:aa:ba:18:24:f9:3f:65:bd:92:2b:cf:cd:f7:13:
f0:05:d3:14:9e:16:34:93:56:b2:05:14:ca:86:f1:16:2e:ef:
86:f6:f5:6b:19:ff:00:56:b8:1c:f3:3e:04:a4:a7:cf:47:f8:
6e:2b:73:8b:90:47:60:fa:46:9f:c4:07:48:98:38:8d:9f:9d:
12:b5:53:36:85:73:e0:4d:14:c0:ca:be:de:f5:8e:62:aa:01:
22:8f:d8:11:04:ee:4a:69:3a:54:be:0b:62:fc:72:04:48:73:
19:b4:d4:0f:6e:84:62:4f:fe:15:6b:ac:b4:8f:49:68:d5:3f:
a7:99:d4:61:33:5e:92:0a:05:4c:9c:5d:f4:57:11:eb:8b:97:
26:3a:1b:66:9c:be:12:fd:50:00:9d:da:8a:8c:04:1d:00:b5:
d1:b2:31:3a:60:5c:31:9c:b2:a9:dd:6c:0c:5d:d3:7a:af:70:
df:2c:5c:26:c2:55:e9:a1:68:97:48:bf:e6:dc:a7:27:dd:a7:
bc:a3:ab:5e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzKmd0jDeMkJQT6zFs7dCP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjQwMTAyMTQzNTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIyYzJkMDdkOGM0N2NmZWQ1YWNhODU0Y2UzZmViY2I4ZTg1MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTDc8Vb5kEuajn9K3dL2XYETkjKN
/01YWFvzEeJp8uMzDOWQxPeAWaydQFeWd0PFSVfnfNwk5457oUK6IIn7BwbcyEzr
qz/bopRcodvskvJukIe9F4XCP5jXeKJWNqDEQ1Vkb7wZOwIEx7NMiqGsCiQbFhDS
vbxyVCi/RZc1mBTjEy6Tqovibs4NUo3U9LJa99QqApx2zwyHnB9LVMFR26ALGCdy
Q1RD5vRxoWYBn8IdKppbSH8SnSeJVo/LyBu7fiKqnzoBOVwtRrBuHRjtkPvOBnbM
nr9G5E8vj3UQE5hhyi0yg+W+1nSzLxuYrowxITmaHPufB+MFliOAKgCLPQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAiywtB9jEfP7VrKhUzj/ry46FLSMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvQ0xMQzBIMk1SOF90V3NxRlRPUC12TGpvVXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCAjgwAwQC
Bf10AwQCLULsAwQCLq+YAwQCTVOoAwQCURCAAwQCVdB4AwQCVj44AwQCXHYoAwQC
mFmAAwQCueoEAwQCufyoAwQCwS/sAwQCwjvIMA0GCSqGSIb3DQEBCwUAA4IBAQAK
+RmHK6md4ecrwF1AR2NzrFhlvwcl0x1B9J/IyQf/DDIBMiMm4k7hp5asl8st7i12
KFxgIxldcnUGqroYJPk/Zb2SK8/N9xPwBdMUnhY0k1ayBRTKhvEWLu+G9vVrGf8A
Vrgc8z4EpKfPR/huK3OLkEdg+kafxAdImDiNn50StVM2hXPgTRTAyr7e9Y5iqgEi
j9gRBO5KaTpUvgti/HIESHMZtNQPboRiT/4Va6y0j0lo1T+nmdRhM16SCgVMnF30
VxHri5cmOhtmnL4S/VAAndqKjAQdALXRsjE6YFwxnLKp3WwMXdN6r3DfLFwmwlXp
oWiXSL/m3Kcn3ae8o6te
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:50 2024 by rpki-client on console-fra.rpki-client.org